Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rJxbUBP2suanuGcc5ayn7ZsRJDs.roa
File: rJxbUBP2suanuGcc5ayn7ZsRJDs.roa (raw, json)
Hash identifier: NfRN+KFXjZ3bE1avp0YVwH+LTLjX6LG/PfiBa0LCaQY=
Subject key identifier: AC:9C:5B:50:13:F6:B2:E6:A7:B8:67:1C:E5:AC:A7:ED:9B:11:24:3B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019204FEEE3B72205C122E29046B13F9D00A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rJxbUBP2suanuGcc5ayn7ZsRJDs.roa
Signing time: Wed 18 Sep 2024 11:57:48 +0000
ROA not before: Wed 18 Sep 2024 11:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 2a0f:2500::/29 maxlen: 29
2a11:3500::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 20 Sep 2024 09:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:04:fe:ee:3b:72:20:5c:12:2e:29:04:6b:13:f9:d0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 18 11:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac9c5b5013f6b2e6a7b8671ce5aca7ed9b11243b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4d:b0:4b:bd:cd:14:89:a6:89:15:69:33:04:
31:b3:96:8c:e0:24:01:68:26:48:8d:fa:84:36:d5:
26:a5:c5:6e:4c:be:1f:30:82:64:c9:54:ac:eb:a0:
54:66:eb:6d:26:ba:9e:c9:4c:c1:43:8a:8c:e1:b2:
23:39:38:49:c7:da:73:5d:f4:66:2f:60:1b:6f:c5:
35:c2:46:1d:0a:ab:26:2e:b8:5c:34:2b:96:bf:07:
2b:4e:c6:11:be:99:dc:ea:85:13:73:2b:db:7f:93:
ac:a4:67:1a:11:60:b6:36:e3:cd:7d:42:2b:e3:e3:
00:7a:8d:43:2b:e4:be:60:0a:e9:78:8d:73:b6:da:
7c:8a:dc:bd:05:54:51:c8:52:42:d8:cb:08:6b:9b:
71:36:92:f2:52:fa:ec:c1:b6:33:76:ba:73:17:16:
01:0d:6d:c2:83:b9:76:c4:c8:80:00:fd:f3:a9:13:
9e:b9:d3:60:41:19:f9:f3:cf:17:29:2b:cb:51:57:
01:ff:f7:fe:78:c5:95:29:a8:23:20:96:13:92:fd:
1b:12:ae:f1:31:0d:83:50:72:d6:eb:36:ce:22:d6:
12:e8:97:37:bc:ea:d8:3b:14:2a:4d:71:26:29:ad:
86:cf:f9:af:41:ff:48:b1:eb:45:47:fa:ea:a5:4f:
6a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9C:5B:50:13:F6:B2:E6:A7:B8:67:1C:E5:AC:A7:ED:9B:11:24:3B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/rJxbUBP2suanuGcc5ayn7ZsRJDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2500::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
6b:25:a1:43:e7:da:cf:9e:df:0f:ed:ca:b3:c2:72:94:3f:45:
f0:21:f7:3a:9b:bf:2f:d0:f9:da:be:59:a3:78:62:de:e5:e3:
60:95:ef:dd:85:27:d5:a4:34:bd:1e:34:d6:08:1d:5a:b4:ca:
f1:68:96:5d:33:5a:a1:62:fe:b1:c4:0f:ff:c0:f7:56:2d:2a:
a2:3d:1f:74:d1:91:7a:6b:07:10:74:f9:0e:c3:ac:db:cb:2f:
6e:bd:3c:a8:e8:be:ad:f1:cb:7d:8b:1a:25:12:0a:79:55:84:
1f:5b:8a:99:bd:3a:30:f3:8c:a8:e0:14:03:32:dd:d6:52:36:
4e:c7:90:64:2b:76:1f:db:57:cd:4f:91:33:ac:ce:76:37:1a:
e6:d9:45:2b:19:c8:fd:86:55:ee:fc:72:54:80:04:17:51:25:
a8:30:97:ef:79:54:55:63:01:61:fe:78:77:81:5b:ca:1e:16:
76:cf:52:1d:11:06:e0:a8:53:0c:2d:a4:c1:16:ea:b3:02:bd:
d7:20:56:69:75:12:15:e2:1b:c7:73:c6:f7:0f:c8:38:5a:54:
d6:08:1c:aa:e4:86:26:9e:3d:a3:1e:e9:b1:45:d2:d0:04:43:
42:b6:7b:97:3c:c8:9f:e1:9d:60:42:c9:49:27:72:a4:3c:bf:
90:ec:7f:71
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZIE/u47ciBcEi4pBGsT+dAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTE4MTE1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzljNWI1MDEzZjZiMmU2YTdiODY3MWNlNWFjYTdlZDliMTEyNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k2wS73NFImmiRVpMwQxs5aM4CQB
aCZIjfqENtUmpcVuTL4fMIJkyVSs66BUZuttJrqeyUzBQ4qM4bIjOThJx9pzXfRm
L2Abb8U1wkYdCqsmLrhcNCuWvwcrTsYRvpnc6oUTcyvbf5OspGcaEWC2NuPNfUIr
4+MAeo1DK+S+YArpeI1zttp8ity9BVRRyFJC2MsIa5txNpLyUvrswbYzdrpzFxYB
DW3Cg7l2xMiAAP3zqROeudNgQRn5888XKSvLUVcB//f+eMWVKagjIJYTkv0bEq7x
MQ2DUHLW6zbOItYS6Jc3vOrYOxQqTXEmKa2Gz/mvQf9IsetFR/rqpU9qywIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKycW1AT9rLmp7hnHOWsp+2bESQ7MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvckp4YlVCUDJzdWFudUdjYzVheW43WnNSSkRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg8lAAMF
AyoRNQAwDQYJKoZIhvcNAQELBQADggEBAGsloUPn2s+e3w/tyrPCcpQ/RfAh9zqb
vy/Q+dq+WaN4Yt7l42CV792FJ9WkNL0eNNYIHVq0yvFoll0zWqFi/rHED//A91Yt
KqI9H3TRkXprBxB0+Q7DrNvLL269PKjovq3xy32LGiUSCnlVhB9bipm9OjDzjKjg
FAMy3dZSNk7HkGQrdh/bV81PkTOsznY3GubZRSsZyP2GVe78clSABBdRJagwl+95
VFVjAWH+eHeBW8oeFnbPUh0RBuCoUwwtpMEW6rMCvdcgVml1EhXiG8dzxvcPyDha
VNYIHKrkhiaePaMe6bFF0tAEQ0K2e5c8yJ/hnWBCyUkncqQ8v5Dsf3E=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:07 2025 by rpki-client