Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oWqG8uANlV8bNPDk-5wY0V6lS_E.roa
File: oWqG8uANlV8bNPDk-5wY0V6lS_E.roa (raw, json)
Hash identifier: y4nk8Y8XALG0KlAWl6H45tK28kJBiMROli3y5OMgpCk=
Subject key identifier: A1:6A:86:F2:E0:0D:95:5F:1B:34:F0:E4:FB:9C:18:D1:5E:A5:4B:F1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC285A3AEAE25A86BBE6BFD3E39FF2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oWqG8uANlV8bNPDk-5wY0V6lS_E.roa
Signing time: Tue 02 Jan 2024 10:33:20 +0000
ROA not before: Tue 02 Jan 2024 10:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198571
IP address blocks: 2a13:9580::/29 maxlen: 29
2a13:9080::/29 maxlen: 29
2a0c:9240::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
2a13:8200::/29 maxlen: 29
2a13:9280::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Jan 2024 11:15:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:28:5a:3a:ea:e2:5a:86:bb:e6:bf:d3:e3:9f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a16a86f2e00d955f1b34f0e4fb9c18d15ea54bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4e:4c:15:a7:76:0f:75:92:e1:f9:33:e2:e1:
04:55:1b:6d:9d:6e:cc:17:73:86:f3:27:a4:df:db:
1b:c2:76:c2:f0:80:9e:53:28:ca:de:5e:a0:e4:6a:
0a:c8:1a:77:8d:76:91:49:38:27:82:ed:d7:8c:72:
52:26:64:07:cb:10:e8:29:b8:04:3e:64:41:07:13:
b1:f6:07:c1:e9:c5:f0:d6:7a:aa:e7:8b:a5:b0:e8:
0a:6b:af:f6:02:c9:01:65:ce:3c:44:aa:ce:30:79:
9e:8a:c5:1d:93:37:9d:48:4f:44:00:52:e1:a6:e6:
cd:df:3e:10:a9:6d:38:d7:e9:e2:eb:09:03:b3:73:
18:7e:ee:2d:66:98:65:05:5b:87:d7:35:8b:af:c2:
5d:a9:43:4b:02:f0:c1:a3:98:04:80:44:42:a6:1b:
ab:59:8c:c9:11:ab:a0:61:04:e6:54:03:ae:44:76:
60:ea:6b:78:24:99:88:e6:25:fb:0f:2e:78:61:18:
87:c4:1c:24:5a:07:fb:46:c8:59:2b:bf:f7:f2:d0:
71:98:13:40:af:5b:5a:66:07:fc:d5:21:57:60:fa:
43:7a:56:f0:d0:e3:56:26:29:07:a2:61:c6:6a:cc:
5e:4f:42:b2:41:b9:2b:a2:65:d9:09:fd:c3:fe:a7:
ed:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6A:86:F2:E0:0D:95:5F:1B:34:F0:E4:FB:9C:18:D1:5E:A5:4B:F1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/oWqG8uANlV8bNPDk-5wY0V6lS_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9240::/29
2a0f:df40::/29
2a13:8200::/29
2a13:9080::/29
2a13:9280::/29
2a13:9580::/29
Signature Algorithm: sha256WithRSAEncryption
04:38:34:d5:4a:a9:89:3c:a7:4e:72:0a:94:d6:73:7b:be:eb:
b0:4f:e1:53:29:a2:a1:2f:03:71:4d:be:30:ea:d4:68:a1:cd:
d7:e6:af:c8:62:69:83:0d:40:31:f8:bf:1e:f8:e2:47:60:d9:
8e:59:04:1a:7d:d2:22:9f:7c:96:3c:90:12:97:41:98:f2:a0:
93:dc:02:a4:38:0e:f5:44:d8:df:2e:9b:23:55:ff:7d:5b:3d:
43:20:ff:c4:ae:b7:18:59:98:10:98:27:db:0f:09:1f:9f:08:
67:a9:ca:b9:6b:a6:37:d8:a4:80:70:51:70:b6:2d:36:18:14:
12:1e:d8:cb:4e:8f:a2:61:64:40:87:c6:ed:49:92:4d:cb:a3:
44:1d:df:87:3c:6c:e7:09:09:26:3d:c7:36:30:ee:cc:55:4c:
a8:46:0f:62:36:cb:f3:3b:5c:ba:0e:14:e2:5d:ec:2f:7a:64:
8e:b4:d6:7c:36:20:38:51:31:75:8e:d3:45:bb:9b:66:a1:3d:
72:1b:c7:39:27:f0:75:5d:3e:f2:4a:46:bb:35:51:19:0a:f3:
eb:3f:9f:b0:69:82:d8:05:8c:34:ce:d7:09:12:73:86:85:9a:
46:6d:bb:30:16:a9:6a:15:70:76:4a:86:0f:c3:22:5a:ba:7d:
9b:c7:77:42
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzJvChaOuriWoa75r/T45/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZhODZmMmUwMGQ5NTVmMWIzNGYwZTRmYjljMThkMTVlYTU0YmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn05MFad2D3WS4fkz4uEEVRttnW7M
F3OG8yek39sbwnbC8ICeUyjK3l6g5GoKyBp3jXaRSTgngu3XjHJSJmQHyxDoKbgE
PmRBBxOx9gfB6cXw1nqq54ulsOgKa6/2AskBZc48RKrOMHmeisUdkzedSE9EAFLh
pubN3z4QqW041+ni6wkDs3MYfu4tZphlBVuH1zWLr8JdqUNLAvDBo5gEgERCphur
WYzJEaugYQTmVAOuRHZg6mt4JJmI5iX7Dy54YRiHxBwkWgf7RshZK7/38tBxmBNA
r1taZgf81SFXYPpDelbw0ONWJikHomHGasxeT0KyQbkromXZCf3D/qftgwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKFqhvLgDZVfGzTw5PucGNFepUvxMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvb1dxRzh1QU5sVjhiTlBEay01d1kwVjZsU19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgySQAMF
AyoP30ADBQMqE4IAAwUDKhOQgAMFAyoTkoADBQMqE5WAMA0GCSqGSIb3DQEBCwUA
A4IBAQAEODTVSqmJPKdOcgqU1nN7vuuwT+FTKaKhLwNxTb4w6tRooc3X5q/IYmmD
DUAx+L8e+OJHYNmOWQQafdIin3yWPJASl0GY8qCT3AKkOA71RNjfLpsjVf99Wz1D
IP/ErrcYWZgQmCfbDwkfnwhnqcq5a6Y32KSAcFFwti02GBQSHtjLTo+iYWRAh8bt
SZJNy6NEHd+HPGznCQkmPcc2MO7MVUyoRg9iNsvzO1y6DhTiXewvemSOtNZ8NiA4
UTF1jtNFu5tmoT1yG8c5J/B1XT7ySka7NVEZCvPrP5+waYLYBYw0ztcJEnOGhZpG
bbswFqlqFXB2SoYPwyJaun2bx3dC
-----END CERTIFICATE-----
Generated at Tue May 13 05:43:22 2025 by rpki-client