Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c1PXxhpxX_90DKWnrnfoIUgyuqg.roa
File: c1PXxhpxX_90DKWnrnfoIUgyuqg.roa (raw, json)
Hash identifier: xHYcoRRf1W8FIEMq5+VXr7pmLTMhtyo57hsl7CPtu8M=
Subject key identifier: 73:53:D7:C6:1A:71:5F:FF:74:0C:A5:A7:AE:77:E8:21:48:32:BA:A8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F58CC055C7C8621904E87AF6CD6205ECC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c1PXxhpxX_90DKWnrnfoIUgyuqg.roa
Signing time: Wed 08 May 2024 15:21:56 +0000
ROA not before: Wed 08 May 2024 15:21:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0e:15c0:4::/48 maxlen: 48
2a0e:1a84::/32 maxlen: 32
2a0f:7d00:1::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
2a12:d6c0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 17 May 2024 16:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:58:cc:05:5c:7c:86:21:90:4e:87:af:6c:d6:20:5e:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 8 15:21:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7353d7c61a715fff740ca5a7ae77e8214832baa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7c:41:6e:82:fa:7c:d8:f3:1e:9b:e6:10:4f:
49:91:bd:7f:0f:0e:8d:2c:b5:aa:07:c1:9f:b6:1c:
43:54:d8:a4:5f:ca:41:22:52:dd:cd:21:27:24:11:
d8:42:94:10:cb:bb:01:3d:e5:ec:7b:ae:0b:a9:8b:
31:a0:df:c4:e3:e7:0c:21:dd:b1:ed:1c:1c:c3:a0:
e8:71:fc:7a:01:fb:66:c4:2f:ab:9e:a3:38:84:a0:
9a:80:bb:10:61:98:0d:f3:b0:9e:2c:dd:34:e2:6c:
a5:7b:fa:7f:9e:18:0b:cd:48:00:7b:a5:34:00:1f:
f9:d8:98:3b:36:3b:ba:00:08:4f:7d:08:9a:7e:9a:
9a:e3:00:31:b7:76:23:25:e6:2e:39:e7:30:51:ad:
89:46:53:cf:0b:b9:9a:bf:ba:8f:5b:1e:07:b2:4b:
bc:62:8b:91:fd:97:7a:bb:42:00:9c:61:28:53:f3:
cd:3c:72:c7:cf:f9:6f:9e:4d:5a:7a:9a:83:5c:a6:
6a:e6:c2:27:ce:b4:02:b6:be:ca:4f:f9:f4:bb:71:
d9:9e:72:df:cd:6b:40:f2:c1:e4:6f:7f:bf:48:e1:
87:d5:eb:16:ff:55:ff:0e:fe:61:1e:e0:b2:45:e8:
88:32:c4:c8:c9:a4:b6:2b:46:dd:26:a0:96:30:a1:
94:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:53:D7:C6:1A:71:5F:FF:74:0C:A5:A7:AE:77:E8:21:48:32:BA:A8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/c1PXxhpxX_90DKWnrnfoIUgyuqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0e:15c0:4::/48
2a0e:1a84::/32
2a0f:7d00:1::/48
2a0f:e7c6:1000::/48
2a12:d6c0::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
5d:e8:eb:8d:a5:fe:42:b8:a8:c5:58:9f:60:5a:b9:bb:73:44:
fb:89:3c:57:95:13:0b:dd:68:f2:1d:f1:87:96:cd:d1:9b:75:
38:78:19:da:67:3c:c1:ed:d2:d7:bd:a4:24:cc:31:d6:1a:95:
92:1e:bc:35:bc:6a:fe:9a:ad:14:05:db:11:8a:97:95:7f:58:
cf:dc:13:56:73:76:53:ff:0c:15:65:3e:08:95:07:e5:49:e8:
d3:5f:a4:49:47:f9:7e:a9:bc:9d:70:4c:37:a4:9b:b1:93:e9:
e7:78:ac:52:c5:f6:65:38:f0:28:80:e4:da:c3:01:a8:0c:a4:
95:55:6e:c3:2c:26:2c:ea:a7:99:87:b8:49:d0:01:8e:a8:db:
cf:22:e7:e7:b8:14:6f:a2:d8:49:ce:0b:5a:cd:f7:9d:57:6d:
96:7f:c9:ad:d1:99:6a:91:b3:4d:68:35:00:38:c0:63:ea:43:
ac:00:79:29:d9:41:af:c0:58:40:ef:bd:87:f3:94:fc:3c:90:
84:ed:08:d5:ef:c1:3a:33:e6:c3:84:38:89:10:f6:fa:a1:88:
86:da:94:a1:8d:bf:13:21:b7:88:f7:7e:74:df:3f:60:97:26:
26:d2:42:f7:c4:c7:0f:d8:2f:ca:6c:08:58:78:9c:99:3f:0f:
75:a0:70:f9
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY9YzAVcfIYhkE6Hr2zWIF7MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTA4MTUyMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzUzZDdjNjFhNzE1ZmZmNzQwY2E1YTdhZTc3ZTgyMTQ4MzJiYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3xBboL6fNjzHpvmEE9Jkb1/Dw6N
LLWqB8GfthxDVNikX8pBIlLdzSEnJBHYQpQQy7sBPeXse64LqYsxoN/E4+cMId2x
7Rwcw6Docfx6AftmxC+rnqM4hKCagLsQYZgN87CeLN004myle/p/nhgLzUgAe6U0
AB/52Jg7Nju6AAhPfQiafpqa4wAxt3YjJeYuOecwUa2JRlPPC7mav7qPWx4Hsku8
YouR/Zd6u0IAnGEoU/PNPHLHz/lvnk1aepqDXKZq5sInzrQCtr7KT/n0u3HZnnLf
zWtA8sHkb3+/SOGH1esW/1X/Dv5hHuCyReiIMsTIyaS2K0bdJqCWMKGUlwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFHNT18YacV//dAylp6536CFIMrqoMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYzFQWHhocHhYXzkwREtXbnJuZm9JVWd5dXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAAjA3AwUAKgx4hAMH
ACoOFcAABAMFACoOGoQDBwAqD30AAAEDBwAqD+fGEAADBQMqEtbAAwUDKhMrQDAN
BgkqhkiG9w0BAQsFAAOCAQEAXejrjaX+QrioxVifYFq5u3NE+4k8V5UTC91o8h3x
h5bN0Zt1OHgZ2mc8we3S172kJMwx1hqVkh68Nbxq/pqtFAXbEYqXlX9Yz9wTVnN2
U/8MFWU+CJUH5Uno01+kSUf5fqm8nXBMN6SbsZPp53isUsX2ZTjwKIDk2sMBqAyk
lVVuwywmLOqnmYe4SdABjqjbzyLn57gUb6LYSc4LWs33nVdtln/JrdGZapGzTWg1
ADjAY+pDrAB5KdlBr8BYQO+9h/OU/DyQhO0I1e/BOjPmw4Q4iRD2+qGIhtqUoY2/
EyG3iPd+dN8/YJcmJtJC98THD9gvymwIWHicmT8PdaBw+Q==
-----END CERTIFICATE-----
Generated at Mon May 12 19:14:04 2025 by rpki-client