Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/9cw4s840DVC6IkXXDJY8ojGEwzw.roa
File: 9cw4s840DVC6IkXXDJY8ojGEwzw.roa (raw, json)
Hash identifier: uwLdLXbsi199dKy62IDAREzPhzwUvqwnxWbRJTLfABg=
Subject key identifier: F5:CC:38:B3:CE:34:0D:50:BA:22:45:D7:0C:96:3C:A2:31:84:C3:3C
Certificate issuer: /CN=3f3f554b80281dea2a300318aaad6d2d97f1ce44
Certificate serial: 0193555B58654F682CFDFD432A22B70A4BB0
Authority key identifier: 3F:3F:55:4B:80:28:1D:EA:2A:30:03:18:AA:AD:6D:2D:97:F1:CE:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/9cw4s840DVC6IkXXDJY8ojGEwzw.roa
Signing time: Fri 22 Nov 2024 19:31:09 +0000
ROA not before: Fri 22 Nov 2024 19:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215434
IP address blocks: 2a01:f3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:5b:58:65:4f:68:2c:fd:fd:43:2a:22:b7:0a:4b:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f3f554b80281dea2a300318aaad6d2d97f1ce44
Validity
Not Before: Nov 22 19:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5cc38b3ce340d50ba2245d70c963ca23184c33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:4a:df:c0:23:f3:08:5d:23:ce:b7:0b:49:
c5:91:38:bd:ca:84:9f:3e:06:af:6a:d6:09:fb:af:
e7:34:44:94:9a:15:86:b2:ef:bb:eb:8b:2f:d6:bd:
29:63:c6:b6:a6:c0:0f:8a:7b:80:4b:6c:26:af:1e:
50:7f:d7:ad:ba:22:74:41:53:ad:41:05:ad:ad:9d:
7c:db:a4:10:1c:77:2a:ce:1e:50:43:80:f1:ae:1e:
1d:84:1d:be:ab:fe:60:ff:9f:dc:89:fa:33:86:87:
16:91:ed:b7:4b:f8:fc:8f:e3:c9:9e:8a:9f:b8:33:
9c:0e:4d:87:cd:d7:1c:ab:26:bf:b6:43:6b:bc:6f:
74:21:65:a9:88:c7:48:c7:26:2b:5b:a6:95:4b:75:
c9:3b:34:0a:0d:38:fd:81:c1:e5:05:6c:c0:ea:05:
1d:cb:e5:86:33:24:37:ea:5b:52:d9:1c:37:48:bd:
62:2e:cc:5a:3d:e4:52:03:7c:86:b7:5f:98:4c:d3:
28:a0:f0:9e:20:24:50:d7:ef:d7:a4:56:01:43:4d:
4f:3e:d7:21:e0:ea:0f:d2:93:83:68:ed:c1:91:c2:
95:5a:83:19:d9:9c:17:4f:8f:37:16:18:05:8c:44:
12:db:79:a5:3c:cc:b7:e4:90:29:ac:8a:35:ca:db:
c6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CC:38:B3:CE:34:0D:50:BA:22:45:D7:0C:96:3C:A2:31:84:C3:3C
X509v3 Authority Key Identifier:
keyid:3F:3F:55:4B:80:28:1D:EA:2A:30:03:18:AA:AD:6D:2D:97:F1:CE:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/9cw4s840DVC6IkXXDJY8ojGEwzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/78d528-7cdf-44c0-acdd-f533b8df80a9/1/Pz9VS4AoHeoqMAMYqq1tLZfxzkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:5e:68:bf:c2:a6:6c:c4:3d:59:e6:79:be:1c:a7:4b:d7:61:
89:68:8c:76:c1:99:83:7a:bf:7b:06:e3:ef:3f:e9:91:a8:d0:
72:f2:ec:43:b3:5b:f3:aa:2f:07:da:98:8c:09:a9:f0:dd:78:
55:db:cf:3d:88:91:f1:97:da:b5:90:4a:5c:5b:e5:1e:b8:90:
13:2b:30:30:93:f2:58:bb:93:85:0b:27:74:df:b3:22:7e:22:
60:f1:cb:47:55:1a:3b:43:6d:77:72:d5:35:b9:8e:ee:12:e0:
5e:74:8f:ab:27:1c:07:9e:bb:7b:81:6f:7d:91:f4:a1:95:f2:
e2:d7:02:a4:a2:cd:1f:95:50:d6:b0:ee:07:33:50:57:c0:41:
4e:92:ed:ad:08:df:4a:b1:6d:92:1f:29:2d:0a:31:21:22:80:
f4:29:c3:a1:50:d7:3a:6b:6c:35:1f:d3:98:6e:e1:f3:5b:eb:
70:32:fc:14:29:be:5a:84:92:17:72:72:4d:de:97:6c:55:6a:
c1:65:75:61:2e:a9:2e:0f:7c:8f:29:cb:88:eb:2f:1d:11:60:
fb:24:35:0a:9b:ee:b6:f4:32:3b:7d:11:d7:2d:54:07:d3:5f:
cc:a9:8d:c4:27:1f:38:2e:97:92:28:45:f9:3e:b8:dc:9a:2d:
2c:34:99:7e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNVW1hlT2gs/f1DKiK3CkuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmM2Y1NTRiODAyODFkZWEyYTMwMDMxOGFhYWQ2ZDJkOTdm
MWNlNDQwHhcNMjQxMTIyMTkzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNjMzhiM2NlMzQwZDUwYmEyMjQ1ZDcwYzk2M2NhMjMxODRjMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB5K38Aj8whdI863C0nFkTi9yoSf
PgavatYJ+6/nNESUmhWGsu+764sv1r0pY8a2psAPinuAS2wmrx5Qf9etuiJ0QVOt
QQWtrZ1826QQHHcqzh5QQ4Dxrh4dhB2+q/5g/5/cifozhocWke23S/j8j+PJnoqf
uDOcDk2Hzdccqya/tkNrvG90IWWpiMdIxyYrW6aVS3XJOzQKDTj9gcHlBWzA6gUd
y+WGMyQ36ltS2Rw3SL1iLsxaPeRSA3yGt1+YTNMooPCeICRQ1+/XpFYBQ01PPtch
4OoP0pODaO3BkcKVWoMZ2ZwXT483FhgFjEQS23mlPMy35JAprIo1ytvG3wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPXMOLPONA1QuiJF1wyWPKIxhMM8MB8GA1UdIwQY
MBaAFD8/VUuAKB3qKjADGKqtbS2X8c5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHo5VlM0QW9IZW9xTUFNWXFxMXRMWmZ4emtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy83OGQ1MjgtN2NkZi00NGMwLWFjZGQt
ZjUzM2I4ZGY4MGE5LzEvOWN3NHM4NDBEVkM2SWtYWERKWThvakdFd3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy83OGQ1MjgtN2NkZi00NGMwLWFjZGQtZjUzM2I4ZGY4MGE5
LzEvUHo5VlM0QW9IZW9xTUFNWXFxMXRMWmZ4emtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHzwDAN
BgkqhkiG9w0BAQsFAAOCAQEALV5ov8KmbMQ9WeZ5vhynS9dhiWiMdsGZg3q/ewbj
7z/pkajQcvLsQ7Nb86ovB9qYjAmp8N14VdvPPYiR8ZfatZBKXFvlHriQEyswMJPy
WLuThQsndN+zIn4iYPHLR1UaO0Ntd3LVNbmO7hLgXnSPqyccB567e4FvfZH0oZXy
4tcCpKLNH5VQ1rDuBzNQV8BBTpLtrQjfSrFtkh8pLQoxISKA9CnDoVDXOmtsNR/T
mG7h81vrcDL8FCm+WoSSF3JyTd6XbFVqwWV1YS6pLg98jynLiOsvHRFg+yQ1Cpvu
tvQyO30R1y1UB9NfzKmNxCcfOC6XkihF+T643JotLDSZfg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:01:37 2025 by rpki-client