Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qtr4QJRrCUMhxBaOEyp4eYusdpA.roa
File: qtr4QJRrCUMhxBaOEyp4eYusdpA.roa (raw, json)
Hash identifier: o7knC7zqCks6MQgVFHMSTZamKb/M9xgR8xDGCyWdxq8=
Subject key identifier: AA:DA:F8:40:94:6B:09:43:21:C4:16:8E:13:2A:78:79:8B:AC:76:90
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC2945D98F267DA9F7016243E6ED23
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qtr4QJRrCUMhxBaOEyp4eYusdpA.roa
Signing time: Tue 02 Jan 2024 10:33:20 +0000
ROA not before: Tue 02 Jan 2024 10:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205266
IP address blocks: 2a0f:b400::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 13:53:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:29:45:d9:8f:26:7d:a9:f7:01:62:43:e6:ed:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aadaf840946b094321c4168e132a78798bac7690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:62:f3:a3:5d:7e:04:e0:56:2a:29:b2:2d:96:
c8:48:7d:2a:d2:a1:2b:7f:e8:9a:f7:a6:0f:07:86:
24:f9:21:2f:af:0c:6a:47:0d:13:97:1e:1d:09:8b:
66:5d:e5:2d:9e:f0:6b:f9:82:96:2a:56:8b:02:4d:
b2:6b:24:75:9c:b3:4d:5e:54:53:f1:ed:1f:8a:84:
57:6a:33:ff:f7:20:a7:b1:10:93:f9:6b:3d:a3:71:
57:3e:1e:de:75:5a:88:40:40:f9:2c:90:7e:3a:10:
3d:b0:0b:bb:1e:39:2e:66:74:f6:4f:51:19:19:d7:
82:03:b4:55:8b:7e:8f:1b:05:dd:83:7d:c7:79:22:
84:a4:40:ad:43:f3:e6:58:d2:bb:36:4d:19:84:e4:
95:d7:6c:ee:1f:ed:f8:3e:ea:cc:89:af:0b:3f:a7:
b0:3f:9c:13:9a:90:f2:1d:cd:92:8e:a8:24:96:eb:
52:58:19:fe:7a:85:44:5e:0a:bf:a1:b6:60:21:8a:
d3:cb:be:b8:f5:70:3c:9b:ef:d7:ed:22:cf:59:e4:
83:4f:8d:c9:27:e9:ca:0d:d9:ef:e7:f1:2c:56:3d:
ba:d3:1e:ae:9a:0c:42:46:bf:bf:91:d6:6f:24:f3:
79:02:51:a0:5d:5b:8c:7d:70:13:39:db:d0:a1:bf:
c9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:DA:F8:40:94:6B:09:43:21:C4:16:8E:13:2A:78:79:8B:AC:76:90
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/qtr4QJRrCUMhxBaOEyp4eYusdpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b400::/29
Signature Algorithm: sha256WithRSAEncryption
93:df:4f:3b:2a:90:80:79:65:bb:e8:19:d1:aa:c2:48:09:d2:
a6:da:73:28:27:1e:d6:81:09:cc:5b:46:c9:9a:69:52:94:9f:
65:d1:5c:6e:30:c9:a5:21:d2:eb:0b:8e:c3:a4:70:b6:32:fb:
58:6f:8b:39:75:05:d0:b7:49:50:3c:88:1f:0a:9e:68:f7:f4:
ab:34:77:dd:52:ac:1f:df:45:a6:fd:c7:ba:74:b2:20:f3:4c:
b1:1a:1d:fd:a9:00:2a:0d:7b:eb:52:2d:47:3a:3f:00:ad:c3:
96:eb:30:2f:27:21:04:a8:55:81:40:60:f8:ad:8b:ac:a9:da:
9c:f2:bd:e0:c4:2a:99:1f:b5:2c:fc:71:8c:ad:60:6c:3e:a7:
c0:27:64:eb:a3:85:90:a3:ac:22:e5:11:c3:1c:fb:e6:27:c4:
0b:f9:44:e5:83:0f:28:cc:23:6e:3a:ac:34:f1:0c:51:ac:26:
5c:de:fc:05:0e:17:c0:a3:b3:db:1a:04:45:0e:44:76:12:4a:
0f:74:e1:2c:c0:3a:1b:4d:5b:52:7e:94:aa:30:f4:49:2e:7a:
45:1b:b9:42:53:3e:06:62:d9:3c:94:7b:4d:18:5b:d0:ef:41:
39:2a:b6:9f:3c:92:c3:74:c3:67:1c:2d:86:d0:38:24:db:4b:
6a:f4:6c:3c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJvClF2Y8mfan3AWJD5u0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWRhZjg0MDk0NmIwOTQzMjFjNDE2OGUxMzJhNzg3OThiYWM3NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGLzo11+BOBWKimyLZbISH0q0qEr
f+ia96YPB4Yk+SEvrwxqRw0Tlx4dCYtmXeUtnvBr+YKWKlaLAk2yayR1nLNNXlRT
8e0fioRXajP/9yCnsRCT+Ws9o3FXPh7edVqIQED5LJB+OhA9sAu7HjkuZnT2T1EZ
GdeCA7RVi36PGwXdg33HeSKEpECtQ/PmWNK7Nk0ZhOSV12zuH+34PurMia8LP6ew
P5wTmpDyHc2SjqgklutSWBn+eoVEXgq/obZgIYrTy7649XA8m+/X7SLPWeSDT43J
J+nKDdnv5/EsVj260x6umgxCRr+/kdZvJPN5AlGgXVuMfXATOdvQob/JKwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKra+ECUawlDIcQWjhMqeHmLrHaQMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcXRyNFFKUnJDVU1oeEJhT0V5cDRlWXVzZHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAk99POyqQgHllu+gZ0arCSAnSptpzKCce1oEJzFtG
yZppUpSfZdFcbjDJpSHS6wuOw6RwtjL7WG+LOXUF0LdJUDyIHwqeaPf0qzR33VKs
H99Fpv3HunSyIPNMsRod/akAKg1761ItRzo/AK3DluswLychBKhVgUBg+K2LrKna
nPK94MQqmR+1LPxxjK1gbD6nwCdk66OFkKOsIuURwxz75ifEC/lE5YMPKMwjbjqs
NPEMUawmXN78BQ4XwKOz2xoERQ5EdhJKD3ThLMA6G01bUn6UqjD0SS56RRu5QlM+
BmLZPJR7TRhb0O9BOSq2nzySw3TDZxwthtA4JNtLavRsPA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:46:07 2025 by rpki-client