Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/or-VpgjpPyOYfiaPutfHLKebo6k.roa
File: or-VpgjpPyOYfiaPutfHLKebo6k.roa (raw, json)
Hash identifier: N0RBz0VA19eN1BxrUMTJI434M7m9GMyNweZ/LIJf6vA=
Subject key identifier: A2:BF:95:A6:08:E9:3F:23:98:7E:26:8F:BA:D7:C7:2C:A7:9B:A3:A9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D54578B1E9AF6A668EC4F3F61C0173051
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/or-VpgjpPyOYfiaPutfHLKebo6k.roa
Signing time: Mon 29 Jan 2024 08:30:39 +0000
ROA not before: Mon 29 Jan 2024 08:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395839
IP address blocks: 2a0f:3940::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 06 Mar 2024 08:50:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:57:8b:1e:9a:f6:a6:68:ec:4f:3f:61:c0:17:30:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 29 08:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2bf95a608e93f23987e268fbad7c72ca79ba3a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:92:90:4c:d4:85:58:6e:d1:c5:ea:b4:6b:
36:57:51:32:52:5b:41:36:07:76:11:40:bc:5b:c1:
05:69:ca:07:dc:04:d9:75:96:3f:23:20:2e:39:c2:
5c:72:4e:90:53:31:61:91:9e:df:65:77:1c:a2:7f:
c5:f0:03:87:5a:97:ed:68:f8:34:f3:c6:4e:70:4e:
73:cd:34:d7:45:f2:bf:db:be:b6:33:5a:bd:04:cf:
a3:cf:8e:ee:ef:74:69:65:24:89:ac:23:04:6f:8b:
6b:1a:61:87:ea:2e:4b:03:b4:ad:26:be:86:b0:68:
29:7d:be:c6:47:3e:d4:63:a9:f1:d0:23:25:70:f5:
46:0e:32:50:f3:ec:ea:3d:a7:53:d7:4b:df:98:83:
d9:ff:57:05:d0:17:2a:9f:8a:7e:9b:e6:02:63:a2:
24:16:6f:3b:d6:2b:6b:73:c8:03:7e:df:f6:f2:49:
b0:0e:b0:1d:d2:1a:87:9a:79:0c:70:b3:f4:07:8e:
87:43:79:01:bf:e8:7b:55:a4:d9:9f:f7:ab:91:63:
88:82:7f:15:42:62:c2:2e:c0:1c:fa:4d:ac:c4:35:
34:0c:db:64:32:65:ef:a4:7e:27:d0:a0:49:5e:79:
71:fc:bb:1c:28:04:a6:a9:a7:64:1e:98:ce:a2:36:
39:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BF:95:A6:08:E9:3F:23:98:7E:26:8F:BA:D7:C7:2C:A7:9B:A3:A9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/or-VpgjpPyOYfiaPutfHLKebo6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3940::/29
2a0f:39c0::/29
2a11:4e80::/29
Signature Algorithm: sha256WithRSAEncryption
05:c5:12:77:fe:e1:a1:87:bd:09:4b:96:63:58:3a:17:1d:6b:
c5:1b:21:d9:05:14:42:af:24:1a:3f:1a:38:db:a3:a9:58:fc:
dd:0e:af:f8:db:ac:0b:d0:96:9f:5e:5b:98:7c:55:e9:6a:ba:
89:93:90:1b:c1:58:04:a4:18:3f:70:01:a9:e8:5e:94:e9:ea:
42:63:7b:20:68:4e:20:f1:94:b8:b9:3b:e1:b7:fd:e3:84:cd:
8a:0a:51:c7:04:14:f7:e6:3c:44:f4:e5:a1:9b:86:bf:96:ce:
33:51:96:e7:9b:22:4d:00:b3:79:5a:f4:1a:32:4d:c4:26:51:
e6:b6:7e:ec:38:d5:18:4a:10:be:6d:b1:62:80:9b:16:f7:3f:
e4:50:c9:0f:e6:17:bd:b3:4a:d4:3a:66:3a:d3:46:db:b8:02:
18:ff:f8:e9:ef:4b:30:55:93:99:68:a1:d2:8a:94:e8:08:47:
ad:52:f8:9c:03:ad:76:99:eb:80:6e:9d:0e:d2:c7:84:d3:74:
0d:e8:23:89:c4:36:ab:68:ca:ea:27:83:34:1c:c1:98:84:f5:
b2:ad:f1:12:16:db:50:49:d8:7e:17:54:8a:3c:0a:5d:2c:28:
e4:0b:33:3d:6b:96:f1:ad:3d:44:5b:f4:7d:ff:2a:64:69:ef:
bc:31:64:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1UV4semvamaOxPP2HAFzBRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTI5MDgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJmOTVhNjA4ZTkzZjIzOTg3ZTI2OGZiYWQ3YzcyY2E3OWJhM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWiSkEzUhVhu0cXqtGs2V1EyUltB
Ngd2EUC8W8EFacoH3ATZdZY/IyAuOcJcck6QUzFhkZ7fZXccon/F8AOHWpftaPg0
88ZOcE5zzTTXRfK/2762M1q9BM+jz47u73RpZSSJrCMEb4trGmGH6i5LA7StJr6G
sGgpfb7GRz7UY6nx0CMlcPVGDjJQ8+zqPadT10vfmIPZ/1cF0Bcqn4p+m+YCY6Ik
Fm871itrc8gDft/28kmwDrAd0hqHmnkMcLP0B46HQ3kBv+h7VaTZn/erkWOIgn8V
QmLCLsAc+k2sxDU0DNtkMmXvpH4n0KBJXnlx/LscKASmqadkHpjOojY5SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKK/laYI6T8jmH4mj7rXxyynm6OpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb3ItVnBnanBQeU9ZZmlhUHV0ZkhMS2VibzZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg85QAMF
AyoPOcADBQMqEU6AMA0GCSqGSIb3DQEBCwUAA4IBAQAFxRJ3/uGhh70JS5ZjWDoX
HWvFGyHZBRRCryQaPxo426OpWPzdDq/426wL0JafXluYfFXparqJk5AbwVgEpBg/
cAGp6F6U6epCY3sgaE4g8ZS4uTvht/3jhM2KClHHBBT35jxE9OWhm4a/ls4zUZbn
myJNALN5WvQaMk3EJlHmtn7sONUYShC+bbFigJsW9z/kUMkP5he9s0rUOmY600bb
uAIY//jp70swVZOZaKHSipToCEetUvicA612meuAbp0O0seE03QN6COJxDaraMrq
J4M0HMGYhPWyrfESFttQSdh+F1SKPApdLCjkCzM9a5bxrT1EW/R9/ypkae+8MWTG
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:33 2025 by rpki-client