Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aLj7tGtO3ImP7TB9ERi8Xxk1ojw.roa
File: aLj7tGtO3ImP7TB9ERi8Xxk1ojw.roa (raw, json)
Hash identifier: rom4HenN8awFrywYs/NltrXixY1E1OemSMH2jtURd4o=
Subject key identifier: 68:B8:FB:B4:6B:4E:DC:89:8F:ED:30:7D:11:18:BC:5F:19:35:A2:3C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FD28BCA247F624EAAFE7B637287755B82
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aLj7tGtO3ImP7TB9ERi8Xxk1ojw.roa
Signing time: Sat 01 Jun 2024 06:45:27 +0000
ROA not before: Sat 01 Jun 2024 06:45:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0e:15c0:4::/48 maxlen: 48
2a0e:1a84::/32 maxlen: 32
2a0f:2d80:1292::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:e847:1::/48 maxlen: 48
2a12:d6c0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Sat 01 Jun 2024 07:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d2:8b:ca:24:7f:62:4e:aa:fe:7b:63:72:87:75:5b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 1 06:45:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68b8fbb46b4edc898fed307d1118bc5f1935a23c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:37:1c:2f:99:1b:0c:dc:31:e8:98:7c:70:d9:
f4:9f:a9:e2:6c:0b:d7:e1:27:91:b1:69:a7:6c:b8:
e8:37:e2:86:4a:47:ce:f0:46:fd:4d:a3:ec:fb:58:
41:be:4b:b9:b7:40:99:ac:d2:69:8e:82:bb:6c:1a:
91:f4:d5:30:06:78:b4:08:d2:7f:86:e4:87:c6:b9:
5e:96:5e:ec:0f:93:69:a2:ca:c9:14:d8:5b:bf:85:
4d:c6:7c:33:ce:61:c9:33:50:b4:70:dd:d9:9e:67:
87:88:0f:0c:f9:82:7d:cc:c9:4b:b9:0c:2b:71:41:
6d:19:eb:25:fa:8f:ef:6c:40:ec:39:a4:77:ba:22:
18:87:c0:16:82:63:5e:b1:89:3a:0a:cb:46:d9:13:
8b:27:53:ab:6b:e1:b0:a8:1d:06:91:cb:ca:10:b6:
18:e6:a0:a4:dc:ae:62:e8:a0:c3:f1:0c:96:1c:d8:
13:c0:41:86:31:7d:62:15:41:55:71:f0:27:89:1e:
4d:fd:70:a5:02:73:dd:95:71:52:a1:78:be:f4:2e:
19:6c:ae:6b:7a:2d:3b:91:63:ec:4a:b1:ba:36:14:
72:f0:a7:05:a1:dc:b3:71:87:fe:87:7d:d8:cc:64:
0d:b8:e8:ea:e9:b1:2d:b8:48:75:cd:7f:30:e6:44:
45:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B8:FB:B4:6B:4E:DC:89:8F:ED:30:7D:11:18:BC:5F:19:35:A2:3C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/aLj7tGtO3ImP7TB9ERi8Xxk1ojw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0e:15c0:4::/48
2a0e:1a84::/32
2a0f:2d80:1292::/48
2a0f:7d00:1::/48
2a0f:e847:1::/48
2a12:d6c0::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
b6:2e:3b:e4:1e:4f:29:27:f1:e0:3b:c5:f4:b9:89:90:73:7c:
a4:83:ac:a9:88:5d:99:61:7e:50:79:e8:6d:72:9d:2d:4f:82:
d1:fa:2c:6e:89:f4:2b:70:9e:ce:cd:2c:0b:aa:ed:c8:88:d8:
d6:99:7e:5a:2b:8d:3e:df:13:f5:ba:e3:af:e8:8a:14:ee:e8:
e3:2a:e1:90:9d:ff:01:21:5b:5d:27:90:5c:87:b3:8e:cd:c9:
46:1c:16:e2:43:d1:bd:11:15:d7:45:38:fa:bd:06:29:2b:73:
45:72:a7:ea:0e:04:39:60:55:e9:16:2b:37:ec:47:5a:46:24:
b6:4e:72:cd:55:b9:f1:d7:b4:40:32:27:77:88:b7:2d:45:09:
8d:bd:a1:53:fa:0a:d0:72:29:75:d2:5f:bc:00:08:42:9a:68:
71:4a:62:02:62:9f:fe:8c:98:71:10:0c:0d:a8:6b:f9:2f:f5:
e0:57:ca:ea:7d:8a:fe:ca:cb:1f:c2:cf:71:50:31:d5:a9:2f:
59:90:68:f9:17:20:bc:94:06:80:95:20:1c:55:a5:f6:51:90:
39:03:90:84:a4:2c:20:d3:4b:98:9e:11:fd:6d:6a:c6:40:3e:
ae:5d:54:16:f9:12:a0:71:fa:07:16:18:0c:05:c1:46:7f:73:
b7:20:17:de
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY/Si8okf2JOqv57Y3KHdVuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjAxMDY0NTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGI4ZmJiNDZiNGVkYzg5OGZlZDMwN2QxMTE4YmM1ZjE5MzVhMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTccL5kbDNwx6Jh8cNn0n6nibAvX
4SeRsWmnbLjoN+KGSkfO8Eb9TaPs+1hBvku5t0CZrNJpjoK7bBqR9NUwBni0CNJ/
huSHxrlell7sD5NposrJFNhbv4VNxnwzzmHJM1C0cN3ZnmeHiA8M+YJ9zMlLuQwr
cUFtGesl+o/vbEDsOaR3uiIYh8AWgmNesYk6CstG2ROLJ1Ora+GwqB0GkcvKELYY
5qCk3K5i6KDD8QyWHNgTwEGGMX1iFUFVcfAniR5N/XClAnPdlXFSoXi+9C4ZbK5r
ei07kWPsSrG6NhRy8KcFodyzcYf+h33YzGQNuOjq6bEtuEh1zX8w5kRFowIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFGi4+7RrTtyJj+0wfREYvF8ZNaI8MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYUxqN3RHdE8zSW1QN1RCOUVSaThYeGsxb2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAAjBAAwUAKgx4hAMH
ACoOFcAABAMFACoOGoQDBwAqDy2AEpIDBwAqD30AAAEDBwAqD+hHAAEDBQMqEtbA
AwUDKhMrQDANBgkqhkiG9w0BAQsFAAOCAQEAti475B5PKSfx4DvF9LmJkHN8pIOs
qYhdmWF+UHnobXKdLU+C0fosbon0K3Cezs0sC6rtyIjY1pl+WiuNPt8T9brjr+iK
FO7o4yrhkJ3/ASFbXSeQXIezjs3JRhwW4kPRvREV10U4+r0GKStzRXKn6g4EOWBV
6RYrN+xHWkYktk5yzVW58de0QDInd4i3LUUJjb2hU/oK0HIpddJfvAAIQppocUpi
AmKf/oyYcRAMDahr+S/14FfK6n2K/srLH8LPcVAx1akvWZBo+RcgvJQGgJUgHFWl
9lGQOQOQhKQsINNLmJ4R/W1qxkA+rl1UFvkSoHH6BxYYDAXBRn9ztyAX3g==
-----END CERTIFICATE-----
Generated at Tue May 13 12:32:15 2025 by rpki-client