Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xAH5RA3gn3Xb_Pss7xHMbkehjKU.roa
File: xAH5RA3gn3Xb_Pss7xHMbkehjKU.roa (raw, json)
Hash identifier: MBWhcQ/5cJe/6WWVyg1ZAspzV7cOITUraESTq/0Eq24=
Subject key identifier: C4:01:F9:44:0D:E0:9F:75:DB:FC:FB:2C:EF:11:CC:6E:47:A1:8C:A5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01906E85765FB117A00DBFD1CC53501021CB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xAH5RA3gn3Xb_Pss7xHMbkehjKU.roa
Signing time: Mon 01 Jul 2024 13:39:18 +0000
ROA not before: Mon 01 Jul 2024 13:39:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 2a0f:1940::/29 maxlen: 29
2a0f:7d07::/32 maxlen: 32
2a11:4800::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Jul 2024 07:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6e:85:76:5f:b1:17:a0:0d:bf:d1:cc:53:50:10:21:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 1 13:39:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c401f9440de09f75dbfcfb2cef11cc6e47a18ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2e:fa:1c:63:9a:aa:8a:41:5a:33:a5:fc:bf:
cc:e8:da:55:00:34:ca:9a:8c:74:e0:5b:66:a3:6a:
50:be:05:b2:ae:75:c4:42:2c:f7:dc:dc:d2:3f:b8:
dd:ac:98:9a:c4:ac:f6:1c:5f:eb:e3:3d:a1:d4:94:
46:1d:30:47:7a:8b:4b:8b:cf:cc:ed:f5:99:fc:82:
be:69:36:d7:10:cd:38:49:26:a7:d3:dd:38:c0:22:
b9:57:68:4b:29:1c:de:f9:17:67:0a:0e:fb:62:38:
a6:07:bb:bb:a5:69:01:28:34:25:98:3e:df:a4:2b:
2d:d1:c1:75:b4:dd:8c:03:56:3d:21:1e:63:40:c9:
f3:4e:5f:ba:b7:4f:7c:ea:80:23:43:c9:98:39:18:
02:1a:56:d5:c7:16:c6:fa:5d:b8:f9:93:a0:26:df:
51:9e:d3:19:8a:50:8a:08:2b:be:b8:05:75:fc:af:
23:52:a8:8a:ca:91:e6:d1:a5:60:ce:78:a9:ff:6d:
0d:af:9b:54:17:72:23:eb:d1:ae:7f:21:14:46:a3:
46:53:42:49:fc:74:df:ad:6c:16:bb:14:cd:9f:44:
b3:75:4c:0c:18:c3:dd:20:3f:4e:df:b2:d2:e7:af:
5b:ce:26:56:65:1b:38:cf:5b:21:ae:65:1b:48:39:
f5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:01:F9:44:0D:E0:9F:75:DB:FC:FB:2C:EF:11:CC:6E:47:A1:8C:A5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xAH5RA3gn3Xb_Pss7xHMbkehjKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1940::/29
2a0f:7d07::/32
2a11:4800::/29
Signature Algorithm: sha256WithRSAEncryption
0e:c0:e8:c2:96:1c:14:d2:c4:94:e9:10:d0:9d:e4:9f:6d:60:
5c:ca:bd:c2:1b:2b:8a:bc:89:e4:8c:03:d1:a0:3d:76:a7:0f:
63:1d:bd:1a:18:d0:ae:5d:35:65:a2:5c:d1:fc:8f:aa:f7:1e:
bc:cb:bc:ba:16:db:28:fa:0c:2e:73:48:dd:71:bb:5c:cc:d3:
47:e5:a4:21:ac:b9:cb:95:41:8b:22:b6:c0:28:8f:32:76:95:
ce:fb:16:cf:af:9f:b7:6c:cf:c7:f4:bb:6a:e0:41:25:65:56:
92:4b:5e:01:2b:2e:96:5e:1b:b9:4a:b5:b1:5b:b0:8d:f2:bf:
e8:d3:29:2a:6e:4b:3a:71:b5:35:c3:a1:1b:9f:9d:79:c7:17:
a7:a8:a8:ed:52:07:60:e1:07:37:82:49:23:bd:9b:ae:c4:b1:
74:7f:95:56:70:56:c8:9c:af:d4:97:8b:63:0d:4e:8c:df:af:
d7:5b:c6:36:55:ee:8d:4b:06:23:28:d0:f4:6f:b6:bc:7b:9a:
a0:b6:a8:7d:ab:5b:eb:c1:4e:87:0f:11:b9:32:16:c2:9a:c6:
8c:5f:be:c2:17:dd:ef:84:e1:71:b9:7b:f0:24:c2:2c:4c:72:
b5:1e:ac:60:da:75:f8:d2:f7:2c:60:28:de:b4:59:4c:ce:49:
0d:84:1c:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBuhXZfsRegDb/RzFNQECHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNzAxMTMzOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDAxZjk0NDBkZTA5Zjc1ZGJmY2ZiMmNlZjExY2M2ZTQ3YTE4Y2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS76HGOaqopBWjOl/L/M6NpVADTK
mox04Ftmo2pQvgWyrnXEQiz33NzSP7jdrJiaxKz2HF/r4z2h1JRGHTBHeotLi8/M
7fWZ/IK+aTbXEM04SSan0904wCK5V2hLKRze+RdnCg77YjimB7u7pWkBKDQlmD7f
pCst0cF1tN2MA1Y9IR5jQMnzTl+6t0986oAjQ8mYORgCGlbVxxbG+l24+ZOgJt9R
ntMZilCKCCu+uAV1/K8jUqiKypHm0aVgznip/20Nr5tUF3Ij69GufyEURqNGU0JJ
/HTfrWwWuxTNn0SzdUwMGMPdID9O37LS569bziZWZRs4z1shrmUbSDn16QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMQB+UQN4J912/z7LO8RzG5HoYylMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveEFINVJBM2duM1hiX1Bzczd4SE1ia2VoaktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8ZQAMF
ACoPfQcDBQMqEUgAMA0GCSqGSIb3DQEBCwUAA4IBAQAOwOjClhwU0sSU6RDQneSf
bWBcyr3CGyuKvInkjAPRoD12pw9jHb0aGNCuXTVlolzR/I+q9x68y7y6Ftso+gwu
c0jdcbtczNNH5aQhrLnLlUGLIrbAKI8ydpXO+xbPr5+3bM/H9Ltq4EElZVaSS14B
Ky6WXhu5SrWxW7CN8r/o0ykqbks6cbU1w6Ebn515xxenqKjtUgdg4Qc3gkkjvZuu
xLF0f5VWcFbInK/Ul4tjDU6M36/XW8Y2Ve6NSwYjKND0b7a8e5qgtqh9q1vrwU6H
DxG5MhbCmsaMX77CF93vhOFxuXvwJMIsTHK1Hqxg2nX40vcsYCjetFlMzkkNhBxN
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:48 2025 by rpki-client