Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BuqhdED15GgEoRXS7egqg-UJQHs.roa
File: BuqhdED15GgEoRXS7egqg-UJQHs.roa (raw, json)
Hash identifier: kJa5RlrW3rXxuYBbQk88f24AxJd7Q4+8CvIaBaO1Sgc=
Subject key identifier: 06:EA:A1:74:40:F5:E4:68:04:A1:15:D2:ED:E8:2A:83:E5:09:40:7B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193D8F5005746885F194D187FD68049D1A5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BuqhdED15GgEoRXS7egqg-UJQHs.roa
Signing time: Wed 18 Dec 2024 08:49:15 +0000
ROA not before: Wed 18 Dec 2024 08:49:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53667
IP address blocks: 2a0f:1840::/29 maxlen: 29
2a0f:7d07::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d8:f5:00:57:46:88:5f:19:4d:18:7f:d6:80:49:d1:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 18 08:49:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06eaa17440f5e46804a115d2ede82a83e509407b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f6:95:80:08:d5:83:ef:53:78:14:4f:01:a6:
31:de:36:a7:cd:d9:5e:1a:4b:31:04:5e:18:60:26:
a4:3a:2a:53:d4:28:c2:a8:55:f0:5a:a9:22:65:1b:
54:c2:ef:5c:51:1d:7f:8e:9f:e3:eb:b9:7c:10:fb:
fa:ad:81:c5:ea:5f:67:f4:c8:5c:fe:af:9e:88:53:
db:03:6c:74:23:1d:3f:ba:77:18:ae:dd:0e:d0:97:
d2:fa:fa:a2:6a:fb:2b:4b:d4:3d:db:ae:c9:2b:30:
11:6d:97:f3:e3:d5:ab:12:43:09:b6:68:3e:c2:29:
c6:6d:f8:9e:50:f1:1e:71:aa:13:1c:7d:80:4c:6d:
7a:25:29:e8:ac:a1:0e:3a:ab:a6:71:30:04:29:7d:
1f:a0:eb:41:c8:bd:81:c8:f9:2d:c6:f7:bd:80:65:
1d:a7:45:cd:ea:10:38:f2:33:74:36:82:09:9d:b1:
ea:d7:7c:a5:ae:9b:49:64:b9:d6:46:33:2f:d2:cd:
a9:76:ed:52:aa:b4:07:ca:78:1b:17:d4:16:bb:aa:
f5:58:c7:62:f6:14:e0:90:b6:32:63:6f:68:3b:9f:
ec:07:83:b7:d8:8d:3d:ff:48:ff:03:45:27:bd:ad:
44:da:d2:af:1a:4d:ef:4f:1b:e6:d9:a5:4b:ae:61:
76:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EA:A1:74:40:F5:E4:68:04:A1:15:D2:ED:E8:2A:83:E5:09:40:7B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/BuqhdED15GgEoRXS7egqg-UJQHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1840::/29
2a0f:7d07::/32
Signature Algorithm: sha256WithRSAEncryption
90:46:cc:c3:22:4f:79:ca:b9:cb:12:ca:46:35:98:a4:2d:a2:
46:b0:26:03:03:93:15:c1:91:40:50:5f:88:76:0e:5f:39:45:
1e:8a:00:f4:b8:d3:65:97:f0:1e:c2:d1:86:51:a6:8a:94:0a:
72:3b:a6:46:17:63:8b:db:c2:bc:0e:68:0c:66:cc:1b:f0:40:
bb:c1:53:df:ac:23:fb:25:8b:75:3b:aa:b4:c3:93:bf:f4:13:
58:f6:5b:f6:6a:b9:c4:26:9d:1d:26:9e:d1:43:cc:e0:9c:e9:
85:7a:05:23:9e:10:21:e8:10:d7:88:52:1f:ad:02:b0:0c:93:
11:fd:ca:79:03:73:93:5b:40:dd:b9:c5:9d:6d:a9:98:f0:ef:
ab:e9:dc:e9:b8:df:71:0a:4a:ed:25:25:95:0d:05:ac:7d:9a:
f4:0c:53:a2:0b:4a:07:30:4f:3c:a6:d0:a3:8c:41:58:4e:92:
2c:d5:b8:de:88:cf:94:11:ab:d5:1d:52:ee:64:09:7a:d6:0d:
e2:0b:ba:df:ae:b2:b5:2c:1c:79:d7:fc:6b:41:44:8d:c2:8d:
95:ff:45:16:b0:f4:9b:61:3d:41:ba:80:2f:fb:1f:bb:25:b1:
08:82:a4:67:90:bd:7c:fb:67:f8:aa:21:94:fa:3c:80:14:26:
2a:68:ad:2d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZPY9QBXRohfGU0Yf9aASdGlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjE4MDg0OTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmVhYTE3NDQwZjVlNDY4MDRhMTE1ZDJlZGU4MmE4M2U1MDk0MDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/aVgAjVg+9TeBRPAaYx3janzdle
GksxBF4YYCakOipT1CjCqFXwWqkiZRtUwu9cUR1/jp/j67l8EPv6rYHF6l9n9Mhc
/q+eiFPbA2x0Ix0/uncYrt0O0JfS+vqiavsrS9Q9267JKzARbZfz49WrEkMJtmg+
winGbfieUPEecaoTHH2ATG16JSnorKEOOqumcTAEKX0foOtByL2ByPktxve9gGUd
p0XN6hA48jN0NoIJnbHq13ylrptJZLnWRjMv0s2pdu1SqrQHyngbF9QWu6r1WMdi
9hTgkLYyY29oO5/sB4O32I09/0j/A0Unva1E2tKvGk3vTxvm2aVLrmF22wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAbqoXRA9eRoBKEV0u3oKoPlCUB7MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQnVxaGRFRDE1R2dFb1JYUzdlZ3FnLVVKUUhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg8YQAMF
ACoPfQcwDQYJKoZIhvcNAQELBQADggEBAJBGzMMiT3nKucsSykY1mKQtokawJgMD
kxXBkUBQX4h2Dl85RR6KAPS402WX8B7C0YZRpoqUCnI7pkYXY4vbwrwOaAxmzBvw
QLvBU9+sI/sli3U7qrTDk7/0E1j2W/ZqucQmnR0mntFDzOCc6YV6BSOeECHoENeI
Uh+tArAMkxH9ynkDc5NbQN25xZ1tqZjw76vp3Om433EKSu0lJZUNBax9mvQMU6IL
SgcwTzym0KOMQVhOkizVuN6Iz5QRq9UdUu5kCXrWDeILut+usrUsHHnX/GtBRI3C
jZX/RRaw9JthPUG6gC/7H7slsQiCpGeQvXz7Z/iqIZT6PIAUJiporS0=
-----END CERTIFICATE-----
Generated at Tue May 13 22:55:16 2025 by rpki-client