Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/00TMxqeWbT98FxudG17bquI8zsA.roa
File: 00TMxqeWbT98FxudG17bquI8zsA.roa (raw, json)
Hash identifier: 8qJKWPGaZhLOe71boUSjGp3nmexodprtHM5v6Eylh9w=
Subject key identifier: D3:44:CC:C6:A7:96:6D:3F:7C:17:1B:9D:1B:5E:DB:AA:E2:3C:CE:C0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01921B24CB7382B62DC964A0349F20FD8A66
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/00TMxqeWbT98FxudG17bquI8zsA.roa
Signing time: Sun 22 Sep 2024 19:10:49 +0000
ROA not before: Sun 22 Sep 2024 19:10:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21738
IP address blocks: 2a0e:e980::/29 maxlen: 29
2a0f:140::/29 maxlen: 29
2a0f:d200::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a10:36c0::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Sep 2024 13:36:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1b:24:cb:73:82:b6:2d:c9:64:a0:34:9f:20:fd:8a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 22 19:10:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d344ccc6a7966d3f7c171b9d1b5edbaae23ccec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:17:e9:ce:99:71:08:3a:00:ef:b8:a0:34:b9:
3e:a0:e4:1d:78:8a:b2:e4:3e:5b:4b:cb:56:0c:30:
f0:30:c2:3a:66:4e:36:bb:3b:58:4a:f4:1d:e9:a8:
ae:8f:02:72:2d:16:48:e9:32:82:48:29:a4:24:13:
62:7c:67:37:92:da:22:e2:43:8f:56:37:00:eb:24:
81:9a:66:82:81:e8:b0:be:dd:2d:84:92:5b:33:2b:
0c:38:38:c7:6c:c5:e9:a6:0b:9d:6d:f8:8a:1f:2c:
62:2d:3d:eb:cb:a1:5a:b6:dd:44:93:28:d8:19:6a:
ca:4c:fd:8e:c1:c8:0d:d2:be:ce:a7:bd:0a:71:7f:
c8:ea:b1:22:f3:09:dc:46:ac:46:08:10:85:77:45:
a4:f8:16:d4:fa:f7:81:a6:c1:e7:99:69:00:e8:b4:
dd:3e:c8:a5:b1:5d:53:ea:9d:c1:26:89:62:9a:c2:
15:7e:5a:df:44:1c:30:1e:5e:b1:47:fc:d3:6f:d8:
0e:e0:99:e9:1c:1c:48:80:8b:a2:97:fe:1b:18:d1:
a8:f3:14:e7:0d:53:85:8a:6d:47:9c:15:92:e7:2a:
08:47:d2:d2:e9:1d:03:54:5b:d0:f0:94:3d:50:65:
71:d6:f0:ef:e0:b4:5b:ac:d7:1c:b6:bb:a5:c3:e1:
ae:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:44:CC:C6:A7:96:6D:3F:7C:17:1B:9D:1B:5E:DB:AA:E2:3C:CE:C0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/00TMxqeWbT98FxudG17bquI8zsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e980::/29
2a0f:140::/29
2a0f:d200::/29
2a0f:e740::/29
2a10:36c0::/29
2a10:5200::/29
Signature Algorithm: sha256WithRSAEncryption
05:ae:e6:2e:3a:01:86:11:16:42:21:b7:b5:97:1f:8f:c8:3d:
32:f4:b7:82:a7:81:67:5c:ae:6b:a3:1d:d4:d7:91:75:72:37:
15:2f:ba:3c:cb:41:08:c3:63:51:2e:48:b9:4c:70:5e:78:97:
9f:a8:56:4d:77:36:94:4f:5d:f6:12:71:22:e6:3d:07:28:74:
72:e5:80:cd:9d:99:67:37:ec:64:f7:96:8e:20:11:fd:6e:98:
10:9a:a9:68:a9:e5:54:0c:35:28:be:16:6c:d7:3d:27:e3:60:
ae:73:ac:7c:54:db:6a:ab:7e:e8:4c:33:47:db:ed:4d:03:65:
b4:b8:e0:71:67:7e:80:08:de:85:ad:07:29:e7:5b:c6:87:d8:
79:a5:1c:49:fa:21:eb:82:a7:85:c1:ac:d2:b2:e5:23:92:82:
78:26:ee:c8:f5:5e:78:df:c4:4a:f3:eb:df:c1:77:7c:01:5b:
72:f1:39:37:2a:82:7f:fe:70:89:c0:4d:76:f5:0d:71:b8:10:
15:43:d6:86:5f:3c:29:fe:f8:a1:40:f6:e2:15:29:17:71:ae:
1c:5d:8f:6d:c8:21:15:a0:12:da:d6:86:52:46:7b:dd:4e:76:
63:38:73:37:a3:3f:09:cb:32:a3:6e:63:b6:03:32:1b:27:7f:
4b:74:e0:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZIbJMtzgrYtyWSgNJ8g/YpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTIyMTkxMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQ0Y2NjNmE3OTY2ZDNmN2MxNzFiOWQxYjVlZGJhYWUyM2NjZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhfpzplxCDoA77igNLk+oOQdeIqy
5D5bS8tWDDDwMMI6Zk42uztYSvQd6aiujwJyLRZI6TKCSCmkJBNifGc3ktoi4kOP
VjcA6ySBmmaCgeiwvt0thJJbMysMODjHbMXppgudbfiKHyxiLT3ry6Fatt1EkyjY
GWrKTP2OwcgN0r7Op70KcX/I6rEi8wncRqxGCBCFd0Wk+BbU+veBpsHnmWkA6LTd
PsilsV1T6p3BJolimsIVflrfRBwwHl6xR/zTb9gO4JnpHBxIgIuil/4bGNGo8xTn
DVOFim1HnBWS5yoIR9LS6R0DVFvQ8JQ9UGVx1vDv4LRbrNcctrulw+GuaQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNNEzManlm0/fBcbnRte26riPM7AMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMDBUTXhxZVdiVDk4Rnh1ZEcxN2JxdUk4enNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg7pgAMF
AyoPAUADBQMqD9IAAwUDKg/nQAMFAyoQNsADBQMqEFIAMA0GCSqGSIb3DQEBCwUA
A4IBAQAFruYuOgGGERZCIbe1lx+PyD0y9LeCp4FnXK5rox3U15F1cjcVL7o8y0EI
w2NRLki5THBeeJefqFZNdzaUT132EnEi5j0HKHRy5YDNnZlnN+xk95aOIBH9bpgQ
mqloqeVUDDUovhZs1z0n42Cuc6x8VNtqq37oTDNH2+1NA2W0uOBxZ36ACN6FrQcp
51vGh9h5pRxJ+iHrgqeFwazSsuUjkoJ4Ju7I9V5438RK8+vfwXd8AVty8Tk3KoJ/
/nCJwE129Q1xuBAVQ9aGXzwp/vihQPbiFSkXca4cXY9tyCEVoBLa1oZSRnvdTnZj
OHM3oz8JyzKjbmO2AzIbJ39LdOBG
-----END CERTIFICATE-----
Generated at Sat May 10 19:49:18 2025 by rpki-client