Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ACqw7QhkhL8CaXJFm5vB6IaksWE.roa
File: ACqw7QhkhL8CaXJFm5vB6IaksWE.roa (raw, json)
Hash identifier: MX9BeX7hl1IaVV0m8U+tFyLOacszSMbK+Unm9dTXJf4=
Subject key identifier: 00:2A:B0:ED:08:64:84:BF:02:69:72:45:9B:9B:C1:E8:86:A4:B1:61
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0192664630143A18A0F65BA9E2E8310AC901
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ACqw7QhkhL8CaXJFm5vB6IaksWE.roa
Signing time: Mon 07 Oct 2024 09:18:48 +0000
ROA not before: Mon 07 Oct 2024 09:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 2a04:9a00:1480::/48 maxlen: 48
2a04:9a00:148c::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 07 Oct 2024 09:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:46:30:14:3a:18:a0:f6:5b:a9:e2:e8:31:0a:c9:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Oct 7 09:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=002ab0ed086484bf026972459b9bc1e886a4b161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:e8:32:ff:25:05:c8:bc:9f:8b:e1:59:1f:
ea:a6:cd:27:b9:cc:62:88:69:bf:4c:fb:37:91:60:
2b:2f:0a:f1:dd:84:6f:24:30:8a:33:16:7e:f1:2c:
54:23:8e:ad:79:df:37:ff:ba:a0:10:0a:ed:ce:4c:
94:bb:ee:b2:e2:58:08:77:50:a6:e9:9e:c5:89:a2:
4e:d4:96:1d:ca:bd:a2:9c:83:9a:88:b4:a9:50:64:
a2:6b:5f:37:47:41:e3:9f:4a:bd:1c:06:3a:b2:05:
21:ab:68:1e:cd:e7:5c:3e:d6:40:18:d9:d8:e6:8e:
23:55:0b:ab:27:91:0f:48:eb:29:8b:a6:5f:f6:4e:
05:a7:f9:4c:ee:22:6b:4d:24:4f:11:da:d6:52:52:
77:4f:21:8d:df:26:4c:67:e2:d3:25:57:4b:e9:a3:
8b:a3:4e:af:36:a8:e3:90:dc:2a:41:59:b9:24:21:
65:67:29:39:d4:03:a8:40:ca:c3:d5:34:e5:2f:42:
0c:19:36:cd:1d:83:f6:1c:d3:54:0d:ab:d9:9a:5e:
a2:fa:2b:0e:76:b3:e9:37:ef:56:0c:ee:7e:90:29:
5c:34:10:cd:d3:a5:79:75:7d:42:f6:a6:ea:ed:70:
71:8d:96:76:f0:0c:b1:0d:7a:81:e8:6f:0b:be:cb:
6f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:2A:B0:ED:08:64:84:BF:02:69:72:45:9B:9B:C1:E8:86:A4:B1:61
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/ACqw7QhkhL8CaXJFm5vB6IaksWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a00:1480::/48
2a04:9a00:148c::/48
Signature Algorithm: sha256WithRSAEncryption
53:8a:7b:07:5e:d0:3c:59:36:9b:09:f4:70:d0:ef:47:95:52:
16:3b:a0:7e:4b:23:5d:f3:be:b4:e1:3e:8e:6d:02:83:e9:3b:
02:d2:64:b8:5c:81:1f:4a:c4:7f:bf:f1:e9:fe:6d:3a:a0:e6:
0f:e8:dd:8f:41:43:25:8b:bc:de:88:29:8b:2e:4b:9c:80:46:
7d:2d:d7:c9:87:c7:79:db:25:8a:ac:9f:9f:e3:fb:dd:c7:41:
d0:d9:f4:51:9c:b3:52:fa:34:34:6f:ab:ae:ef:83:3f:d0:7e:
ed:06:a7:d0:eb:68:10:de:cf:0a:4b:2c:8d:ba:59:a6:23:59:
2a:9a:57:37:04:9f:86:bb:01:fd:97:7d:0b:a1:95:1a:32:d8:
fd:4c:a9:41:7b:5f:75:50:e2:5f:06:48:34:c4:8c:e8:9d:05:
b8:21:76:a4:96:d4:c7:f5:81:48:0d:27:ef:e0:82:48:98:79:
99:0f:77:72:4a:26:11:3b:73:03:7f:1a:58:90:d5:51:3e:de:
17:bb:63:f0:85:f4:13:1a:31:26:dc:29:d7:81:51:56:a5:4a:
7f:14:f5:ac:32:90:3a:23:77:7c:a4:9a:1d:a4:07:28:11:57:
ce:f6:4a:5c:80:57:4b:c4:9a:3f:ec:aa:fd:af:64:45:94:91:
06:53:2b:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJmRjAUOhig9lup4ugxCskBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjQxMDA3MDkxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDJhYjBlZDA4NjQ4NGJmMDI2OTcyNDU5YjliYzFlODg2YTRiMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDHoMv8lBci8n4vhWR/qps0nucxi
iGm/TPs3kWArLwrx3YRvJDCKMxZ+8SxUI46ted83/7qgEArtzkyUu+6y4lgId1Cm
6Z7FiaJO1JYdyr2inIOaiLSpUGSia183R0Hjn0q9HAY6sgUhq2gezedcPtZAGNnY
5o4jVQurJ5EPSOspi6Zf9k4Fp/lM7iJrTSRPEdrWUlJ3TyGN3yZMZ+LTJVdL6aOL
o06vNqjjkNwqQVm5JCFlZyk51AOoQMrD1TTlL0IMGTbNHYP2HNNUDavZml6i+isO
drPpN+9WDO5+kClcNBDN06V5dX1C9qbq7XBxjZZ28AyxDXqB6G8LvstvSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAAqsO0IZIS/AmlyRZubweiGpLFhMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvQUNxdzdRaGtoTDhDYVhKRm01dkI2SWFrc1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgSaABSA
AwcAKgSaABSMMA0GCSqGSIb3DQEBCwUAA4IBAQBTinsHXtA8WTabCfRw0O9HlVIW
O6B+SyNd87604T6ObQKD6TsC0mS4XIEfSsR/v/Hp/m06oOYP6N2PQUMli7zeiCmL
LkucgEZ9LdfJh8d52yWKrJ+f4/vdx0HQ2fRRnLNS+jQ0b6uu74M/0H7tBqfQ62gQ
3s8KSyyNulmmI1kqmlc3BJ+GuwH9l30LoZUaMtj9TKlBe191UOJfBkg0xIzonQW4
IXakltTH9YFIDSfv4IJImHmZD3dySiYRO3MDfxpYkNVRPt4Xu2PwhfQTGjEm3CnX
gVFWpUp/FPWsMpA6I3d8pJodpAcoEVfO9kpcgFdLxJo/7Kr9r2RFlJEGUyvk
-----END CERTIFICATE-----
Generated at Wed May 14 15:55:13 2025 by rpki-client