Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mt8P0-TXo2yeYVsb7EHQWnzN9hY.roa
File: mt8P0-TXo2yeYVsb7EHQWnzN9hY.roa (raw, json)
Hash identifier: poS0dMgl56Af6ON6xaMzEDLt76mjtDixDat+kAd4H08=
Subject key identifier: 9A:DF:0F:D3:E4:D7:A3:6C:9E:61:5B:1B:EC:41:D0:5A:7C:CD:F6:16
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019117ADB18B9E35FCFB68E646212689ECF9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mt8P0-TXo2yeYVsb7EHQWnzN9hY.roa
Signing time: Sat 03 Aug 2024 09:59:04 +0000
ROA not before: Sat 03 Aug 2024 09:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 2a0f:1940::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 16 Aug 2024 07:06:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:17:ad:b1:8b:9e:35:fc:fb:68:e6:46:21:26:89:ec:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 3 09:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9adf0fd3e4d7a36c9e615b1bec41d05a7ccdf616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2b:1c:fc:1d:32:03:6b:db:9e:c0:3b:72:db:
3c:62:33:ed:cd:40:2d:e7:07:48:99:bc:9a:30:e4:
66:7d:65:ec:43:55:8f:26:63:e3:6b:e5:00:2f:88:
7f:ea:de:77:33:2c:e0:11:34:b5:f7:72:33:f7:ee:
72:09:e5:d2:9f:ca:f8:a0:6d:7c:58:7b:5f:ef:5b:
b3:76:d7:99:d5:03:09:b4:46:44:95:bb:93:12:ed:
98:71:72:1a:65:fd:c4:a0:1a:e6:31:3e:bb:fb:c9:
27:70:f3:02:4b:a0:c0:81:8e:b1:b2:bc:0a:68:dc:
a3:67:29:9f:f6:7e:75:63:39:9d:ad:e9:73:22:77:
61:16:a3:d6:f2:8d:84:54:e4:d5:fc:a6:7c:c1:4d:
90:da:b4:12:e2:0c:a5:d5:a9:f3:dd:66:eb:59:59:
26:9c:47:3a:e0:a1:7f:3b:c0:b9:b5:9e:ad:94:5f:
f2:55:6f:20:cd:73:3f:27:99:bd:98:72:23:ff:ca:
cb:3d:b5:8c:c2:81:58:8e:6b:7f:2f:de:85:79:df:
e8:17:a3:7b:42:30:9f:c8:1f:ef:0c:04:ff:81:88:
0f:f9:51:c9:7b:c6:28:fe:d0:7a:ae:3d:c9:9a:21:
d2:ec:d3:1d:1d:0d:e1:99:54:fc:e7:37:31:82:18:
37:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DF:0F:D3:E4:D7:A3:6C:9E:61:5B:1B:EC:41:D0:5A:7C:CD:F6:16
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mt8P0-TXo2yeYVsb7EHQWnzN9hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1940::/29
Signature Algorithm: sha256WithRSAEncryption
15:0f:fc:f5:1a:b0:d2:8e:62:8e:3a:29:6b:6d:b1:16:da:2f:
4a:de:38:2b:e8:5f:0d:66:f4:45:fa:fb:31:8c:cb:2e:ba:c4:
01:76:77:03:0c:7a:f9:50:3a:c5:a4:11:23:57:08:6c:08:13:
6a:e4:ac:19:de:0f:07:1e:08:5f:53:2e:a0:cc:3c:2e:65:70:
dc:07:f1:84:3b:8f:db:44:af:64:a2:74:75:91:dd:0d:6b:9a:
f8:f5:34:52:f1:8c:62:e8:ce:0a:f7:6b:5f:26:b0:e1:7d:c2:
c1:87:45:e9:e4:8a:4f:1a:b9:8b:0f:e1:3c:bb:38:81:44:65:
87:ee:93:3c:3c:31:40:39:e0:4c:f9:a4:cf:0a:ec:7e:ce:ca:
d9:75:6b:86:be:b6:4d:53:1c:f1:bc:80:43:f3:e3:7c:92:62:
00:fb:a6:85:5d:95:74:db:85:54:65:21:a1:0c:41:51:df:2c:
b1:a7:8f:d4:55:86:31:45:01:fa:71:ac:ce:c0:33:15:f1:68:
e1:d3:f1:c0:df:b2:74:d6:2f:f9:b3:ac:fb:f8:e8:9f:ee:08:
30:83:10:dd:79:4d:3c:80:e6:eb:65:10:aa:e9:8d:84:f4:a3:
b2:65:7c:83:2f:fe:ea:3a:d0:db:aa:40:80:18:ad:d0:6d:2f:
34:4d:f0:f8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZEXrbGLnjX8+2jmRiEmiez5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODAzMDk1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRmMGZkM2U0ZDdhMzZjOWU2MTViMWJlYzQxZDA1YTdjY2RmNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSsc/B0yA2vbnsA7cts8YjPtzUAt
5wdImbyaMORmfWXsQ1WPJmPja+UAL4h/6t53MyzgETS193Iz9+5yCeXSn8r4oG18
WHtf71uzdteZ1QMJtEZElbuTEu2YcXIaZf3EoBrmMT67+8kncPMCS6DAgY6xsrwK
aNyjZymf9n51YzmdrelzIndhFqPW8o2EVOTV/KZ8wU2Q2rQS4gyl1anz3WbrWVkm
nEc64KF/O8C5tZ6tlF/yVW8gzXM/J5m9mHIj/8rLPbWMwoFYjmt/L96Fed/oF6N7
QjCfyB/vDAT/gYgP+VHJe8Yo/tB6rj3JmiHS7NMdHQ3hmVT85zcxghg3jQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJrfD9Pk16NsnmFbG+xB0Fp8zfYWMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbXQ4UDAtVFhvMnllWVZzYjdFSFFXbnpOOWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8ZQDAN
BgkqhkiG9w0BAQsFAAOCAQEAFQ/89Rqw0o5ijjopa22xFtovSt44K+hfDWb0Rfr7
MYzLLrrEAXZ3Awx6+VA6xaQRI1cIbAgTauSsGd4PBx4IX1MuoMw8LmVw3AfxhDuP
20SvZKJ0dZHdDWua+PU0UvGMYujOCvdrXyaw4X3CwYdF6eSKTxq5iw/hPLs4gURl
h+6TPDwxQDngTPmkzwrsfs7K2XVrhr62TVMc8byAQ/PjfJJiAPumhV2VdNuFVGUh
oQxBUd8ssaeP1FWGMUUB+nGszsAzFfFo4dPxwN+ydNYv+bOs+/jon+4IMIMQ3XlN
PIDm62UQqumNhPSjsmV8gy/+6jrQ26pAgBit0G0vNE3w+A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:29 2025 by rpki-client