Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rIO0_25ObHQYhu9cWxcWlHenUvc.roa
File: rIO0_25ObHQYhu9cWxcWlHenUvc.roa (raw, json)
Hash identifier: qgRpA1olwP+gRPeU3OybmZlYYvd3DFOL6Jte8AL905k=
Subject key identifier: AC:83:B4:FF:6E:4E:6C:74:18:86:EF:5C:5B:17:16:94:77:A7:52:F7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193D9473B095CCFB112116C308AA1CB965A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rIO0_25ObHQYhu9cWxcWlHenUvc.roa
Signing time: Wed 18 Dec 2024 10:19:04 +0000
ROA not before: Wed 18 Dec 2024 10:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214734
IP address blocks: 2a0f:14c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 27 Dec 2024 08:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:47:3b:09:5c:cf:b1:12:11:6c:30:8a:a1:cb:96:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 18 10:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac83b4ff6e4e6c741886ef5c5b17169477a752f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:22:3f:10:37:3a:35:26:00:8f:b0:44:2f:
86:49:39:d6:5f:96:2c:99:39:91:aa:14:78:83:61:
61:6b:db:ac:0e:27:f5:2f:ed:32:ec:de:90:52:8d:
1b:a9:14:ea:01:34:ab:2e:90:cd:dc:3c:e8:95:84:
3c:40:c2:84:5e:3e:bc:ce:51:d6:ee:d1:c6:50:af:
9a:17:79:5e:cd:3b:64:81:54:ee:ec:d9:fe:93:c1:
0d:d7:ae:9d:1e:70:f1:7c:59:5d:56:9e:74:73:5f:
d5:7d:96:de:74:f2:f7:7d:0a:3e:9a:0c:95:67:52:
60:f3:cc:07:5a:ac:9d:bb:a5:4b:17:56:d0:d2:cb:
ee:e1:7d:90:94:90:a8:22:15:1a:74:f4:e7:48:2b:
77:d7:09:c1:46:06:31:13:7e:fb:c3:dc:12:84:0e:
03:c1:c5:57:79:62:14:c6:60:f0:d1:83:6a:9b:48:
58:93:16:05:35:57:69:ce:69:c0:5a:48:0d:d6:1c:
9a:91:1c:35:11:89:a2:88:b1:c0:4f:2c:9f:ce:32:
fd:41:99:3b:03:e2:51:61:4e:c4:6a:f4:3f:88:3a:
52:52:43:28:76:fa:b7:86:e0:35:8d:18:3c:1d:7c:
c7:60:54:e4:50:19:d7:1e:6b:43:01:33:42:af:c2:
e6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:83:B4:FF:6E:4E:6C:74:18:86:EF:5C:5B:17:16:94:77:A7:52:F7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rIO0_25ObHQYhu9cWxcWlHenUvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:14c0::/29
Signature Algorithm: sha256WithRSAEncryption
54:4d:22:24:34:3d:3b:2e:95:5d:6c:f5:97:7f:fe:f4:8f:06:
e3:f2:37:09:5a:c8:b6:b3:25:78:24:d4:cd:c1:fe:87:4e:12:
b7:2e:ff:dd:98:7b:85:d5:fa:12:c4:37:bf:9d:a1:ad:57:d6:
42:62:67:53:47:d3:91:24:8f:0d:e0:75:0e:57:56:08:ef:04:
75:85:e6:67:65:6d:1c:34:b5:c1:d8:91:61:0a:8d:06:cd:17:
aa:3e:64:55:51:8f:2a:6d:b0:68:f4:7b:a2:f2:f1:9c:1e:47:
ee:d2:f9:c0:fa:be:72:b9:6f:90:e1:6a:77:d7:81:0c:ec:a7:
20:75:3a:fb:90:66:30:c3:ea:70:39:82:db:a5:6e:56:33:78:
55:e9:62:d3:a0:d5:59:db:56:6c:02:3f:66:00:98:fa:4b:ac:
fa:c1:ec:68:90:0f:d6:4a:e1:b0:22:fc:be:93:5a:9e:57:e1:
4f:01:e3:21:2d:ec:ab:e0:42:59:1f:28:0b:a7:dd:aa:fd:64:
bc:d3:08:77:ae:4d:f2:27:cc:32:f7:b3:e3:0d:e3:78:78:05:
1d:d6:55:ea:40:87:d5:5c:ce:6c:c8:19:1f:f1:0f:da:ea:08:
26:95:bd:83:73:d2:05:c0:dd:b5:bc:81:58:fe:00:7a:82:5f:
f6:ee:90:f2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPZRzsJXM+xEhFsMIqhy5ZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjE4MTAxOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzgzYjRmZjZlNGU2Yzc0MTg4NmVmNWM1YjE3MTY5NDc3YTc1MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoiPxA3OjUmAI+wRC+GSTnWX5Ys
mTmRqhR4g2Fha9usDif1L+0y7N6QUo0bqRTqATSrLpDN3DzolYQ8QMKEXj68zlHW
7tHGUK+aF3lezTtkgVTu7Nn+k8EN166dHnDxfFldVp50c1/VfZbedPL3fQo+mgyV
Z1Jg88wHWqydu6VLF1bQ0svu4X2QlJCoIhUadPTnSCt31wnBRgYxE377w9wShA4D
wcVXeWIUxmDw0YNqm0hYkxYFNVdpzmnAWkgN1hyakRw1EYmiiLHATyyfzjL9QZk7
A+JRYU7EavQ/iDpSUkModvq3huA1jRg8HXzHYFTkUBnXHmtDATNCr8LmDwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKyDtP9uTmx0GIbvXFsXFpR3p1L3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcklPMF8yNU9iSFFZaHU5Y1d4Y1dsSGVuVXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg8UwDAN
BgkqhkiG9w0BAQsFAAOCAQEAVE0iJDQ9Oy6VXWz1l3/+9I8G4/I3CVrItrMleCTU
zcH+h04Sty7/3Zh7hdX6EsQ3v52hrVfWQmJnU0fTkSSPDeB1DldWCO8EdYXmZ2Vt
HDS1wdiRYQqNBs0Xqj5kVVGPKm2waPR7ovLxnB5H7tL5wPq+crlvkOFqd9eBDOyn
IHU6+5BmMMPqcDmC26VuVjN4Veli06DVWdtWbAI/ZgCY+kus+sHsaJAP1krhsCL8
vpNanlfhTwHjIS3sq+BCWR8oC6fdqv1kvNMId65N8ifMMvez4w3jeHgFHdZV6kCH
1VzObMgZH/EP2uoIJpW9g3PSBcDdtbyBWP4AeoJf9u6Q8g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:04:59 2025 by rpki-client