Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nXRJF-PrJjX1tgy9X-UhWebdsZQ.roa
File: nXRJF-PrJjX1tgy9X-UhWebdsZQ.roa (raw, json)
Hash identifier: 7Snpz+7qPK3ctPz8v7oL6mLLNdfmL7tPHTPz3YqSf3s=
Subject key identifier: 9D:74:49:17:E3:EB:26:35:F5:B6:0C:BD:5F:E5:21:59:E6:DD:B1:94
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01915A02D0DBD7C58A96DDA8F56730E4DFD0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nXRJF-PrJjX1tgy9X-UhWebdsZQ.roa
Signing time: Fri 16 Aug 2024 07:06:59 +0000
ROA not before: Fri 16 Aug 2024 07:06:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 2a0f:1940::/29 maxlen: 29
2a11:4800::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 30 Aug 2024 10:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5a:02:d0:db:d7:c5:8a:96:dd:a8:f5:67:30:e4:df:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 16 07:06:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d744917e3eb2635f5b60cbd5fe52159e6ddb194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e8:d4:ce:d4:bc:b2:b0:96:49:55:9c:b1:7f:
33:8f:45:eb:b6:ad:88:02:bf:8d:f2:48:8d:7b:26:
6c:e8:80:75:1d:05:0c:2e:01:e8:33:92:44:f0:5e:
1b:3d:ac:7c:09:4e:de:2d:f0:22:b5:fb:9a:e8:d5:
44:ce:8a:92:f9:9a:93:22:3d:58:70:ef:46:f7:ea:
ce:05:d9:38:c4:eb:1f:05:70:0e:24:fc:87:2b:f8:
e3:41:75:79:32:6c:2d:21:74:06:80:4b:24:22:d1:
ca:88:71:f9:b7:86:7c:0a:f4:2f:29:ae:a7:ca:ee:
19:41:a3:3a:b4:0c:01:51:f6:b2:92:d8:78:f7:dd:
a3:a2:56:b8:a2:4f:42:bc:ad:7b:7c:02:8d:dc:e6:
a4:7d:4a:6c:02:6d:f9:9f:08:a3:3e:b7:70:aa:33:
24:87:67:46:57:a6:76:c4:b4:d1:1b:18:5b:11:91:
8f:ad:6b:fb:b8:23:f6:b8:59:6e:da:bd:24:a3:2b:
18:e3:1e:ea:84:86:a7:c1:03:aa:26:40:55:77:11:
04:1d:5d:96:47:89:a3:c3:21:13:eb:b1:66:02:e2:
9a:50:76:b0:28:62:98:f8:1e:ed:f0:56:b7:d9:d5:
b2:37:97:15:62:d3:13:08:93:99:0d:1e:be:0f:fb:
2f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:74:49:17:E3:EB:26:35:F5:B6:0C:BD:5F:E5:21:59:E6:DD:B1:94
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nXRJF-PrJjX1tgy9X-UhWebdsZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1940::/29
2a11:4800::/29
Signature Algorithm: sha256WithRSAEncryption
c9:5c:2a:f1:13:a6:eb:70:a8:00:68:63:3e:8f:38:6b:da:86:
13:09:8f:de:45:7a:69:a8:43:3f:26:de:9d:4c:ba:26:19:ac:
62:00:d8:19:77:4e:1f:58:c6:03:4b:67:d5:29:25:e9:c3:f6:
0f:33:3f:e3:a2:14:e1:d8:87:7f:08:11:9b:4a:09:63:8b:c8:
c5:f4:f2:70:03:67:95:b5:9c:32:ce:4b:96:ce:69:12:c8:37:
b8:bb:c3:03:e6:ac:30:2d:fb:f3:fe:28:dc:b1:7a:e0:dc:06:
b4:b3:92:40:24:ba:da:55:3d:5e:1a:66:aa:f8:9f:98:08:50:
54:c9:86:d1:14:d0:3d:e0:d6:a5:ac:58:5b:db:75:15:9f:6b:
c8:b1:64:aa:7d:68:b5:c9:7e:5b:7e:36:cd:ed:9e:bc:f0:cb:
61:38:5a:c1:69:da:c0:b9:74:a6:5f:7e:f3:79:83:a2:79:c7:
16:9a:7b:7d:c9:c9:7c:74:f3:61:4e:d7:8e:f7:05:c4:d8:3d:
f6:3d:32:cd:9c:17:b6:74:f7:88:cf:b3:f4:a8:d4:02:11:15:
d8:97:87:6d:80:19:fc:cc:84:0d:5d:af:b0:f1:7e:ca:be:5d:
d3:53:e1:f4:f6:d1:49:04:02:23:67:28:4a:1d:03:20:97:94:
0d:21:1e:ab
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZFaAtDb18WKlt2o9Wcw5N/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODE2MDcwNjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDc0NDkxN2UzZWIyNjM1ZjViNjBjYmQ1ZmU1MjE1OWU2ZGRiMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+jUztS8srCWSVWcsX8zj0Xrtq2I
Ar+N8kiNeyZs6IB1HQUMLgHoM5JE8F4bPax8CU7eLfAitfua6NVEzoqS+ZqTIj1Y
cO9G9+rOBdk4xOsfBXAOJPyHK/jjQXV5MmwtIXQGgEskItHKiHH5t4Z8CvQvKa6n
yu4ZQaM6tAwBUfaykth4992jola4ok9CvK17fAKN3OakfUpsAm35nwijPrdwqjMk
h2dGV6Z2xLTRGxhbEZGPrWv7uCP2uFlu2r0koysY4x7qhIanwQOqJkBVdxEEHV2W
R4mjwyET67FmAuKaUHawKGKY+B7t8Fa32dWyN5cVYtMTCJOZDR6+D/svAQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJ10SRfj6yY19bYMvV/lIVnm3bGUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvblhSSkYtUHJKalgxdGd5OVgtVWhXZWJkc1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg8ZQAMF
AyoRSAAwDQYJKoZIhvcNAQELBQADggEBAMlcKvETputwqABoYz6POGvahhMJj95F
emmoQz8m3p1MuiYZrGIA2Bl3Th9YxgNLZ9UpJenD9g8zP+OiFOHYh38IEZtKCWOL
yMX08nADZ5W1nDLOS5bOaRLIN7i7wwPmrDAt+/P+KNyxeuDcBrSzkkAkutpVPV4a
Zqr4n5gIUFTJhtEU0D3g1qWsWFvbdRWfa8ixZKp9aLXJflt+Ns3tnrzwy2E4WsFp
2sC5dKZffvN5g6J5xxaae33JyXx082FO1473BcTYPfY9Ms2cF7Z094jPs/So1AIR
FdiXh22AGfzMhA1dr7Dxfsq+XdNT4fT20UkEAiNnKEodAyCXlA0hHqs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:19 2025 by rpki-client