Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mS7n9x0z8jRQYbZu0WJCx5yj1u0.roa
File: mS7n9x0z8jRQYbZu0WJCx5yj1u0.roa (raw, json)
Hash identifier: A66V6rfSgMHppKDXeetpOL+SrLPHUvOHXkhmHgWgeB0=
Subject key identifier: 99:2E:E7:F7:1D:33:F2:34:50:61:B6:6E:D1:62:42:C7:9C:A3:D6:ED
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191029B67D088C1BFA55A7667DCB2FD942B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mS7n9x0z8jRQYbZu0WJCx5yj1u0.roa
Signing time: Tue 30 Jul 2024 07:47:04 +0000
ROA not before: Tue 30 Jul 2024 07:47:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 2a12:ac43:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 19 Sep 2024 12:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:9b:67:d0:88:c1:bf:a5:5a:76:67:dc:b2:fd:94:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 30 07:47:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=992ee7f71d33f2345061b66ed16242c79ca3d6ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:13:47:e5:49:74:2b:54:c1:88:2e:db:25:e8:
1a:3b:d1:06:29:74:1b:2e:46:87:b4:ef:31:df:2b:
d8:28:89:ff:f7:03:7d:35:66:49:5c:3e:1c:d2:e9:
43:8e:83:06:34:f4:1e:a7:c0:b3:de:e8:c5:39:a7:
07:24:9c:62:9c:fc:25:27:0c:57:b6:9a:25:de:b3:
42:c2:c6:fc:33:ed:1b:4e:f1:18:e5:dc:43:ef:0e:
17:00:cd:d0:96:19:bf:17:6f:5b:bb:79:50:12:e2:
43:c4:9b:79:5f:37:81:bd:2f:45:f7:86:0f:31:f2:
79:54:2d:2f:aa:62:27:78:eb:23:1b:f1:8c:f8:ca:
e1:92:4a:d0:7b:41:0c:9e:a7:09:70:b3:77:bf:88:
a4:45:3b:3d:42:8c:7f:93:0a:e4:84:52:09:d5:3c:
f6:ce:10:7b:d9:cf:80:f8:5b:86:af:32:a4:fc:03:
49:cd:a8:aa:4d:74:61:bc:9a:ba:d8:85:2f:9f:06:
91:d3:93:cd:c7:12:72:1d:69:f3:0c:d9:a1:11:9e:
19:23:23:5d:68:7a:c8:8d:7e:d4:ee:bb:b7:33:89:
36:b7:c1:a7:e0:be:24:8e:8f:ef:00:a1:94:06:59:
e8:c4:07:c0:e6:e2:6f:b6:57:99:e8:64:2a:db:c4:
80:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2E:E7:F7:1D:33:F2:34:50:61:B6:6E:D1:62:42:C7:9C:A3:D6:ED
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mS7n9x0z8jRQYbZu0WJCx5yj1u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ac43:1::/48
Signature Algorithm: sha256WithRSAEncryption
52:bf:63:7b:95:75:54:9d:8c:9d:15:bd:a4:60:7c:ad:a8:9f:
f9:b2:2b:95:2c:ee:97:05:64:97:08:73:8c:ad:57:5c:de:83:
67:c0:bf:f3:bc:04:08:df:2f:6e:e2:00:2d:2c:0a:d7:3b:93:
fb:78:01:bc:49:d4:0f:73:6d:83:12:cb:7b:ef:b8:e4:57:7b:
e4:30:3b:0c:ed:16:0d:64:16:af:5b:61:83:c6:17:33:2d:44:
b7:aa:fc:04:90:7a:1c:f8:c0:65:87:6f:e1:2f:fb:51:6f:e9:
9d:c7:86:1f:45:91:f9:1e:b5:92:4a:9e:83:a8:06:ee:bd:77:
9d:ee:51:a8:a0:6a:a2:78:29:46:22:88:47:8f:76:e2:2f:08:
47:2e:cb:2a:c8:5c:cf:f7:44:0d:ff:fa:33:87:3e:05:45:c3:
97:93:30:f5:92:92:bb:0d:b1:23:87:df:05:dc:ec:dc:b9:39:
fa:ef:16:8d:0a:9e:db:9d:a8:2b:3d:be:3c:74:c1:6b:ba:97:
33:fe:23:21:67:fd:ab:21:68:93:7f:5e:c3:5e:7e:4e:51:27:
01:fb:a2:65:ea:e6:e6:83:d3:ad:3f:70:8b:b2:2d:41:46:06:
9d:4a:50:ce:bb:0c:fa:b2:55:f6:5d:97:4f:59:cc:4a:95:3a:
fc:83:e4:c4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZECm2fQiMG/pVp2Z9yy/ZQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzMwMDc0NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJlZTdmNzFkMzNmMjM0NTA2MWI2NmVkMTYyNDJjNzljYTNkNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBNH5Ul0K1TBiC7bJegaO9EGKXQb
LkaHtO8x3yvYKIn/9wN9NWZJXD4c0ulDjoMGNPQep8Cz3ujFOacHJJxinPwlJwxX
tpol3rNCwsb8M+0bTvEY5dxD7w4XAM3Qlhm/F29bu3lQEuJDxJt5XzeBvS9F94YP
MfJ5VC0vqmIneOsjG/GM+MrhkkrQe0EMnqcJcLN3v4ikRTs9Qox/kwrkhFIJ1Tz2
zhB72c+A+FuGrzKk/ANJzaiqTXRhvJq62IUvnwaR05PNxxJyHWnzDNmhEZ4ZIyNd
aHrIjX7U7ru3M4k2t8Gn4L4kjo/vAKGUBlnoxAfA5uJvtleZ6GQq28SAdQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJku5/cdM/I0UGG2btFiQseco9btMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbVM3bjl4MHo4alJRWWJadTBXSkN4NXlqMXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhKsQwAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBSv2N7lXVUnYydFb2kYHytqJ/5siuVLO6XBWSX
CHOMrVdc3oNnwL/zvAQI3y9u4gAtLArXO5P7eAG8SdQPc22DEst777jkV3vkMDsM
7RYNZBavW2GDxhczLUS3qvwEkHoc+MBlh2/hL/tRb+mdx4YfRZH5HrWSSp6DqAbu
vXed7lGooGqieClGIohHj3biLwhHLssqyFzP90QN//ozhz4FRcOXkzD1kpK7DbEj
h98F3OzcuTn67xaNCp7bnagrPb48dMFrupcz/iMhZ/2rIWiTf17DXn5OUScB+6Jl
6ubmg9OtP3CLsi1BRgadSlDOuwz6slX2XZdPWcxKlTr8g+TE
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:25 2025 by rpki-client