Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/cMwCi4y400Nczgy0qTT38vBxDnY.roa
File: cMwCi4y400Nczgy0qTT38vBxDnY.roa (raw, json)
Hash identifier: 0JcpqTnONJRgeyWMKjUsTeX2OF+ytaJw7OW9qabcLvw=
Subject key identifier: 70:CC:02:8B:8C:B8:D3:43:5C:CE:0C:B4:A9:34:F7:F2:F0:71:0E:76
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0194ACCC215576AF6CE5DFB537863AF9E83E
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/cMwCi4y400Nczgy0qTT38vBxDnY.roa
Signing time: Tue 28 Jan 2025 12:04:06 +0000
ROA not before: Tue 28 Jan 2025 12:04:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213520
IP address blocks: 2a0d:d940:100::/40 maxlen: 40
2a0d:d940:9002::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Jan 2025 08:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:cc:21:55:76:af:6c:e5:df:b5:37:86:3a:f9:e8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jan 28 12:04:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70cc028b8cb8d3435cce0cb4a934f7f2f0710e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:97:6d:ac:2a:e6:7e:f2:c5:6d:0a:1c:b6:e3:
06:ef:07:a9:36:05:dc:b3:9b:60:b6:7b:f3:f9:90:
d9:7c:78:cb:d9:2b:e0:75:85:8d:35:c3:19:b1:ac:
3e:b1:dd:be:a0:77:ce:27:24:41:21:77:30:e7:dd:
11:9b:47:4d:ae:46:4c:b3:2f:c9:cf:90:2b:bc:7c:
81:7a:0c:19:a6:03:85:b8:5f:a1:09:b0:50:14:4c:
8f:96:46:9b:e3:c8:46:c9:4b:26:e7:7b:bf:f4:bb:
b2:da:55:b4:29:e9:35:0b:ff:68:1b:31:05:6a:89:
34:22:81:1c:16:03:12:f8:03:6f:6e:6f:93:db:dc:
44:25:54:64:f8:3b:ff:e9:5e:d4:af:0e:e6:27:25:
ae:7d:7b:8a:ba:a4:3f:d2:5d:3d:84:74:ee:88:02:
94:3d:d2:c1:59:83:e2:c4:d8:65:0f:68:22:b3:d7:
8b:a7:f0:29:d3:a2:b7:ec:8d:71:8c:0f:b5:09:49:
87:f8:26:de:bf:66:61:0d:38:10:45:d4:3b:5e:96:
60:ed:92:f3:36:79:99:d7:f1:00:4a:97:b1:bc:96:
0d:b5:b9:1b:22:f5:bd:5e:9c:5b:6f:6d:dc:4e:52:
4f:72:28:37:6b:e8:5c:19:14:bb:af:d2:b4:a0:27:
60:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CC:02:8B:8C:B8:D3:43:5C:CE:0C:B4:A9:34:F7:F2:F0:71:0E:76
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/cMwCi4y400Nczgy0qTT38vBxDnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:100::/40
2a0d:d940:9002::/48
Signature Algorithm: sha256WithRSAEncryption
e1:9b:56:61:7d:ba:2c:b5:a6:36:9e:d3:d1:7f:92:a8:91:da:
cd:10:7d:9d:68:80:84:6c:41:11:09:6d:83:a9:01:b8:de:40:
d3:37:00:44:7b:c6:5c:2f:fd:c3:72:ad:9b:f4:3e:6a:ce:29:
4f:b5:1d:86:c4:dd:58:26:fa:e6:d5:d3:cb:81:c8:41:ea:84:
bc:38:25:ec:7b:8c:91:a5:b0:0b:12:9f:1c:c0:1a:ed:37:02:
d9:a8:4e:b5:56:56:82:07:63:a8:68:a8:05:14:4c:8f:1e:f8:
92:76:94:c7:f3:9f:1b:9b:f5:d6:d2:39:02:d2:45:99:49:04:
f2:c4:16:ac:2f:e8:03:3b:f7:93:4a:1f:ec:f2:f9:90:05:d9:
b1:07:7c:be:d7:a3:ff:d0:90:cc:3c:eb:c7:a1:f1:3d:24:51:
58:f4:24:4b:03:ff:02:ae:ab:f1:c9:de:1d:79:c9:89:31:55:
94:3a:e9:d5:f9:9b:c1:a3:56:41:8c:e1:cf:3b:4b:d4:60:5c:
7c:02:b4:32:d8:da:9d:69:64:6e:bc:c9:36:94:a7:59:8a:dc:
da:a0:b1:88:75:55:42:70:be:cc:50:f0:b1:7f:46:52:a4:95:
b1:9e:dc:37:4c:0c:b0:a0:1f:f0:d1:94:8c:09:c0:7a:34:c7:
5e:8f:bb:bc
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZSszCFVdq9s5d+1N4Y6+eg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwMTI4MTIwNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNjMDI4YjhjYjhkMzQzNWNjZTBjYjRhOTM0ZjdmMmYwNzEwZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5dtrCrmfvLFbQoctuMG7wepNgXc
s5tgtnvz+ZDZfHjL2SvgdYWNNcMZsaw+sd2+oHfOJyRBIXcw590Rm0dNrkZMsy/J
z5ArvHyBegwZpgOFuF+hCbBQFEyPlkab48hGyUsm53u/9Luy2lW0Kek1C/9oGzEF
aok0IoEcFgMS+ANvbm+T29xEJVRk+Dv/6V7Urw7mJyWufXuKuqQ/0l09hHTuiAKU
PdLBWYPixNhlD2gis9eLp/Ap06K37I1xjA+1CUmH+Cbev2ZhDTgQRdQ7XpZg7ZLz
NnmZ1/EASpexvJYNtbkbIvW9Xpxbb23cTlJPcig3a+hcGRS7r9K0oCdgfwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFHDMAouMuNNDXM4MtKk09/LwcQ52MB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvY013Q2k0eTQwME5jemd5MHFUVDM4dkJ4RG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKg3ZQAED
BwAqDdlAkAIwDQYJKoZIhvcNAQELBQADggEBAOGbVmF9uiy1pjae09F/kqiR2s0Q
fZ1ogIRsQREJbYOpAbjeQNM3AER7xlwv/cNyrZv0PmrOKU+1HYbE3Vgm+ubV08uB
yEHqhLw4Jex7jJGlsAsSnxzAGu03AtmoTrVWVoIHY6hoqAUUTI8e+JJ2lMfznxub
9dbSOQLSRZlJBPLEFqwv6AM795NKH+zy+ZAF2bEHfL7Xo//QkMw868eh8T0kUVj0
JEsD/wKuq/HJ3h15yYkxVZQ66dX5m8GjVkGM4c87S9RgXHwCtDLY2p1pZG68yTaU
p1mK3NqgsYh1VUJwvsxQ8LF/RlKklbGe3DdMDLCgH/DRlIwJwHo0x16Pu7w=
-----END CERTIFICATE-----
Generated at Thu May 15 23:37:15 2025 by rpki-client