Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/7wSmFbnW_FcARFdr8JonGBqd5EM.roa
File: 7wSmFbnW_FcARFdr8JonGBqd5EM.roa (raw, json)
Hash identifier: lTKGfemNi7Fo9B4J9F7KQJ06EM4H7/Tm3axm0K7VYHY=
Subject key identifier: EF:04:A6:15:B9:D6:FC:57:00:44:57:6B:F0:9A:27:18:1A:9D:E4:43
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 018CDB61CA51B0D5309DD35B22A1C7DA830C
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/7wSmFbnW_FcARFdr8JonGBqd5EM.roa
Signing time: Fri 05 Jan 2024 20:47:48 +0000
ROA not before: Fri 05 Jan 2024 20:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 08 Jan 2024 15:22:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:db:61:ca:51:b0:d5:30:9d:d3:5b:22:a1:c7:da:83:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Jan 5 20:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef04a615b9d6fc570044576bf09a27181a9de443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9a:d4:98:4f:84:47:f1:ad:f5:88:ca:be:09:
97:08:5e:e8:53:80:8d:34:03:a1:13:e2:36:5a:0e:
89:7a:96:5e:2d:d4:3b:33:b3:c2:fd:fe:47:47:98:
f5:3c:35:2c:ea:68:14:52:5c:25:ac:4f:52:95:09:
ad:0d:b8:19:83:f1:0d:05:57:e0:ad:3a:63:86:0f:
b9:81:41:d0:a3:30:e0:b2:45:4b:e6:34:01:e8:f0:
58:06:85:81:5f:5c:dd:35:4e:8a:54:90:f5:ee:89:
31:87:bc:cd:33:7e:1a:c2:47:fe:27:1a:45:38:26:
dc:2e:c5:de:e9:18:8f:16:40:27:d6:46:31:aa:8a:
4f:6d:47:92:aa:7b:78:6e:9f:f4:02:ef:35:26:f7:
82:ce:91:51:d3:7f:6f:45:3b:14:b2:7a:f3:85:73:
75:d5:ec:71:83:d4:63:c1:e5:25:fa:57:7d:36:89:
72:ce:d3:b4:30:70:02:f1:00:5f:d1:74:dc:bb:46:
d0:92:5d:ff:4a:d6:5e:9a:4c:61:9f:1f:93:c1:05:
78:df:6f:65:96:6b:15:b7:17:f4:1a:49:2a:77:ee:
62:58:af:18:17:49:a6:d4:b7:bd:db:39:9e:09:84:
d7:d5:e1:3b:6d:36:fa:56:52:62:44:51:cf:a1:2f:
32:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:04:A6:15:B9:D6:FC:57:00:44:57:6B:F0:9A:27:18:1A:9D:E4:43
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/7wSmFbnW_FcARFdr8JonGBqd5EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
Signature Algorithm: sha256WithRSAEncryption
8a:38:3c:b3:d1:85:49:cb:b9:16:af:77:63:dc:7d:71:f5:52:
cd:06:80:1e:e6:d0:4b:cb:ec:88:0d:36:d2:40:4f:8b:09:69:
f9:33:0f:44:ef:8e:49:16:b9:79:0f:06:b3:bc:e1:1b:d1:6e:
71:40:8f:a7:2f:14:1a:de:76:ae:5a:3c:a7:8b:0d:a9:20:66:
e2:46:5d:6f:0c:d8:b0:b0:98:05:45:84:4c:38:62:49:20:6b:
15:90:be:fb:1e:ce:a1:17:49:f7:b2:66:69:b3:8f:fb:48:5e:
a5:90:91:fe:53:77:ed:26:c5:7e:86:14:e6:5d:5c:4f:8f:35:
37:e5:fd:85:2c:a1:b6:93:c8:00:1b:08:3d:09:a7:b8:85:72:
b8:89:32:4c:0e:fb:8c:7d:fe:37:c8:dd:58:f6:c2:00:8d:0a:
a0:48:9c:42:bd:cc:dd:97:2d:c2:14:37:33:66:a9:9a:6f:90:
76:10:3b:7f:99:a8:7a:a0:6c:64:d6:db:75:5e:a8:b6:82:07:
e5:91:cd:12:3d:42:3f:59:13:aa:f9:6e:fe:70:9a:f0:5f:db:
03:2c:6f:f3:41:88:23:2f:61:2a:12:af:9f:7a:4e:11:34:7c:
03:1a:a1:ed:76:cb:db:71:4d:3b:56:67:34:94:7b:8f:04:7e:
37:52:45:64
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzbYcpRsNUwndNbIqHH2oMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwMTA1MjA0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjA0YTYxNWI5ZDZmYzU3MDA0NDU3NmJmMDlhMjcxODFhOWRlNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5rUmE+ER/Gt9YjKvgmXCF7oU4CN
NAOhE+I2Wg6JepZeLdQ7M7PC/f5HR5j1PDUs6mgUUlwlrE9SlQmtDbgZg/ENBVfg
rTpjhg+5gUHQozDgskVL5jQB6PBYBoWBX1zdNU6KVJD17okxh7zNM34awkf+JxpF
OCbcLsXe6RiPFkAn1kYxqopPbUeSqnt4bp/0Au81JveCzpFR039vRTsUsnrzhXN1
1exxg9RjweUl+ld9NolyztO0MHAC8QBf0XTcu0bQkl3/StZemkxhnx+TwQV4329l
lmsVtxf0Gkkqd+5iWK8YF0mm1Le92zmeCYTX1eE7bTb6VlJiRFHPoS8yiQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFO8EphW51vxXAERXa/CaJxganeRDMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvN3dTbUZibldfRmNBUkZkcjhKb25HQnFkNUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAAjAwAwYAKgPvwBcD
BgAqA+/AIwMGACoD78AlAwYAKgPvwCcDBgAqA+/AKQMGACoD78AxMA0GCSqGSIb3
DQEBCwUAA4IBAQCKODyz0YVJy7kWr3dj3H1x9VLNBoAe5tBLy+yIDTbSQE+LCWn5
Mw9E745JFrl5DwazvOEb0W5xQI+nLxQa3nauWjyniw2pIGbiRl1vDNiwsJgFRYRM
OGJJIGsVkL77Hs6hF0n3smZps4/7SF6lkJH+U3ftJsV+hhTmXVxPjzU35f2FLKG2
k8gAGwg9Cae4hXK4iTJMDvuMff43yN1Y9sIAjQqgSJxCvczdly3CFDczZqmab5B2
EDt/mah6oGxk1tt1Xqi2ggflkc0SPUI/WROq+W7+cJrwX9sDLG/zQYgjL2EqEq+f
ek4RNHwDGqHtdsvbcU07Vmc0lHuPBH43UkVk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:30 2024 by rpki-client on console-fra.rpki-client.org