Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s3M3y17MHdRg4oAuHeG91VpWyHk.roa
File: s3M3y17MHdRg4oAuHeG91VpWyHk.roa (raw, json)
Hash identifier: HBOc0KeCYkTkzVGrtfdHW0cKOH8p1aqbq3cQW1pkvBI=
Subject key identifier: B3:73:37:CB:5E:CC:1D:D4:60:E2:80:2E:1D:E1:BD:D5:5A:56:C8:79
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191272D965FAFF8F0C7252926A04CB3CCA8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s3M3y17MHdRg4oAuHeG91VpWyHk.roa
Signing time: Tue 06 Aug 2024 10:13:04 +0000
ROA not before: Tue 06 Aug 2024 10:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 2a0f:4f80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 01 Nov 2024 15:35:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:2d:96:5f:af:f8:f0:c7:25:29:26:a0:4c:b3:cc:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 6 10:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b37337cb5ecc1dd460e2802e1de1bdd55a56c879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:58:af:a6:00:3c:da:dd:f0:a4:7e:e7:d7:4b:
a3:8a:30:a8:1a:2c:16:da:8d:f1:cb:dc:a2:b2:a6:
aa:ad:70:98:eb:62:a7:73:9f:88:a3:62:cd:b5:45:
91:c2:ae:14:4e:34:61:39:c9:7c:43:04:95:82:40:
24:55:06:ab:34:ac:ee:c7:6a:70:58:b2:5e:90:c9:
7c:2c:f2:33:25:6b:8b:7c:a1:6f:81:e4:4e:16:21:
b7:e1:09:b2:e6:a5:d7:44:c4:97:05:81:eb:41:e9:
f6:5d:4c:7a:23:8d:28:f1:3f:4b:1c:65:b8:a5:26:
ee:d0:1c:84:0d:b2:6d:28:42:a8:84:55:65:74:de:
3e:b1:e3:12:27:94:3e:ae:4a:d8:cb:0f:56:ab:0d:
f5:89:09:dd:7f:aa:43:9c:79:2b:b9:a3:c8:a0:48:
12:7d:7c:a1:9b:81:bc:4d:2e:28:6a:61:5d:2b:ac:
21:e1:df:f2:f7:46:79:ba:c1:19:df:c3:15:35:b5:
67:d6:cb:3c:3b:33:26:aa:0a:49:45:c0:57:f5:7e:
e9:9e:f6:25:33:60:ce:df:72:65:8c:be:e2:01:5d:
db:d1:32:f3:83:a0:23:33:e8:cb:49:23:b8:55:29:
b5:e1:5e:2c:94:4c:7f:b8:53:b3:22:94:90:e3:40:
5b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:73:37:CB:5E:CC:1D:D4:60:E2:80:2E:1D:E1:BD:D5:5A:56:C8:79
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/s3M3y17MHdRg4oAuHeG91VpWyHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4f80::/29
Signature Algorithm: sha256WithRSAEncryption
a4:d6:7a:fd:75:b8:25:02:b0:fe:d1:17:b2:aa:e8:24:20:82:
ed:28:09:1b:3c:5f:ea:f5:36:a7:f4:11:9a:40:e0:7b:3d:81:
cc:50:54:23:28:dd:f9:5f:7a:46:e6:ec:4f:7f:fc:22:7b:ae:
e1:4c:f0:ff:4e:e8:41:81:7c:31:06:1e:19:4a:ba:f3:90:96:
c8:61:42:f5:28:27:a8:86:e1:d7:5e:31:1f:55:b7:84:03:23:
a8:c6:00:18:41:6b:64:fa:ee:66:3a:d1:6d:d2:16:10:42:8e:
fd:85:f8:e7:22:cd:de:6c:9c:83:13:a5:45:6a:1d:d4:63:98:
44:94:7a:32:45:6b:39:74:73:98:fd:5e:06:d6:f9:eb:10:d4:
2b:ee:3f:8f:ec:a1:88:3f:38:c5:fc:2c:ac:ce:e6:f5:ce:27:
93:a2:47:2f:9d:1f:fe:52:90:24:82:84:03:8e:64:06:e0:79:
07:08:1e:ec:c8:79:2e:64:1a:39:c7:8a:dc:39:90:3a:b1:19:
f4:ef:a2:cd:64:0a:2d:7f:52:1b:a4:f5:fe:61:81:8e:a8:40:
05:eb:46:26:74:9c:4b:c7:f3:88:02:d0:9b:ba:a3:be:8c:81:
41:24:e8:de:0f:69:14:09:56:97:79:ae:c7:f4:23:9b:a0:da:
59:00:46:d6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZEnLZZfr/jwxyUpJqBMs8yoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODA2MTAxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzczMzdjYjVlY2MxZGQ0NjBlMjgwMmUxZGUxYmRkNTVhNTZjODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFivpgA82t3wpH7n10ujijCoGiwW
2o3xy9yisqaqrXCY62Knc5+Io2LNtUWRwq4UTjRhOcl8QwSVgkAkVQarNKzux2pw
WLJekMl8LPIzJWuLfKFvgeROFiG34Qmy5qXXRMSXBYHrQen2XUx6I40o8T9LHGW4
pSbu0ByEDbJtKEKohFVldN4+seMSJ5Q+rkrYyw9Wqw31iQndf6pDnHkruaPIoEgS
fXyhm4G8TS4oamFdK6wh4d/y90Z5usEZ38MVNbVn1ss8OzMmqgpJRcBX9X7pnvYl
M2DO33JljL7iAV3b0TLzg6AjM+jLSSO4VSm14V4slEx/uFOzIpSQ40BbKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLNzN8tezB3UYOKALh3hvdVaVsh5MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvczNNM3kxN01IZFJnNG9BdUhlRzkxVnBXeUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9PgDAN
BgkqhkiG9w0BAQsFAAOCAQEApNZ6/XW4JQKw/tEXsqroJCCC7SgJGzxf6vU2p/QR
mkDgez2BzFBUIyjd+V96RubsT3/8Inuu4Uzw/07oQYF8MQYeGUq685CWyGFC9Sgn
qIbh114xH1W3hAMjqMYAGEFrZPruZjrRbdIWEEKO/YX45yLN3mycgxOlRWod1GOY
RJR6MkVrOXRzmP1eBtb56xDUK+4/j+yhiD84xfwsrM7m9c4nk6JHL50f/lKQJIKE
A45kBuB5Bwge7Mh5LmQaOceK3DmQOrEZ9O+izWQKLX9SG6T1/mGBjqhABetGJnSc
S8fziALQm7qjvoyBQSTo3g9pFAlWl3mux/Qjm6DaWQBG1g==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:26 2025 by rpki-client