Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D6dXTB57hWc67yH4f2HlBku6Km4.roa
File: D6dXTB57hWc67yH4f2HlBku6Km4.roa (raw, json)
Hash identifier: J+q/6dzJTSigqDk2QekzsqeVkkfcWzYYdFt86sJt6zs=
Subject key identifier: 0F:A7:57:4C:1E:7B:85:67:3A:EF:21:F8:7F:61:E5:06:4B:BA:2A:6E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01905EBB690DBD0CE9C9BF0DB61F4E1376A9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D6dXTB57hWc67yH4f2HlBku6Km4.roa
Signing time: Fri 28 Jun 2024 12:04:18 +0000
ROA not before: Fri 28 Jun 2024 12:04:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47824
IP address blocks: 2a0f:a00::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a13:3380::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 26 Aug 2024 09:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:bb:69:0d:bd:0c:e9:c9:bf:0d:b6:1f:4e:13:76:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 28 12:04:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fa7574c1e7b85673aef21f87f61e5064bba2a6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8e:8d:01:b8:04:4e:1d:66:b5:47:b9:b1:aa:
d7:98:70:67:5e:54:92:43:e3:38:31:ac:16:50:b8:
51:65:bb:f9:8a:b5:4f:09:06:4d:6f:25:4c:31:74:
e3:ca:27:3b:03:f9:6b:0c:2e:3a:1b:b6:95:5d:eb:
72:6b:65:c6:c6:52:55:3a:2c:95:cd:23:1c:28:1f:
e3:0e:65:aa:af:91:26:31:84:ee:7d:a9:ed:e1:ee:
6a:6d:b4:30:ab:ab:f2:be:71:4c:e0:03:a0:60:54:
35:22:16:d7:98:6d:23:b9:a5:2c:3f:62:97:b6:f5:
01:8d:2a:0f:07:ed:b5:91:37:79:04:c7:cd:64:00:
8c:08:d0:ac:39:6a:77:d0:36:b3:19:90:16:eb:6c:
94:54:10:08:17:9d:77:5b:c7:61:16:58:41:d8:a1:
06:c3:70:61:c2:66:f3:29:e4:69:0a:81:01:7b:d2:
df:6f:a6:cc:da:01:94:89:4b:98:24:ca:fa:c9:bb:
56:b5:cc:b8:e4:e0:31:91:ef:95:68:06:ea:3c:29:
5f:9f:77:ae:35:e4:57:44:b9:b2:b0:91:f1:d1:dc:
7c:32:50:4c:98:f5:49:b4:d0:61:14:85:1e:6a:8d:
6e:ea:af:7d:6a:47:a1:b3:6c:13:c7:08:29:d0:6f:
dd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A7:57:4C:1E:7B:85:67:3A:EF:21:F8:7F:61:E5:06:4B:BA:2A:6E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/D6dXTB57hWc67yH4f2HlBku6Km4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:a00::/29
2a0f:dfc0::/29
2a13:3380::/29
Signature Algorithm: sha256WithRSAEncryption
4b:13:fb:ab:89:4d:80:33:e7:c9:1d:2f:48:38:10:fd:41:a7:
8a:d9:e0:ab:21:d8:3e:3c:1b:1a:ac:95:dd:e3:37:fe:05:87:
c9:05:d2:cb:cd:c2:c5:36:0f:20:53:55:b0:aa:16:90:37:e1:
cc:27:64:56:0f:b0:f8:91:a9:60:1e:86:81:75:8a:41:93:32:
46:c9:85:8f:39:9c:92:ef:96:60:15:24:a0:3c:7a:14:01:e3:
77:f4:61:57:be:e7:5a:30:94:45:3c:56:b3:0d:2c:22:90:03:
1c:d3:40:1b:c7:31:a3:da:b6:d7:29:ff:d5:2d:88:b4:33:14:
d2:57:25:1d:5e:18:67:d5:5d:34:64:bf:3a:2b:7c:79:8c:b4:
5b:87:15:48:e4:6d:c1:c3:4a:94:dc:bf:70:7e:b6:59:f5:70:
66:43:01:8c:81:db:d6:71:d7:78:1b:bb:69:fa:d7:2d:30:59:
95:76:08:3b:51:a7:08:d5:82:0c:b6:b4:49:64:7a:80:3c:6b:
db:35:f8:63:3d:6c:6f:02:02:95:7d:2b:44:c8:e8:14:fb:fd:
66:1f:01:1e:de:4c:fd:3c:5d:a8:95:0b:58:fb:83:fb:f6:e9:
8a:40:0f:e1:00:71:f4:e8:e6:7c:cb:32:e5:28:b1:a3:17:6b:
9c:6d:62:da
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBeu2kNvQzpyb8Nth9OE3apMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjI4MTIwNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmE3NTc0YzFlN2I4NTY3M2FlZjIxZjg3ZjYxZTUwNjRiYmEyYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv46NAbgETh1mtUe5sarXmHBnXlSS
Q+M4MawWULhRZbv5irVPCQZNbyVMMXTjyic7A/lrDC46G7aVXetya2XGxlJVOiyV
zSMcKB/jDmWqr5EmMYTufant4e5qbbQwq6vyvnFM4AOgYFQ1IhbXmG0juaUsP2KX
tvUBjSoPB+21kTd5BMfNZACMCNCsOWp30DazGZAW62yUVBAIF513W8dhFlhB2KEG
w3BhwmbzKeRpCoEBe9Lfb6bM2gGUiUuYJMr6ybtWtcy45OAxke+VaAbqPClfn3eu
NeRXRLmysJHx0dx8MlBMmPVJtNBhFIUeao1u6q99akehs2wTxwgp0G/dYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA+nV0wee4VnOu8h+H9h5QZLuipuMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRDZkWFRCNTdoV2M2N3lINGYySGxCa3U2S200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8KAAMF
AyoP38ADBQMqEzOAMA0GCSqGSIb3DQEBCwUAA4IBAQBLE/uriU2AM+fJHS9IOBD9
QaeK2eCrIdg+PBsarJXd4zf+BYfJBdLLzcLFNg8gU1WwqhaQN+HMJ2RWD7D4kalg
HoaBdYpBkzJGyYWPOZyS75ZgFSSgPHoUAeN39GFXvudaMJRFPFazDSwikAMc00Ab
xzGj2rbXKf/VLYi0MxTSVyUdXhhn1V00ZL86K3x5jLRbhxVI5G3Bw0qU3L9wfrZZ
9XBmQwGMgdvWcdd4G7tp+tctMFmVdgg7UacI1YIMtrRJZHqAPGvbNfhjPWxvAgKV
fStEyOgU+/1mHwEe3kz9PF2olQtY+4P79umKQA/hAHH06OZ8yzLlKLGjF2ucbWLa
-----END CERTIFICATE-----
Generated at Sun May 11 15:56:50 2025 by rpki-client