Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/z7e6fnet5gfTvx7FDR6XIReJtw8.roa
File: z7e6fnet5gfTvx7FDR6XIReJtw8.roa (raw, json)
Hash identifier: 94NbmLSG7YWKKEqHhsbbW+IStrA1F4H9HOw3SLxceSI=
Subject key identifier: CF:B7:BA:7E:77:AD:E6:07:D3:BF:1E:C5:0D:1E:97:21:17:89:B7:0F
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 01930193289360F3565BB54132C80D7B762A
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/z7e6fnet5gfTvx7FDR6XIReJtw8.roa
Signing time: Wed 06 Nov 2024 13:04:01 +0000
ROA not before: Wed 06 Nov 2024 13:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
2a05:b100:1000::/46 maxlen: 46
2a05:b100:1004::/46 maxlen: 46
2a05:b100:1008::/46 maxlen: 46
2a05:b100:100c::/46 maxlen: 46
2a05:b100:1010::/46 maxlen: 46
2a05:b100:1780::/41 maxlen: 41
2a05:b100:1800::/39 maxlen: 39
2a05:b100:1a00::/39 maxlen: 39
2a05:b100:1c00::/39 maxlen: 39
2a05:b100:1e00::/39 maxlen: 39
Validation: Failed, certificate revoked on Sun 17 Nov 2024 20:40:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:93:28:93:60:f3:56:5b:b5:41:32:c8:0d:7b:76:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Nov 6 13:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfb7ba7e77ade607d3bf1ec50d1e97211789b70f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:06:3d:58:14:c7:d7:38:ab:7a:5a:c9:b1:45:
97:9c:ed:45:eb:80:23:00:a4:3c:6e:5b:e0:a2:c5:
4f:cc:e6:66:48:52:c1:f7:ee:75:11:46:4d:98:3b:
94:b8:fd:76:68:ee:91:e2:b9:6a:02:35:9d:cd:bd:
3b:70:ca:46:8f:e6:41:d4:43:99:14:4a:00:29:fd:
d6:74:1d:b4:c0:4a:c3:71:b1:9f:1e:99:b3:16:84:
4e:04:e0:1a:d7:b5:42:b1:ac:d1:54:ae:56:3a:0c:
fa:cc:a1:0b:be:6d:59:ec:2d:36:2e:74:af:e3:32:
71:88:1d:fa:db:ba:fa:d9:10:f2:66:de:bc:ea:94:
86:b9:fc:10:13:a0:97:37:7e:93:aa:9d:01:53:1e:
51:8b:d7:4b:aa:75:26:51:3f:68:1f:e1:28:40:e6:
7c:b2:46:a1:ec:23:46:a2:d2:32:13:39:ea:7d:0a:
0d:05:c6:be:6a:86:f9:45:c6:1d:7c:04:04:dd:76:
b7:a7:0e:a8:a9:91:47:26:e4:69:da:85:f1:04:40:
03:b7:b0:80:ab:77:f5:da:b8:53:e2:00:33:4f:c1:
0f:e7:fb:55:62:95:12:0d:3c:64:b4:e8:23:27:f0:
34:09:e3:25:01:e5:ef:af:a9:40:d1:86:d1:9a:25:
02:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B7:BA:7E:77:AD:E6:07:D3:BF:1E:C5:0D:1E:97:21:17:89:B7:0F
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/z7e6fnet5gfTvx7FDR6XIReJtw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
31:a1:1d:9c:0c:a7:7d:f8:2d:87:03:99:9b:fb:3e:87:00:40:
d0:b5:08:89:6b:1a:a2:19:36:15:59:52:a6:ad:e4:45:47:28:
20:8b:58:50:cc:1c:83:88:ff:e1:a0:47:55:e8:6b:c4:0b:be:
ca:05:04:df:2c:0f:04:42:a2:de:2b:de:31:38:50:25:cb:73:
5c:9b:67:d7:1b:3a:32:27:b9:5d:18:a4:49:5a:fb:09:50:70:
84:92:51:a6:f9:3a:51:69:d2:6f:21:0a:f9:d6:29:dc:f0:46:
8d:33:18:da:18:19:27:81:e5:cb:9a:81:32:c5:56:9b:6b:a3:
8a:67:d5:3c:28:0d:6d:d1:21:67:eb:1d:65:74:a0:77:26:09:
42:f6:46:a4:30:0f:0c:89:2c:62:9d:17:10:8e:4e:96:16:c5:
7c:a7:b8:a4:a4:bf:b0:1b:d0:1b:6c:f4:1d:67:93:f8:14:2c:
5a:79:6f:0d:c3:29:9d:7f:fa:b7:95:d2:88:55:5d:1a:c2:e4:
c7:c3:29:9e:05:65:e8:4e:ef:75:33:a3:c3:db:2f:14:57:d9:
8b:34:a3:84:4e:db:ba:f2:4d:86:e3:10:5f:8a:1f:67:3b:5d:
a8:6d:17:31:8b:27:c1:e5:c6:69:ac:d6:65:72:38:b6:89:86:
fe:07:eb:cc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZMBkyiTYPNWW7VBMsgNe3YqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjQxMTA2MTMwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmI3YmE3ZTc3YWRlNjA3ZDNiZjFlYzUwZDFlOTcyMTE3ODliNzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgY9WBTH1zirelrJsUWXnO1F64Aj
AKQ8blvgosVPzOZmSFLB9+51EUZNmDuUuP12aO6R4rlqAjWdzb07cMpGj+ZB1EOZ
FEoAKf3WdB20wErDcbGfHpmzFoROBOAa17VCsazRVK5WOgz6zKELvm1Z7C02LnSv
4zJxiB3627r62RDyZt686pSGufwQE6CXN36Tqp0BUx5Ri9dLqnUmUT9oH+EoQOZ8
skah7CNGotIyEznqfQoNBca+aob5RcYdfAQE3Xa3pw6oqZFHJuRp2oXxBEADt7CA
q3f12rhT4gAzT8EP5/tVYpUSDTxktOgjJ/A0CeMlAeXvr6lA0YbRmiUCBQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFM+3un53reYH078exQ0elyEXibcPMB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvejdlNmZuZXQ1Z2ZUdng3RkRSNlhJUmVKdHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2
LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgWxABAw
DQYJKoZIhvcNAQELBQADggEBADGhHZwMp334LYcDmZv7PocAQNC1CIlrGqIZNhVZ
Uqat5EVHKCCLWFDMHIOI/+GgR1Xoa8QLvsoFBN8sDwRCot4r3jE4UCXLc1ybZ9cb
OjInuV0YpEla+wlQcISSUab5OlFp0m8hCvnWKdzwRo0zGNoYGSeB5cuagTLFVptr
o4pn1TwoDW3RIWfrHWV0oHcmCUL2RqQwDwyJLGKdFxCOTpYWxXynuKSkv7Ab0Bts
9B1nk/gULFp5bw3DKZ1/+reV0ohVXRrC5MfDKZ4FZehO73Uzo8PbLxRX2Ys0o4RO
27ryTYbjEF+KH2c7XahtFzGLJ8Hlxmms1mVyOLaJhv4H68w=
-----END CERTIFICATE-----
Generated at Sun Nov 17 23:35:38 2024 by rpki-client on console-fra.rpki-client.org