Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7Ay4lfGZvZSniWNZq3CrlLwCwX0.roa
File: 7Ay4lfGZvZSniWNZq3CrlLwCwX0.roa (raw, json)
Hash identifier: iMfmnkbTotwMOGZfYWwAIYloM0nvFWfAJ64emCUfd7w=
Subject key identifier: EC:0C:B8:95:F1:99:BD:94:A7:89:63:59:AB:70:AB:94:BC:02:C1:7D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01919D649E7BCBC502C6A6BAB27B9E3E2FAC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7Ay4lfGZvZSniWNZq3CrlLwCwX0.roa
Signing time: Thu 29 Aug 2024 09:08:22 +0000
ROA not before: Thu 29 Aug 2024 09:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216360
IP address blocks: 2a10:36c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 02 Sep 2024 14:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:64:9e:7b:cb:c5:02:c6:a6:ba:b2:7b:9e:3e:2f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 29 09:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec0cb895f199bd94a7896359ab70ab94bc02c17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8d:18:c1:ec:3b:0d:8d:47:47:84:3b:27:c7:
f3:7c:b3:47:dc:61:f0:fa:c4:36:9e:60:ec:77:11:
e5:63:86:33:ae:a6:c8:22:52:bf:51:76:95:44:79:
14:38:83:a8:c2:75:99:96:9e:03:dc:83:dd:07:f9:
3d:18:da:d1:3a:02:4d:1d:92:0b:95:23:49:4d:48:
92:9f:50:b1:ed:ab:62:f4:be:a1:dd:fa:ee:0b:92:
3d:b4:ec:93:d9:08:2b:a7:c1:78:79:be:92:d4:36:
87:c8:da:67:42:2a:6a:18:a4:c9:23:61:1d:f8:d7:
f6:d5:5a:89:3d:90:90:0c:1c:c0:61:d5:e0:94:63:
0c:a2:46:5c:b8:40:9e:e4:2f:09:d6:06:8c:7b:3c:
f2:8a:0a:96:34:4c:25:21:e0:54:9a:c9:e2:2f:aa:
6a:29:48:79:b5:15:7e:8d:e4:ad:a7:23:1b:52:32:
a3:50:3b:67:15:48:f8:17:c1:c8:f0:b9:60:cc:98:
48:7c:5c:67:3a:8f:13:13:2d:10:19:b9:cf:ec:be:
15:bf:eb:ba:cd:5d:bd:3c:12:33:77:82:ff:5d:c1:
71:3d:b5:92:58:e7:8e:4e:25:a9:8b:fa:75:a9:d8:
67:a9:be:ef:13:df:f9:23:64:e9:7a:12:ab:eb:fe:
40:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:0C:B8:95:F1:99:BD:94:A7:89:63:59:AB:70:AB:94:BC:02:C1:7D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7Ay4lfGZvZSniWNZq3CrlLwCwX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
48:da:1e:80:67:d4:8b:0d:f7:91:2e:59:54:f3:d4:ed:f2:8d:
98:9e:ed:f9:11:38:a3:49:b1:bd:d2:a3:86:45:3a:ef:1e:af:
7d:60:28:48:29:eb:5b:18:32:f5:0d:aa:6d:42:ce:71:99:7f:
3e:77:e9:80:88:82:cc:05:b2:d6:e2:ec:ae:cb:6c:f1:fa:d9:
a1:75:01:a0:1f:7c:22:14:e0:fe:ce:2c:e9:18:89:d9:52:b8:
9a:11:16:ca:02:65:b8:55:32:46:6b:cc:4d:e5:9c:81:46:91:
e8:4a:a4:72:75:61:25:e5:05:f5:47:0d:49:4b:dc:e3:d2:ba:
6d:8d:0c:9d:43:48:64:95:03:09:c0:bf:4b:d1:a0:4e:c0:5a:
c5:1a:a8:62:4b:bf:48:9b:95:c8:f8:42:11:a1:0d:3e:cf:d7:
da:bc:3d:21:ee:d4:dc:90:13:2d:84:f9:d4:01:ff:49:64:a3:
17:ee:10:ac:f3:d3:dd:b2:61:1c:22:dc:b2:bf:ff:37:08:2e:
14:05:53:99:e1:09:c0:20:bd:f7:d5:72:2e:d7:f6:c1:2f:27:
8a:96:6f:f2:ff:f6:d6:2a:0c:6c:4e:5e:90:7a:6c:4f:ea:82:
64:92:9d:08:a0:91:32:4b:eb:59:9f:b7:4d:3f:16:f8:19:fa:
fc:6c:ee:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZGdZJ57y8UCxqa6snuePi+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODI5MDkwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzBjYjg5NWYxOTliZDk0YTc4OTYzNTlhYjcwYWI5NGJjMDJjMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso0Ywew7DY1HR4Q7J8fzfLNH3GHw
+sQ2nmDsdxHlY4YzrqbIIlK/UXaVRHkUOIOownWZlp4D3IPdB/k9GNrROgJNHZIL
lSNJTUiSn1Cx7ati9L6h3fruC5I9tOyT2Qgrp8F4eb6S1DaHyNpnQipqGKTJI2Ed
+Nf21VqJPZCQDBzAYdXglGMMokZcuECe5C8J1gaMezzyigqWNEwlIeBUmsniL6pq
KUh5tRV+jeStpyMbUjKjUDtnFUj4F8HI8LlgzJhIfFxnOo8TEy0QGbnP7L4Vv+u6
zV29PBIzd4L/XcFxPbWSWOeOTiWpi/p1qdhnqb7vE9/5I2TpehKr6/5AawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOwMuJXxmb2Up4ljWatwq5S8AsF9MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvN0F5NGxmR1p2WlNuaVdOWnEzQ3JsTHdDd1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhA2wDAN
BgkqhkiG9w0BAQsFAAOCAQEASNoegGfUiw33kS5ZVPPU7fKNmJ7t+RE4o0mxvdKj
hkU67x6vfWAoSCnrWxgy9Q2qbULOcZl/PnfpgIiCzAWy1uLsrsts8frZoXUBoB98
IhTg/s4s6RiJ2VK4mhEWygJluFUyRmvMTeWcgUaR6EqkcnVhJeUF9UcNSUvc49K6
bY0MnUNIZJUDCcC/S9GgTsBaxRqoYku/SJuVyPhCEaENPs/X2rw9Ie7U3JATLYT5
1AH/SWSjF+4QrPPT3bJhHCLcsr//NwguFAVTmeEJwCC999VyLtf2wS8nipZv8v/2
1ioMbE5ekHpsT+qCZJKdCKCRMkvrWZ+3TT8W+Bn6/GzuMg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:22 2025 by rpki-client