Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jJjiyo6H7543d4iWkw3prPQpwrQ.roa
File: jJjiyo6H7543d4iWkw3prPQpwrQ.roa (raw, json)
Hash identifier: SqNW1ZrwLKNsMaHZ4jZuB7OJ507OzgyUUaOL9NwE8mg=
Subject key identifier: 8C:98:E2:CA:8E:87:EF:9E:37:77:88:96:93:0D:E9:AC:F4:29:C2:B4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192C25F4820352FF9F05624E0AF78E5CCEE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jJjiyo6H7543d4iWkw3prPQpwrQ.roa
Signing time: Fri 25 Oct 2024 06:31:17 +0000
ROA not before: Fri 25 Oct 2024 06:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21738
IP address blocks: 2a0f:e740::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a10:6f00::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a10:7300::/29 maxlen: 29
2a10:7f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 25 Oct 2024 06:32:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:5f:48:20:35:2f:f9:f0:56:24:e0:af:78:e5:cc:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 25 06:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c98e2ca8e87ef9e37778896930de9acf429c2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:96:87:8b:2d:e0:ab:58:4d:24:81:71:58:59:
9c:8a:00:b6:f4:37:0d:aa:e5:1d:90:86:9c:0e:31:
25:45:50:8f:a4:e9:37:f0:26:f4:76:b1:28:4d:cc:
b7:3f:58:96:73:31:39:d9:b0:1f:c8:c0:33:fa:a3:
98:ef:52:d4:33:e1:20:3c:c6:70:f4:df:64:ce:27:
8d:93:e6:d6:8b:a4:f2:f5:8f:9d:a2:01:7c:5b:c1:
2a:74:5e:8c:1a:9e:ce:2e:4a:38:3b:c0:52:5a:26:
7e:89:fa:9d:7a:4d:8a:aa:73:3e:d6:88:e5:b2:38:
3d:88:23:02:82:a7:d6:72:eb:34:0c:5d:94:39:b6:
cf:a6:14:33:74:02:4f:00:65:e1:5e:f6:01:18:99:
02:19:ea:06:d5:4a:03:e7:d1:60:14:fd:c2:76:4b:
9f:3a:0c:7f:88:bf:9c:c7:5b:2e:6d:6f:0d:5d:6b:
08:42:a1:60:5d:77:9c:c0:dc:6f:ea:0e:87:07:f7:
ae:69:16:5b:d1:95:7f:bb:26:dd:99:3a:bf:45:64:
0a:89:bc:20:e6:dc:ed:11:18:f1:0f:7a:83:4c:41:
98:7b:b9:94:bf:23:0b:41:8a:b9:42:a4:80:f0:46:
0f:f0:10:d6:d8:bb:6f:74:bf:f0:db:b7:42:9d:64:
c2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:98:E2:CA:8E:87:EF:9E:37:77:88:96:93:0D:E9:AC:F4:29:C2:B4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jJjiyo6H7543d4iWkw3prPQpwrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:e740::/29
2a10:37c0::/29
2a10:5200::/29
2a10:6900::/29
2a10:6f00::/29
2a10:7100::/29
2a10:7300::/29
2a10:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
94:42:17:c1:fe:bf:f4:65:4c:9f:fe:5d:a8:da:6f:27:20:d2:
1c:ba:b8:25:d7:e9:37:11:9e:de:9a:3f:dc:be:50:2b:d1:60:
37:c7:5d:af:e3:02:08:3c:ae:2f:08:be:07:72:47:ac:ae:fd:
99:1a:b2:15:d2:46:2a:8c:d6:d6:b4:26:56:fb:13:7b:7f:d8:
d3:7a:0f:fb:41:59:d0:72:4e:b8:9a:8a:61:ff:32:25:7d:8c:
77:13:b2:da:17:bb:d5:5d:a8:89:bb:e1:85:23:fb:6a:8b:3e:
70:22:49:fe:86:8c:e5:b2:fb:91:a6:27:d6:b0:d9:7a:2e:59:
12:c3:a5:13:66:b5:2c:48:91:96:e0:8a:b6:1a:25:d3:f5:62:
2f:0e:8b:ea:83:92:68:b4:83:11:4b:83:f4:bd:97:61:5f:3b:
d4:4c:c5:b9:45:7c:0b:4c:70:61:fe:00:3c:5b:48:ea:0b:65:
47:7e:db:9b:fe:1a:6f:17:05:87:35:ab:11:16:cc:ad:12:42:
af:dc:16:5f:ac:fe:09:5a:87:95:6e:4a:00:6d:98:18:f8:0d:
9b:5e:b5:08:f2:b4:17:17:05:8d:69:b8:c1:50:6f:0b:da:47:
3c:63:4b:69:16:98:c0:62:9f:82:b4:6b:ae:f8:02:04:93:05:
6a:3a:4c:c7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZLCX0ggNS/58FYk4K945czuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDI1MDYzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzk4ZTJjYThlODdlZjllMzc3Nzg4OTY5MzBkZTlhY2Y0MjljMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpaHiy3gq1hNJIFxWFmcigC29DcN
quUdkIacDjElRVCPpOk38Cb0drEoTcy3P1iWczE52bAfyMAz+qOY71LUM+EgPMZw
9N9kzieNk+bWi6Ty9Y+dogF8W8EqdF6MGp7OLko4O8BSWiZ+ifqdek2KqnM+1ojl
sjg9iCMCgqfWcus0DF2UObbPphQzdAJPAGXhXvYBGJkCGeoG1UoD59FgFP3Cdkuf
Ogx/iL+cx1subW8NXWsIQqFgXXecwNxv6g6HB/euaRZb0ZV/uybdmTq/RWQKibwg
5tztERjxD3qDTEGYe7mUvyMLQYq5QqSA8EYP8BDW2LtvdL/w27dCnWTCIwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFIyY4sqOh++eN3eIlpMN6az0KcK0MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvakpqaXlvNkg3NTQzZDRpV2t3M3ByUFFwd3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKg/nQAMF
AyoQN8ADBQMqEFIAAwUDKhBpAAMFAyoQbwADBQMqEHEAAwUDKhBzAAMFAyoQfwAw
DQYJKoZIhvcNAQELBQADggEBAJRCF8H+v/RlTJ/+Xajabycg0hy6uCXX6TcRnt6a
P9y+UCvRYDfHXa/jAgg8ri8IvgdyR6yu/ZkashXSRiqM1ta0Jlb7E3t/2NN6D/tB
WdByTriaimH/MiV9jHcTstoXu9VdqIm74YUj+2qLPnAiSf6GjOWy+5GmJ9aw2Xou
WRLDpRNmtSxIkZbgirYaJdP1Yi8Oi+qDkmi0gxFLg/S9l2FfO9RMxblFfAtMcGH+
ADxbSOoLZUd+25v+Gm8XBYc1qxEWzK0SQq/cFl+s/glah5VuSgBtmBj4DZtetQjy
tBcXBY1puMFQbwvaRzxjS2kWmMBin4K0a674AgSTBWo6TMc=
-----END CERTIFICATE-----
Generated at Tue Jun 17 02:46:04 2025 by rpki-client