Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/r6bNWxpVcMSMmWtHyGPi4FSUAvQ.roa
File: r6bNWxpVcMSMmWtHyGPi4FSUAvQ.roa (raw, json)
Hash identifier: uRwQ4ltVNezVWxq47g7j+IjKKRq3xbSMt93HjLJwTbE=
Subject key identifier: AF:A6:CD:5B:1A:55:70:C4:8C:99:6B:47:C8:63:E2:E0:54:94:02:F4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CD62834033E580D2FA96B709A2F3A299F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/r6bNWxpVcMSMmWtHyGPi4FSUAvQ.roa
Signing time: Thu 04 Jan 2024 20:26:48 +0000
ROA not before: Thu 04 Jan 2024 20:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a13:18c2::/32 maxlen: 32
2a0e:1a82::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 05 Jan 2024 10:58:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:28:34:03:3e:58:0d:2f:a9:6b:70:9a:2f:3a:29:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 4 20:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afa6cd5b1a5570c48c996b47c863e2e0549402f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:89:8a:53:3a:25:ab:bd:d6:8c:fb:fa:82:f7:
8f:63:ce:10:b6:c9:1e:1b:1c:6a:90:fb:69:22:71:
25:9c:f1:0c:3a:65:05:e6:ff:c0:d6:57:69:59:13:
75:5d:4a:f6:ca:77:d8:71:9a:80:66:48:4d:8a:79:
49:82:bb:8b:6f:16:eb:79:29:91:c5:1f:48:67:61:
1a:22:63:b8:4b:a9:5a:56:ff:28:4c:e4:0a:67:1f:
32:2e:df:e2:07:d0:e4:13:92:8b:a6:3b:f9:d2:d0:
0a:85:f7:1d:6f:2f:c7:ad:65:22:2f:51:ad:b3:66:
1d:e8:41:7d:8c:ef:bd:00:be:08:55:b7:3a:59:f3:
e9:27:ec:35:18:02:8e:a4:21:70:af:69:33:03:22:
71:37:7a:2a:28:0c:08:3b:f9:2f:21:22:20:e0:ca:
09:24:6c:ac:17:48:25:15:c6:54:08:86:d5:bd:4b:
81:13:67:87:2e:dc:58:80:0d:8e:28:f7:c3:d4:2e:
de:30:6a:89:2a:a8:1b:42:40:96:18:c2:0e:9f:8b:
3a:83:93:ce:fa:65:18:63:64:86:e6:a8:22:69:44:
07:d0:95:ba:b0:a6:bf:68:33:37:7f:1a:ac:0b:14:
2e:e5:40:f9:cb:16:c2:e7:57:f3:3e:40:df:93:94:
a2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A6:CD:5B:1A:55:70:C4:8C:99:6B:47:C8:63:E2:E0:54:94:02:F4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/r6bNWxpVcMSMmWtHyGPi4FSUAvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a82::/32
2a0f:1e80:1::/48
2a0f:e841::/32
2a13:18c2::/32
Signature Algorithm: sha256WithRSAEncryption
c7:c9:1a:e9:54:15:ba:2b:23:a1:42:4b:42:c7:c7:ba:f8:57:
1e:1b:84:1e:d0:19:d6:55:0a:6a:e8:0a:65:11:08:df:46:af:
ac:0a:20:32:72:b8:78:9c:0b:63:51:df:c8:cf:ae:6f:bb:39:
46:4a:52:0f:6b:c9:46:c3:d2:c1:e5:7f:7b:67:29:2b:e0:68:
b9:39:e2:c0:d1:9e:5a:b3:62:c2:9a:bf:74:02:cb:e7:97:25:
b4:6d:e3:ec:37:8e:9d:d2:ba:ba:47:8b:8d:e0:59:fb:b5:c1:
32:44:d8:fa:5b:1c:22:43:46:2c:ec:78:f4:98:a5:ec:07:e4:
53:ca:b8:1b:34:f4:29:34:83:91:4a:e1:88:a7:e2:49:1f:74:
85:f7:ae:f4:19:ee:9f:f6:54:f4:f8:e6:0f:a4:5f:6e:64:86:
bc:fa:41:f5:bc:62:f3:77:a4:94:a3:2e:f8:f3:9b:f2:fc:8c:
71:cd:8c:8a:79:2b:29:52:72:8f:54:b6:47:bf:d6:f1:dc:85:
1a:be:88:2f:de:c7:1f:66:90:cb:82:90:96:8b:8a:3d:46:8f:
f6:fc:0a:73:fa:af:38:b0:72:39:a9:e0:fb:eb:d4:35:51:5c:
d9:87:d5:b9:73:5e:e9:48:d5:5a:4c:00:85:56:f2:d0:c3:0b:
43:9e:ea:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzWKDQDPlgNL6lrcJovOimfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTA0MjAyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmE2Y2Q1YjFhNTU3MGM0OGM5OTZiNDdjODYzZTJlMDU0OTQwMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ImKUzolq73WjPv6gvePY84Qtske
GxxqkPtpInElnPEMOmUF5v/A1ldpWRN1XUr2ynfYcZqAZkhNinlJgruLbxbreSmR
xR9IZ2EaImO4S6laVv8oTOQKZx8yLt/iB9DkE5KLpjv50tAKhfcdby/HrWUiL1Gt
s2Yd6EF9jO+9AL4IVbc6WfPpJ+w1GAKOpCFwr2kzAyJxN3oqKAwIO/kvISIg4MoJ
JGysF0glFcZUCIbVvUuBE2eHLtxYgA2OKPfD1C7eMGqJKqgbQkCWGMIOn4s6g5PO
+mUYY2SG5qgiaUQH0JW6sKa/aDM3fxqsCxQu5UD5yxbC51fzPkDfk5SihwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK+mzVsaVXDEjJlrR8hj4uBUlAL0MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcjZiTld4cFZjTVNNbVd0SHlHUGk0RlNVQXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUAKg4aggMH
ACoPHoAAAQMFACoP6EEDBQAqExjCMA0GCSqGSIb3DQEBCwUAA4IBAQDHyRrpVBW6
KyOhQktCx8e6+FceG4Qe0BnWVQpq6AplEQjfRq+sCiAycrh4nAtjUd/Iz65vuzlG
SlIPa8lGw9LB5X97Zykr4Gi5OeLA0Z5as2LCmr90AsvnlyW0bePsN46d0rq6R4uN
4Fn7tcEyRNj6WxwiQ0Ys7Hj0mKXsB+RTyrgbNPQpNIORSuGIp+JJH3SF9670Ge6f
9lT0+OYPpF9uZIa8+kH1vGLzd6SUoy7485vy/IxxzYyKeSspUnKPVLZHv9bx3IUa
vogv3scfZpDLgpCWi4o9Ro/2/Apz+q84sHI5qeD769Q1UVzZh9W5c17pSNVaTACF
VvLQwwtDnup1
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:29 2025 by rpki-client