Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0CH9sXv849fUEF04Z-_TdE84UCI.roa
File: 0CH9sXv849fUEF04Z-_TdE84UCI.roa (raw, json)
Hash identifier: N0wpRXRCOyuRwcXhPJX2ZWwJz9hFPvfUi1tFaDq3RBg=
Subject key identifier: D0:21:FD:B1:7B:FC:E3:D7:D4:10:5D:38:67:EF:D3:74:4F:38:50:22
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01937646C74C3018F4687CA35B3B2A1DBD6B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0CH9sXv849fUEF04Z-_TdE84UCI.roa
Signing time: Fri 29 Nov 2024 04:56:10 +0000
ROA not before: Fri 29 Nov 2024 04:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45027
IP address blocks: 2a12:5a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:76:46:c7:4c:30:18:f4:68:7c:a3:5b:3b:2a:1d:bd:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 29 04:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d021fdb17bfce3d7d4105d3867efd3744f385022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6f:91:4e:7e:11:49:7f:21:cc:6f:5e:5a:b6:
78:72:a5:05:b4:56:73:4f:b0:1d:51:0d:b7:4c:92:
2c:77:5f:3c:a4:bd:86:f0:78:5e:8d:78:7b:83:5a:
85:fb:83:ce:6b:16:a9:fe:27:5b:3d:29:50:0c:57:
fe:d1:fd:88:65:af:ec:5b:3a:46:95:58:c0:f9:6c:
61:64:51:f3:19:55:fb:a0:95:dc:ab:6e:3b:c9:b3:
ea:c6:1d:0f:55:f6:c7:ca:43:0c:d1:4c:aa:b8:95:
6b:17:20:b8:9f:40:7a:83:69:f4:d7:07:d1:a8:f3:
bb:e5:da:c7:11:d1:7f:51:88:78:95:84:36:b9:7d:
50:f0:29:ad:8a:65:da:07:85:cd:2e:e7:cb:f6:c3:
44:2f:5a:89:be:14:1b:9a:77:88:90:78:92:b5:f1:
cd:ee:dc:f8:80:b4:10:35:6b:fd:6a:b1:82:ad:6c:
6a:7d:40:27:71:61:91:b2:e4:87:78:d3:32:8e:99:
5b:53:e2:2c:d3:bb:83:1c:26:73:72:e0:9e:de:ce:
08:9f:04:3a:42:6b:14:a0:b3:94:d0:13:c1:5c:a5:
57:97:e6:bb:ea:c1:da:42:8c:fe:a8:e5:cb:35:7a:
70:51:cf:1c:d8:75:3f:e0:3c:15:cf:6c:b4:bd:16:
dd:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:21:FD:B1:7B:FC:E3:D7:D4:10:5D:38:67:EF:D3:74:4F:38:50:22
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/0CH9sXv849fUEF04Z-_TdE84UCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:5a00::/29
Signature Algorithm: sha256WithRSAEncryption
94:bd:82:51:77:3a:3a:bf:19:f2:0f:a1:06:1e:a4:a5:0b:a4:
27:6f:75:43:de:dc:ff:e5:2b:20:cf:50:38:b0:c1:75:1a:8d:
e0:2f:5c:d8:2f:39:c1:29:7a:2f:e2:56:e4:ce:43:00:a3:0c:
13:d8:56:4a:98:83:1b:02:da:da:b9:7e:4b:de:dc:b6:b5:f8:
68:ce:11:b8:75:8e:90:5b:ac:1a:78:02:1f:94:6d:af:88:7e:
4d:7d:f6:ba:a1:db:64:15:91:47:b9:59:ff:20:95:06:6e:2b:
c8:bc:0e:56:f3:89:3d:b2:ce:c0:68:a7:b5:22:be:c8:a6:6d:
0e:2c:9d:f0:37:20:b4:fc:41:f7:60:fd:e9:e1:e3:15:32:3a:
42:41:cf:22:b1:4c:90:b5:44:7f:88:2a:e1:a8:0f:2d:ed:fe:
d9:0b:84:4c:aa:7f:c0:41:07:5d:5a:31:98:1c:65:6a:93:c6:
87:42:7f:d2:34:8f:b4:ea:bf:c5:b8:19:4f:54:43:3e:88:24:
35:0e:e0:69:13:12:ed:06:89:60:4f:22:96:d1:b4:b4:02:59:
c6:59:9a:b2:91:98:4d:9c:bf:38:fd:42:6b:b0:fe:e5:63:2a:
cc:50:b5:df:07:e4:42:b4:d5:7e:24:30:4d:16:24:c1:72:c4:
b7:a8:34:30
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZN2RsdMMBj0aHyjWzsqHb1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMTI5MDQ1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDIxZmRiMTdiZmNlM2Q3ZDQxMDVkMzg2N2VmZDM3NDRmMzg1MDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm+RTn4RSX8hzG9eWrZ4cqUFtFZz
T7AdUQ23TJIsd188pL2G8HhejXh7g1qF+4POaxap/idbPSlQDFf+0f2IZa/sWzpG
lVjA+WxhZFHzGVX7oJXcq247ybPqxh0PVfbHykMM0UyquJVrFyC4n0B6g2n01wfR
qPO75drHEdF/UYh4lYQ2uX1Q8CmtimXaB4XNLufL9sNEL1qJvhQbmneIkHiStfHN
7tz4gLQQNWv9arGCrWxqfUAncWGRsuSHeNMyjplbU+Is07uDHCZzcuCe3s4InwQ6
QmsUoLOU0BPBXKVXl+a76sHaQoz+qOXLNXpwUc8c2HU/4DwVz2y0vRbdnwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNAh/bF7/OPX1BBdOGfv03RPOFAiMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMENIOXNYdjg0OWZVRUYwNFotX1RkRTg0VUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJaADAN
BgkqhkiG9w0BAQsFAAOCAQEAlL2CUXc6Or8Z8g+hBh6kpQukJ291Q97c/+UrIM9Q
OLDBdRqN4C9c2C85wSl6L+JW5M5DAKMME9hWSpiDGwLa2rl+S97ctrX4aM4RuHWO
kFusGngCH5Rtr4h+TX32uqHbZBWRR7lZ/yCVBm4ryLwOVvOJPbLOwGintSK+yKZt
Diyd8DcgtPxB92D96eHjFTI6QkHPIrFMkLVEf4gq4agPLe3+2QuETKp/wEEHXVox
mBxlapPGh0J/0jSPtOq/xbgZT1RDPogkNQ7gaRMS7QaJYE8iltG0tAJZxlmaspGY
TZy/OP1Ca7D+5WMqzFC13wfkQrTVfiQwTRYkwXLEt6g0MA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:03:11 2025 by rpki-client