Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zaJlHITBE1Z6IUHPK8OgGZmofUg.roa
File: zaJlHITBE1Z6IUHPK8OgGZmofUg.roa (raw, json)
Hash identifier: M9VgkKzCtqUxIE6VgO494GMllpWfIOw2W84nXLG7R5I=
Subject key identifier: CD:A2:65:1C:84:C1:13:56:7A:21:41:CF:2B:C3:A0:19:99:A8:7D:48
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FCE01C183BC95207A0D644FFF1059300F
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zaJlHITBE1Z6IUHPK8OgGZmofUg.roa
Signing time: Fri 31 May 2024 09:36:12 +0000
ROA not before: Fri 31 May 2024 09:36:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 2a0f:dfc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 28 Jun 2024 12:03:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:01:c1:83:bc:95:20:7a:0d:64:4f:ff:10:59:30:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 31 09:36:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cda2651c84c113567a2141cf2bc3a01999a87d48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ed:87:e4:86:d7:fb:01:7e:b1:38:94:8d:f1:
97:92:5e:fa:0d:fb:4c:f9:bc:2f:e9:b3:4b:87:8f:
20:41:59:d5:65:e2:58:32:39:7c:1e:4e:86:18:dc:
9d:9a:f6:b4:5d:a1:76:a1:27:5f:c7:12:41:d8:1d:
c5:5d:b3:f6:6b:fb:fd:a0:6c:10:dd:8f:3d:ff:4c:
f9:34:62:01:37:50:b7:86:2a:bc:56:f6:4e:45:5a:
03:d5:b7:c9:ce:e7:c9:43:ae:69:8d:6a:17:ef:7a:
b4:0d:4e:cf:32:39:30:1b:45:88:cb:67:b5:22:06:
59:58:6d:5f:22:dc:d6:f7:62:a1:84:f3:2b:bd:4e:
8d:45:8c:e6:64:b1:56:bc:e2:d9:28:26:72:46:ec:
d1:78:d8:dc:ed:56:56:7e:96:a8:dd:0d:20:cc:ef:
d8:35:b3:a2:d1:ee:2b:86:2b:f2:82:4d:f3:a3:04:
18:8e:00:51:e4:b8:9f:2e:46:22:6e:08:41:b5:96:
fd:da:74:2a:8f:51:75:62:6b:ed:ed:d0:99:2a:85:
6d:7a:fc:5b:30:f1:a2:94:32:cb:eb:62:65:7f:26:
4f:ef:62:d4:6c:f6:ed:d3:0d:7a:0c:e7:54:6c:9f:
8a:d0:f1:2d:ec:40:e3:f8:c9:f9:7b:1f:eb:c8:63:
bb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A2:65:1C:84:C1:13:56:7A:21:41:CF:2B:C3:A0:19:99:A8:7D:48
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zaJlHITBE1Z6IUHPK8OgGZmofUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:dfc0::/29
Signature Algorithm: sha256WithRSAEncryption
cd:47:c4:30:9e:1e:86:61:32:50:b6:54:92:94:6a:12:54:c4:
06:fc:5b:d9:f9:62:85:78:af:83:29:51:37:26:c1:b0:b7:56:
1c:53:c6:b4:52:93:74:b8:b7:c9:df:2e:09:83:2f:f3:a7:0f:
d3:6e:74:9f:66:a7:09:8f:3f:10:c4:3e:8a:fc:c3:33:98:94:
6a:34:03:25:70:e3:c2:39:e6:ad:24:75:14:a2:7d:98:6e:2c:
32:db:6a:e4:96:ba:69:53:88:9f:ce:37:0d:78:07:e1:91:09:
dc:3d:5a:41:7b:56:cb:fd:95:54:ce:29:dd:68:e0:46:9d:10:
07:2e:93:91:91:fa:11:3c:96:69:eb:0c:c7:fb:44:2c:b9:d7:
3e:fc:da:59:e8:1a:60:8c:29:b9:61:a6:23:f2:ad:cc:64:f0:
ee:42:d6:89:41:f4:18:81:db:bd:13:36:84:b5:91:c1:70:74:
36:98:d0:ec:e4:49:e0:ec:a7:55:49:0a:52:26:31:a7:8d:92:
6f:01:eb:d7:b2:72:58:95:8d:c7:84:5e:82:03:97:1b:9a:b5:
71:03:67:60:7a:bc:6d:b7:84:a9:ab:44:ec:9c:ee:70:12:a1:
73:45:f5:4b:40:5c:9b:d6:fd:7f:aa:7c:f4:f7:a7:3a:31:e6:
e4:bb:5a:43
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY/OAcGDvJUgeg1kT/8QWTAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTMxMDkzNjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEyNjUxYzg0YzExMzU2N2EyMTQxY2YyYmMzYTAxOTk5YTg3ZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO2H5IbX+wF+sTiUjfGXkl76DftM
+bwv6bNLh48gQVnVZeJYMjl8Hk6GGNydmva0XaF2oSdfxxJB2B3FXbP2a/v9oGwQ
3Y89/0z5NGIBN1C3hiq8VvZORVoD1bfJzufJQ65pjWoX73q0DU7PMjkwG0WIy2e1
IgZZWG1fItzW92KhhPMrvU6NRYzmZLFWvOLZKCZyRuzReNjc7VZWfpao3Q0gzO/Y
NbOi0e4rhivygk3zowQYjgBR5LifLkYibghBtZb92nQqj1F1Ymvt7dCZKoVtevxb
MPGilDLL62JlfyZP72LUbPbt0w16DOdUbJ+K0PEt7EDj+Mn5ex/ryGO7IQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM2iZRyEwRNWeiFBzyvDoBmZqH1IMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvemFKbEhJVEJFMVo2SVVIUEs4T2dHWm1vZlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg/fwDAN
BgkqhkiG9w0BAQsFAAOCAQEAzUfEMJ4ehmEyULZUkpRqElTEBvxb2flihXivgylR
NybBsLdWHFPGtFKTdLi3yd8uCYMv86cP0250n2anCY8/EMQ+ivzDM5iUajQDJXDj
wjnmrSR1FKJ9mG4sMttq5Ja6aVOIn843DXgH4ZEJ3D1aQXtWy/2VVM4p3WjgRp0Q
By6TkZH6ETyWaesMx/tELLnXPvzaWegaYIwpuWGmI/KtzGTw7kLWiUH0GIHbvRM2
hLWRwXB0NpjQ7ORJ4OynVUkKUiYxp42SbwHr17JyWJWNx4ReggOXG5q1cQNnYHq8
bbeEqatE7JzucBKhc0X1S0Bcm9b9f6p89PenOjHm5LtaQw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:06:35 2025 by rpki-client