Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oO2yhhF99941BMzO55k0w7uZVHM.roa
File: oO2yhhF99941BMzO55k0w7uZVHM.roa (raw, json)
Hash identifier: jJqaeCIKeRb8yZfAYGuPOZSuMr8HRFkw7u3eYLfwhQY=
Subject key identifier: A0:ED:B2:86:11:7D:F7:DE:35:04:CC:CE:E7:99:34:C3:BB:99:54:73
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC2B75F692CACDF1F64669D4A7D62D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oO2yhhF99941BMzO55k0w7uZVHM.roa
Signing time: Tue 02 Jan 2024 10:33:21 +0000
ROA not before: Tue 02 Jan 2024 10:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395839
IP address blocks: 2a0f:3940::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 09 Jan 2024 07:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:2b:75:f6:92:ca:cd:f1:f6:46:69:d4:a7:d6:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0edb286117df7de3504cccee79934c3bb995473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e6:16:8b:33:62:85:62:66:10:8f:54:20:c8:
5c:98:a4:a5:59:7a:d7:2b:29:0a:7e:b0:ce:b3:87:
92:8e:d7:a1:ff:80:39:ba:48:be:f8:95:58:05:97:
38:b6:00:82:78:50:c6:9e:a0:9d:57:e5:b0:b4:3b:
9f:18:2d:3b:1b:53:5c:3f:6a:dc:df:06:80:4c:4e:
3e:c4:5d:bb:0d:3b:bd:f9:07:89:c6:d9:04:a9:21:
da:89:41:cc:88:32:2d:b9:b5:e8:8e:ef:ef:bc:82:
e1:e3:e3:16:97:54:b2:34:40:ab:3e:d0:bc:e9:e0:
ac:80:d1:be:b6:3d:b6:f5:de:2b:44:bb:72:e2:95:
17:eb:ba:66:cd:61:39:8a:a8:69:00:ea:53:72:5b:
60:1a:0f:d4:cc:0e:69:28:ef:a8:22:c0:8a:d0:5e:
53:6a:e5:d0:1e:5d:7a:47:33:f1:2d:eb:90:49:47:
01:79:8c:04:88:8a:29:8d:fc:12:08:5f:8b:17:ec:
7f:63:5d:26:7a:f1:fd:e5:2d:fc:24:08:9e:aa:ed:
54:ac:37:15:a0:57:be:bf:09:60:e5:41:55:14:15:
f5:02:85:0d:ee:9a:70:83:83:5c:5d:e7:85:59:8e:
9a:f3:ba:43:96:8c:f1:d3:bd:5a:59:10:ae:a8:cb:
af:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:ED:B2:86:11:7D:F7:DE:35:04:CC:CE:E7:99:34:C3:BB:99:54:73
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oO2yhhF99941BMzO55k0w7uZVHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:3940::/29
2a0f:39c0::/29
2a11:4e80::/29
2a12:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:04:ee:ab:a0:bd:07:43:25:71:15:f0:64:97:ac:82:02:23:
86:db:53:97:c2:80:9d:ea:9e:46:ea:99:d0:c5:be:e1:37:63:
93:ba:ad:76:60:ee:76:f4:02:dd:42:2e:1f:82:7e:2a:c8:65:
38:9f:f4:4f:89:5f:9a:2a:34:6f:2a:1a:65:a6:48:f4:80:3e:
09:aa:71:8a:71:ac:c6:b6:2c:45:33:a0:a8:01:df:69:4e:7a:
b5:74:94:bc:7b:53:80:2d:97:b7:2f:50:16:80:a5:bd:1d:c3:
6d:98:82:5b:bc:41:aa:3c:4d:db:c0:b6:4a:18:25:1c:19:f5:
bd:94:7a:b8:e7:58:4d:f0:ae:52:e9:48:90:3d:42:7a:e7:d7:
34:85:e6:4b:b7:75:7b:0c:5c:62:24:d2:82:45:f0:58:26:82:
0d:d8:d8:ce:72:78:f7:48:d2:6f:04:29:be:5c:54:06:0e:00:
7b:d4:0b:55:04:05:10:3f:d0:23:71:af:59:75:e8:da:22:02:
0f:04:b8:dd:ee:b5:3c:44:de:a1:43:01:3c:f9:5b:50:d1:f1:
52:0b:01:70:49:ba:55:70:d2:ec:5f:2b:e9:48:bb:78:7b:16:
0e:4a:40:97:40:c2:4d:4b:e7:6c:ac:69:30:8e:47:4f:05:2d:
eb:6b:8c:b0
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzJvCt19pLKzfH2RmnUp9YtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGVkYjI4NjExN2RmN2RlMzUwNGNjY2VlNzk5MzRjM2JiOTk1NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieYWizNihWJmEI9UIMhcmKSlWXrX
KykKfrDOs4eSjteh/4A5uki++JVYBZc4tgCCeFDGnqCdV+WwtDufGC07G1NcP2rc
3waATE4+xF27DTu9+QeJxtkEqSHaiUHMiDItubXoju/vvILh4+MWl1SyNECrPtC8
6eCsgNG+tj229d4rRLty4pUX67pmzWE5iqhpAOpTcltgGg/UzA5pKO+oIsCK0F5T
auXQHl16RzPxLeuQSUcBeYwEiIopjfwSCF+LF+x/Y10mevH95S38JAiequ1UrDcV
oFe+vwlg5UFVFBX1AoUN7ppwg4NcXeeFWY6a87pDlozx071aWRCuqMuv4QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFKDtsoYRfffeNQTMzueZNMO7mVRzMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb08yeWhoRjk5OTQxQk16TzU1azB3N3VaVkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg85QAMF
AyoPOcADBQMqEU6AAwUDKhLVwDANBgkqhkiG9w0BAQsFAAOCAQEAjwTuq6C9B0Ml
cRXwZJesggIjhttTl8KAneqeRuqZ0MW+4Tdjk7qtdmDudvQC3UIuH4J+KshlOJ/0
T4lfmio0byoaZaZI9IA+CapxinGsxrYsRTOgqAHfaU56tXSUvHtTgC2Xty9QFoCl
vR3DbZiCW7xBqjxN28C2ShglHBn1vZR6uOdYTfCuUulIkD1CeufXNIXmS7d1ewxc
YiTSgkXwWCaCDdjYznJ490jSbwQpvlxUBg4Ae9QLVQQFED/QI3GvWXXo2iICDwS4
3e61PETeoUMBPPlbUNHxUgsBcEm6VXDS7F8r6Ui7eHsWDkpAl0DCTUvnbKxpMI5H
TwUt62uMsA==
-----END CERTIFICATE-----
Generated at Tue May 13 11:50:12 2025 by rpki-client