Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7keGjEPIvzBXLYBXZVP5id0M_JM.roa
File: 7keGjEPIvzBXLYBXZVP5id0M_JM.roa (raw, json)
Hash identifier: PCxDmnN0GA2lBKeA1lXdO///YSUDAT2bA5K5wjJzAHw=
Subject key identifier: EE:47:86:8C:43:C8:BF:30:57:2D:80:57:65:53:F9:89:DD:0C:FC:93
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019427481EE30EE45DB16907B89DEFEBF73A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7keGjEPIvzBXLYBXZVP5id0M_JM.roa
Signing time: Thu 02 Jan 2025 13:50:25 +0000
ROA not before: Thu 02 Jan 2025 13:50:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32489
IP address blocks: 2a0f:db40::/32 maxlen: 32
2a0f:db41::/32 maxlen: 32
2a0f:db42::/32 maxlen: 32
2a0f:db43::/32 maxlen: 32
2a0f:db44::/32 maxlen: 32
2a0f:db45::/32 maxlen: 32
2a0f:db46::/32 maxlen: 32
2a0f:db47::/32 maxlen: 32
2a12:f5c0::/32 maxlen: 32
2a12:f5c1::/32 maxlen: 32
2a12:f5c2::/32 maxlen: 32
2a12:f5c3::/32 maxlen: 32
2a12:f5c4::/32 maxlen: 32
2a12:f5c5::/32 maxlen: 32
2a12:f5c6::/32 maxlen: 32
2a12:f5c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 17 Feb 2025 15:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:1e:e3:0e:e4:5d:b1:69:07:b8:9d:ef:eb:f7:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee47868c43c8bf30572d80576553f989dd0cfc93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:42:48:68:ef:cc:82:11:7e:38:2f:e4:82:e8:
85:b6:e2:e9:af:b1:91:e2:07:db:60:f8:a7:5b:13:
86:e1:3d:56:d8:a7:51:dd:1a:9e:f3:d4:4c:97:45:
8b:53:00:c1:21:56:48:eb:a6:31:02:f1:28:77:72:
54:9d:e0:f1:17:bf:ff:c9:7d:aa:91:33:b8:71:dc:
75:94:41:06:16:7f:fb:1b:32:88:1d:51:bf:39:1c:
00:c2:11:81:7d:d7:6e:bb:37:43:0e:25:1e:49:06:
d7:f2:d3:ff:62:b9:3f:83:bd:27:65:7d:08:f8:98:
b1:d8:81:0b:b1:f2:4f:86:3d:12:d1:8e:33:da:cd:
28:79:5a:5b:f1:a8:4b:bc:a6:f0:45:a7:87:97:f0:
be:45:1c:48:fb:a4:d1:2d:d0:41:6e:2a:24:81:87:
b2:8e:ee:ff:9e:3d:5f:d9:3f:ca:40:af:7d:8c:8e:
66:ab:30:09:f7:9f:ee:1d:4a:58:f3:c0:cb:ca:f9:
04:98:cd:b9:99:c2:6a:db:ad:7f:71:24:0e:76:c1:
1c:35:41:56:4d:67:29:79:dd:bf:dd:c8:4d:47:d5:
35:d1:e3:1c:6e:e1:bd:35:39:0a:ce:a7:50:78:00:
e2:e3:8d:c2:d7:4e:98:2e:f6:d6:93:00:98:f9:9e:
d2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:47:86:8C:43:C8:BF:30:57:2D:80:57:65:53:F9:89:DD:0C:FC:93
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/7keGjEPIvzBXLYBXZVP5id0M_JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:db40::/29
2a12:f5c0::/29
Signature Algorithm: sha256WithRSAEncryption
61:7e:3b:ec:9b:b8:a2:b0:4a:e4:87:f2:eb:d1:3a:b6:c5:85:
ef:d1:f9:5b:f5:ae:a5:af:e6:35:8c:48:8e:a4:c7:2f:9c:77:
b0:0d:0f:60:3e:56:3e:38:89:16:11:75:f3:c1:e1:65:d4:f5:
f0:34:4b:4a:5c:4c:8b:f5:0c:84:cd:79:32:c0:8b:16:f4:7e:
4f:6f:17:6e:52:b4:54:69:e9:eb:7e:af:58:83:cb:31:6b:34:
2a:6a:56:96:a2:29:7c:a1:dd:9d:9e:6a:98:5f:74:8e:de:0f:
11:3e:ee:e6:2e:04:b1:13:68:e7:c3:da:07:43:66:a2:c5:ac:
af:66:a1:60:38:4e:7c:bf:53:41:9b:ac:2e:2c:6b:17:67:5d:
46:4c:c9:0c:91:c9:b3:85:6c:0c:e4:84:ed:37:54:6c:6b:fa:
47:b8:81:b1:f0:99:ab:0d:dc:ae:d6:a8:58:9b:e6:49:dc:a9:
43:01:2f:0b:81:23:69:28:00:f9:99:ef:81:68:54:1e:22:50:
17:47:f9:23:cd:b8:d2:c1:d5:c2:e7:e5:c9:7a:80:c6:ee:8e:
07:3a:d3:64:bd:8a:57:36:24:b1:af:ab:7e:1d:85:69:a5:5c:
a7:6c:e3:78:e8:23:d3:7e:13:a9:a0:d6:bb:2e:a0:df:c8:db:
29:16:e4:bb
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQnSB7jDuRdsWkHuJ3v6/c6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTQ3ODY4YzQzYzhiZjMwNTcyZDgwNTc2NTUzZjk4OWRkMGNmYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60JIaO/MghF+OC/kguiFtuLpr7GR
4gfbYPinWxOG4T1W2KdR3Rqe89RMl0WLUwDBIVZI66YxAvEod3JUneDxF7//yX2q
kTO4cdx1lEEGFn/7GzKIHVG/ORwAwhGBfdduuzdDDiUeSQbX8tP/Yrk/g70nZX0I
+Jix2IELsfJPhj0S0Y4z2s0oeVpb8ahLvKbwRaeHl/C+RRxI+6TRLdBBbiokgYey
ju7/nj1f2T/KQK99jI5mqzAJ95/uHUpY88DLyvkEmM25mcJq261/cSQOdsEcNUFW
TWcped2/3chNR9U10eMcbuG9NTkKzqdQeADi443C106YLvbWkwCY+Z7SWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFO5HhoxDyL8wVy2AV2VT+YndDPyTMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvN2tlR2pFUEl2ekJYTFlCWFpWUDVpZDBNX0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg/bQAMF
AyoS9cAwDQYJKoZIhvcNAQELBQADggEBAGF+O+ybuKKwSuSH8uvROrbFhe/R+Vv1
rqWv5jWMSI6kxy+cd7AND2A+Vj44iRYRdfPB4WXU9fA0S0pcTIv1DITNeTLAixb0
fk9vF25StFRp6et+r1iDyzFrNCpqVpaiKXyh3Z2eaphfdI7eDxE+7uYuBLETaOfD
2gdDZqLFrK9moWA4Tny/U0GbrC4saxdnXUZMyQyRybOFbAzkhO03VGxr+ke4gbHw
masN3K7WqFib5kncqUMBLwuBI2koAPmZ74FoVB4iUBdH+SPNuNLB1cLn5cl6gMbu
jgc602S9ilc2JLGvq34dhWmlXKds43joI9N+E6mg1rsuoN/I2ykW5Ls=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:57 2025 by rpki-client