Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lKzKB8kAq1wo8_luD_W30CqHi8k.roa
File: lKzKB8kAq1wo8_luD_W30CqHi8k.roa (raw, json)
Hash identifier: KUDUkjcF7Y+nny/JfuNtIXQuLkpSUy4FVJnyjBk+VIE=
Subject key identifier: 94:AC:CA:07:C9:00:AB:5C:28:F3:F9:6E:0F:F5:B7:D0:2A:87:8B:C9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01920A4BBF0130FE879DDCA389B19F99C714
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lKzKB8kAq1wo8_luD_W30CqHi8k.roa
Signing time: Thu 19 Sep 2024 12:39:49 +0000
ROA not before: Thu 19 Sep 2024 12:39:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0a:2d02::/32 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a12:ecc2::/32 maxlen: 48
2a12:ecc3:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 02 Oct 2024 09:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0a:4b:bf:01:30:fe:87:9d:dc:a3:89:b1:9f:99:c7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 19 12:39:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94acca07c900ab5c28f3f96e0ff5b7d02a878bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4a:cf:d6:57:79:62:c4:b8:95:20:9b:38:59:
8c:bc:3f:3b:c9:46:ac:70:9b:55:de:6f:2a:a5:8f:
f8:f1:04:38:93:76:98:1c:d7:09:e8:b6:c6:47:75:
23:af:91:1a:bf:fc:55:80:f9:5c:17:c0:28:25:ba:
57:1a:b0:68:5a:17:90:f0:a1:9e:b4:a1:1d:7f:d1:
99:a4:85:71:b0:d9:8d:23:b7:5d:0d:e6:eb:16:68:
03:49:89:7c:7b:33:96:80:49:07:a2:9c:2d:4d:2c:
17:8b:48:e9:eb:62:28:97:cc:34:16:0c:79:bf:84:
94:5c:00:2c:1a:98:eb:bd:02:7b:69:93:59:5f:40:
52:9a:33:9e:a2:77:89:49:b7:56:73:24:b5:1f:b3:
6c:9d:c8:86:02:fb:7b:db:bd:a0:d6:86:ec:c7:89:
d7:ae:fd:09:38:ba:b0:ca:57:00:f8:2a:c2:5a:71:
1d:bd:a1:85:de:fe:48:a6:4c:c6:de:a6:ba:6b:58:
72:ce:40:9c:4d:f0:f8:7c:28:4c:aa:cc:42:b9:13:
f8:8a:bf:ac:42:65:33:c1:b6:39:98:13:60:80:43:
2d:8c:a0:bc:7b:7f:aa:bb:ac:50:e7:a9:0f:c1:76:
38:4f:a7:73:ad:71:1f:ea:18:d8:f8:fd:f3:81:a0:
ee:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AC:CA:07:C9:00:AB:5C:28:F3:F9:6E:0F:F5:B7:D0:2A:87:8B:C9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lKzKB8kAq1wo8_luD_W30CqHi8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d02::/32
2a0f:3d80:123::/48
2a12:ecc2::/32
2a12:ecc3:2::/48
Signature Algorithm: sha256WithRSAEncryption
68:fb:dc:3a:52:7b:39:ea:4c:bb:d3:d1:c7:58:1f:c3:ff:7a:
f1:23:54:97:e7:68:22:a5:fe:a7:03:e9:9f:57:8f:81:9e:b5:
ed:86:71:e3:b5:88:44:bc:f1:ba:a5:7d:fc:18:5d:76:2a:f3:
07:70:7a:c9:b7:1f:71:91:87:45:ed:f7:f3:83:c6:78:2b:6e:
da:db:50:9f:9a:c8:17:99:ce:ba:fd:df:9c:f7:b5:1e:c4:03:
3e:93:8d:b6:0d:25:e2:bc:4c:8a:ee:e6:cb:3d:d6:a0:6d:16:
af:87:c7:ae:b5:1c:1b:e7:38:c5:0a:3b:8c:a3:0e:f9:0b:78:
88:07:e0:43:a9:ac:2c:eb:ee:d3:bd:f6:cb:e7:7e:d0:70:a3:
4c:c0:12:90:3b:33:c6:78:a3:d2:38:1e:65:b2:64:ec:a9:e2:
6a:5b:b3:1d:0a:2d:ee:9c:0f:ae:fa:9a:dc:6e:fd:66:69:37:
06:12:1f:e3:76:93:73:09:67:f1:16:65:65:f0:cd:e1:98:9e:
0a:41:cf:96:cd:03:2d:29:c1:3f:a8:f6:40:f3:d7:91:63:a3:
59:9d:67:11:61:b5:48:9d:2b:a0:fb:24:a3:3d:e8:3d:ff:46:
95:08:9d:32:3b:79:b9:53:88:1a:3a:af:45:b4:5a:74:83:67:
c6:8f:a2:b8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZIKS78BMP6HndyjibGfmccUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTE5MTIzOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFjY2EwN2M5MDBhYjVjMjhmM2Y5NmUwZmY1YjdkMDJhODc4YmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUrP1ld5YsS4lSCbOFmMvD87yUas
cJtV3m8qpY/48QQ4k3aYHNcJ6LbGR3Ujr5Eav/xVgPlcF8AoJbpXGrBoWheQ8KGe
tKEdf9GZpIVxsNmNI7ddDebrFmgDSYl8ezOWgEkHopwtTSwXi0jp62Iol8w0Fgx5
v4SUXAAsGpjrvQJ7aZNZX0BSmjOeoneJSbdWcyS1H7NsnciGAvt7272g1obsx4nX
rv0JOLqwylcA+CrCWnEdvaGF3v5IpkzG3qa6a1hyzkCcTfD4fChMqsxCuRP4ir+s
QmUzwbY5mBNggEMtjKC8e3+qu6xQ56kPwXY4T6dzrXEf6hjY+P3zgaDu/QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJSsygfJAKtcKPP5bg/1t9Aqh4vJMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbEt6S0I4a0FxMXdvOF9sdURfVzMwQ3FIaThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwUAKgotAgMH
ACoPPYABIwMFACoS7MIDBwAqEuzDAAIwDQYJKoZIhvcNAQELBQADggEBAGj73DpS
eznqTLvT0cdYH8P/evEjVJfnaCKl/qcD6Z9Xj4Gete2GceO1iES88bqlffwYXXYq
8wdwesm3H3GRh0Xt9/ODxngrbtrbUJ+ayBeZzrr935z3tR7EAz6TjbYNJeK8TIru
5ss91qBtFq+Hx661HBvnOMUKO4yjDvkLeIgH4EOprCzr7tO99svnftBwo0zAEpA7
M8Z4o9I4HmWyZOyp4mpbsx0KLe6cD676mtxu/WZpNwYSH+N2k3MJZ/EWZWXwzeGY
ngpBz5bNAy0pwT+o9kDz15Fjo1mdZxFhtUidK6D7JKM96D3/RpUInTI7eblTiBo6
r0W0WnSDZ8aPorg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:00:56 2025 by rpki-client