Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tIB63_bDik7-6Z2gSi630mTU6BQ.roa
File: tIB63_bDik7-6Z2gSi630mTU6BQ.roa (raw, json)
Hash identifier: +fR0Gw/BAaqkpd1zxMMrRZE5LA/umbwdjcizbh6qquY=
Subject key identifier: B4:80:7A:DF:F6:C3:8A:4E:FE:E9:9D:A0:4A:2E:B7:D2:64:D4:E8:14
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018DA15A3C9CC0D6D873592F50763C3E15EB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tIB63_bDik7-6Z2gSi630mTU6BQ.roa
Signing time: Tue 13 Feb 2024 07:24:21 +0000
ROA not before: Tue 13 Feb 2024 07:24:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:7d02:1::/48 maxlen: 48
2a0f:ea00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 14 Feb 2024 08:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:5a:3c:9c:c0:d6:d8:73:59:2f:50:76:3c:3e:15:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 13 07:24:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4807adff6c38a4efee99da04a2eb7d264d4e814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:43:e2:bb:16:93:52:20:2a:c6:40:c7:c6:39:
9d:93:c8:1e:ad:a8:b8:1b:ee:1a:25:93:45:2f:eb:
4d:bc:52:39:2b:8f:d4:3a:ec:8b:4b:08:d5:96:b2:
0c:6b:27:fc:c7:72:5a:42:a1:b6:3e:34:9d:61:b6:
c0:7e:a3:0f:9b:8b:99:d5:ff:0f:33:c5:4f:a0:cc:
4e:12:23:86:3e:8f:5b:88:77:b3:cc:a5:d3:5c:d6:
2a:cb:8d:65:8f:7b:05:d0:62:78:42:c7:bc:a5:28:
ae:33:42:77:8d:a5:9b:50:8a:ee:db:ae:39:28:0a:
84:1e:cc:be:6f:e8:eb:48:6d:17:09:cf:94:ab:f2:
05:40:a9:18:a5:ab:ee:71:05:18:61:34:53:0f:f3:
f9:91:e8:a7:61:93:27:a6:5a:0f:a9:70:07:39:79:
47:6d:6a:ad:60:1b:0b:0d:49:ce:e8:36:ba:ff:ea:
48:8d:33:73:c0:96:e2:a4:77:7a:3f:e2:ed:b0:95:
31:ec:fa:90:20:6f:10:94:19:c6:03:45:db:04:8f:
6a:14:a3:8a:cc:7f:54:54:87:79:42:53:75:da:46:
10:98:6f:ea:8a:f7:a5:8e:58:84:65:36:16:81:76:
9a:3f:f7:6a:72:20:1b:bb:a3:16:a4:88:60:4c:e6:
00:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:80:7A:DF:F6:C3:8A:4E:FE:E9:9D:A0:4A:2E:B7:D2:64:D4:E8:14
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tIB63_bDik7-6Z2gSi630mTU6BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0f:7d00:1::/48
2a0f:7d02:1::/48
2a0f:ea00::/29
Signature Algorithm: sha256WithRSAEncryption
c3:49:a2:4b:ec:ad:b2:7b:b3:a6:f3:b9:a8:ce:52:1a:70:13:
aa:fd:30:75:96:d7:49:e1:8e:f7:15:d4:b6:5f:45:20:10:3c:
ab:9a:a4:61:f3:b4:62:88:06:a5:0a:15:b2:d4:74:59:25:25:
33:0f:8f:52:94:3e:8e:3f:fc:c8:3e:dc:10:1a:ac:c9:89:54:
81:2d:d9:5e:d2:26:0f:5b:22:85:dc:c9:03:98:b3:82:bf:bd:
67:e0:19:d6:6d:69:76:f7:72:fd:8d:fe:2b:bc:0d:f1:f1:c2:
8f:1c:17:de:13:88:26:83:c9:75:d7:cb:f0:f9:8e:0b:90:e9:
5f:6b:c0:36:7e:01:12:2e:c0:68:be:e7:01:e1:39:b0:cc:8e:
4a:96:b6:0d:ff:b1:1a:89:a3:d8:7a:d4:50:7f:ca:65:92:e5:
64:d3:47:bd:64:5d:1e:aa:31:d0:23:d7:19:9d:f4:44:51:5e:
bd:6e:18:47:72:30:bf:f9:3f:e3:58:c3:73:f2:7f:3d:b5:fc:
77:4d:ca:a9:17:62:68:ac:99:88:49:aa:69:13:ae:2c:d9:53:
94:b8:40:a6:aa:18:da:cb:0f:af:1c:b5:b7:a9:e7:a5:4d:77:
6a:c6:65:f4:69:cb:d5:48:9d:50:34:3d:7e:87:9d:7c:91:49:
52:e3:a6:f1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY2hWjycwNbYc1kvUHY8PhXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMjEzMDcyNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDgwN2FkZmY2YzM4YTRlZmVlOTlkYTA0YTJlYjdkMjY0ZDRlODE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kPiuxaTUiAqxkDHxjmdk8gerai4
G+4aJZNFL+tNvFI5K4/UOuyLSwjVlrIMayf8x3JaQqG2PjSdYbbAfqMPm4uZ1f8P
M8VPoMxOEiOGPo9biHezzKXTXNYqy41lj3sF0GJ4Qse8pSiuM0J3jaWbUIru2645
KAqEHsy+b+jrSG0XCc+Uq/IFQKkYpavucQUYYTRTD/P5keinYZMnploPqXAHOXlH
bWqtYBsLDUnO6Da6/+pIjTNzwJbipHd6P+LtsJUx7PqQIG8QlBnGA0XbBI9qFKOK
zH9UVId5QlN12kYQmG/qiveljliEZTYWgXaaP/dqciAbu6MWpIhgTOYA8QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLSAet/2w4pO/umdoEout9Jk1OgUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdElCNjNfYkRpazctNloyZ1NpNjMwbVRVNkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwUAKgx4hAMH
ACoPfQAAAQMHACoPfQIAAQMFAyoP6gAwDQYJKoZIhvcNAQELBQADggEBAMNJokvs
rbJ7s6bzuajOUhpwE6r9MHWW10nhjvcV1LZfRSAQPKuapGHztGKIBqUKFbLUdFkl
JTMPj1KUPo4//Mg+3BAarMmJVIEt2V7SJg9bIoXcyQOYs4K/vWfgGdZtaXb3cv2N
/iu8DfHxwo8cF94TiCaDyXXXy/D5jguQ6V9rwDZ+ARIuwGi+5wHhObDMjkqWtg3/
sRqJo9h61FB/ymWS5WTTR71kXR6qMdAj1xmd9ERRXr1uGEdyML/5P+NYw3Pyfz21
/HdNyqkXYmismYhJqmkTrizZU5S4QKaqGNrLD68ctbep56VNd2rGZfRpy9VInVA0
PX6HnXyRSVLjpvE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:12 2025 by rpki-client