Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/7aHwftHHyZRq9oiYq3ECpJtmzZo.roa
File: 7aHwftHHyZRq9oiYq3ECpJtmzZo.roa (raw, json)
Hash identifier: 9krftPpQP7eAjd0+jjpXc7bcjpCpkcbr4oFJ+uJ7pIs=
Subject key identifier: ED:A1:F0:7E:D1:C7:C9:94:6A:F6:88:98:AB:71:02:A4:9B:66:CD:9A
Certificate issuer: /CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Certificate serial: 0192F6D2BA35F25B1119794FC6AA982F295A
Authority key identifier: 99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/7aHwftHHyZRq9oiYq3ECpJtmzZo.roa
Signing time: Mon 04 Nov 2024 10:57:38 +0000
ROA not before: Mon 04 Nov 2024 10:57:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214998
IP address blocks: 2a07:5900::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 16 Nov 2024 07:06:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:d2:ba:35:f2:5b:11:19:79:4f:c6:aa:98:2f:29:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99b8fd292c8a1b896b8752344a3da92378f2ae5a
Validity
Not Before: Nov 4 10:57:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eda1f07ed1c7c9946af68898ab7102a49b66cd9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e6:98:dc:25:e8:5e:8c:3e:c0:c3:5d:1e:0c:
b8:00:26:29:1f:82:56:cd:48:ce:c4:5d:8a:2a:f5:
b1:1e:e0:a2:5a:44:ce:62:0d:98:4f:6d:5e:c9:91:
5c:b2:65:72:0e:19:b7:18:76:81:23:c2:c2:98:91:
38:f1:c3:1c:27:93:d2:03:19:cc:e2:fe:2d:33:42:
4c:62:52:c0:e2:af:74:e0:51:59:36:87:75:3d:c0:
a4:ed:a2:a2:fd:cf:07:7f:f7:37:f1:a1:25:f0:3a:
13:c9:0c:ef:58:95:3b:5d:98:d0:94:1d:1c:14:a6:
1c:c4:c6:4e:80:cc:e0:60:d3:40:a1:e7:f8:f4:45:
a0:83:d2:c6:63:b9:18:b6:3c:ff:89:a2:bf:b3:01:
78:83:fa:ae:89:e6:ae:49:44:d1:e4:18:1c:6f:df:
24:6c:f2:6f:09:95:b8:76:97:48:14:e4:b1:a7:ae:
57:cd:8a:c8:93:65:d4:b9:6e:d1:d3:d7:cc:db:72:
52:7e:db:14:12:3c:06:d7:a8:ce:61:f6:8d:f5:aa:
8d:06:3b:60:ef:6d:62:0a:73:6b:ce:69:7e:93:3e:
5f:02:f1:98:67:43:cf:68:f6:64:73:7f:47:b4:4b:
dd:b8:20:ad:d0:41:14:48:53:1e:8e:80:18:50:e9:
59:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A1:F0:7E:D1:C7:C9:94:6A:F6:88:98:AB:71:02:A4:9B:66:CD:9A
X509v3 Authority Key Identifier:
keyid:99:B8:FD:29:2C:8A:1B:89:6B:87:52:34:4A:3D:A9:23:78:F2:AE:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/7aHwftHHyZRq9oiYq3ECpJtmzZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a28ca6-af2f-40cd-b549-7eead1461a54/1/mbj9KSyKG4lrh1I0Sj2pI3jyrlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:5900::/29
Signature Algorithm: sha256WithRSAEncryption
67:5a:8b:90:03:ad:c7:fd:46:61:6e:1d:79:aa:48:3a:bf:78:
15:93:f4:7d:83:13:54:28:45:33:96:d9:a0:e3:18:e9:92:cb:
46:6b:9f:58:54:bc:34:e3:ae:da:5e:21:5f:6d:4e:d9:a1:da:
23:14:81:4f:e3:87:80:43:86:26:06:f3:64:34:2b:60:f3:85:
7d:e0:2d:2a:ba:03:2a:80:29:18:47:32:2c:af:cb:e2:ce:65:
4c:9c:98:a7:9d:97:9f:c1:3c:66:c9:a9:46:b3:b2:17:18:3a:
51:f9:f7:8f:62:5b:01:26:d4:b1:1c:b2:99:bd:87:ba:46:a4:
c5:31:d7:ab:33:5a:94:8a:27:24:9b:0c:07:9c:4c:28:a1:cc:
fc:5d:c4:c7:a4:fb:42:ed:d5:17:b2:ba:a9:8d:ca:3a:35:01:
e1:e4:98:35:3d:c7:b2:38:ee:d6:f4:64:1a:db:06:9e:b5:1e:
18:3d:5e:bc:cb:d7:6f:ee:25:fc:f9:da:cc:80:e7:5c:19:78:
8e:61:46:09:1d:1c:91:2a:b9:78:4d:48:9f:3c:77:60:15:a1:
3b:12:cc:aa:7c:e5:2f:95:59:9b:41:57:c6:8e:f0:c0:b6:a0:
93:12:a0:c3:68:9e:5a:3a:11:7d:61:82:ef:65:49:0e:e3:f8:
b6:1a:7e:db
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZL20ro18lsRGXlPxqqYLylaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5YjhmZDI5MmM4YTFiODk2Yjg3NTIzNDRhM2RhOTIzNzhm
MmFlNWEwHhcNMjQxMTA0MTA1NzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGExZjA3ZWQxYzdjOTk0NmFmNjg4OThhYjcxMDJhNDliNjZjZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+aY3CXoXow+wMNdHgy4ACYpH4JW
zUjOxF2KKvWxHuCiWkTOYg2YT21eyZFcsmVyDhm3GHaBI8LCmJE48cMcJ5PSAxnM
4v4tM0JMYlLA4q904FFZNod1PcCk7aKi/c8Hf/c38aEl8DoTyQzvWJU7XZjQlB0c
FKYcxMZOgMzgYNNAoef49EWgg9LGY7kYtjz/iaK/swF4g/quieauSUTR5Bgcb98k
bPJvCZW4dpdIFOSxp65XzYrIk2XUuW7R09fM23JSftsUEjwG16jOYfaN9aqNBjtg
721iCnNrzml+kz5fAvGYZ0PPaPZkc39HtEvduCCt0EEUSFMejoAYUOlZvQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFO2h8H7Rx8mUavaImKtxAqSbZs2aMB8GA1UdIwQY
MBaAFJm4/SksihuJa4dSNEo9qSN48q5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDkt
N2VlYWQxNDYxYTU0LzEvN2FId2Z0SEh5WlJxOW9pWXEzRUNwSnRtelpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMjhjYTYtYWYyZi00MGNkLWI1NDktN2VlYWQxNDYxYTU0
LzEvbWJqOUtTeUtHNGxyaDFJMFNqMnBJM2p5cmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgdZADAN
BgkqhkiG9w0BAQsFAAOCAQEAZ1qLkAOtx/1GYW4deapIOr94FZP0fYMTVChFM5bZ
oOMY6ZLLRmufWFS8NOOu2l4hX21O2aHaIxSBT+OHgEOGJgbzZDQrYPOFfeAtKroD
KoApGEcyLK/L4s5lTJyYp52Xn8E8ZsmpRrOyFxg6Ufn3j2JbASbUsRyymb2Hukak
xTHXqzNalIonJJsMB5xMKKHM/F3Ex6T7Qu3VF7K6qY3KOjUB4eSYNT3Hsjju1vRk
GtsGnrUeGD1evMvXb+4l/PnazIDnXBl4jmFGCR0ckSq5eE1Inzx3YBWhOxLMqnzl
L5VZm0FXxo7wwLagkxKgw2ieWjoRfWGC72VJDuP4thp+2w==
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:58:23 2025 by rpki-client