Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Cfd7q1NBhpETPsoxgbLAwcxnrG8.roa
File: Cfd7q1NBhpETPsoxgbLAwcxnrG8.roa (raw, json)
Hash identifier: dzTY1mDolDLZ+xn4/NNj0MH5Uyp1swGkCb0T7EEVwpQ=
Subject key identifier: 09:F7:7B:AB:53:41:86:91:13:3E:CA:31:81:B2:C0:C1:CC:67:AC:6F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D1CEFF329D844D8F4D67C0DB2F71DE5BE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Cfd7q1NBhpETPsoxgbLAwcxnrG8.roa
Signing time: Thu 18 Jan 2024 14:18:23 +0000
ROA not before: Thu 18 Jan 2024 14:18:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 2a06:35c0::/30 maxlen: 30
2a06:35c4::/30 maxlen: 30
2a07:a300::/29 maxlen: 29
2a09:4500::/29 maxlen: 32
2a09:4900::/29 maxlen: 32
2a09:7300::/29 maxlen: 32
2a09:7500::/29 maxlen: 32
2a09:7b00::/29 maxlen: 32
2a09:b700::/29 maxlen: 32
2a0d:2ac0::/29 maxlen: 32
2a0d:a9c0::/29 maxlen: 32
2a0d:b740::/29 maxlen: 32
2a0e:e980::/29 maxlen: 29
2a0f:140::/29 maxlen: 29
2a0f:2d80::/29 maxlen: 29
2a0f:2e80::/29 maxlen: 29
2a0f:7280::/29 maxlen: 29
2a0f:c400::/29 maxlen: 29
2a0f:cc00::/29 maxlen: 29
2a0f:df40::/29 maxlen: 29
2a0f:e600::/29 maxlen: 29
2a13:2d40::/32 maxlen: 32
2a13:2d41::/32 maxlen: 32
2a13:2d42::/32 maxlen: 32
2a13:2d43::/32 maxlen: 32
2a13:2d44::/32 maxlen: 32
2a13:2d45::/32 maxlen: 32
2a13:2d46::/32 maxlen: 32
2a13:2d47::/32 maxlen: 32
2a13:2dc0::/32 maxlen: 32
2a13:2dc1::/32 maxlen: 32
2a13:2dc2::/32 maxlen: 32
2a13:2dc3::/32 maxlen: 32
2a13:2dc4::/32 maxlen: 32
2a13:2dc5::/32 maxlen: 32
2a13:2dc6::/32 maxlen: 32
2a13:2dc7::/32 maxlen: 32
2a13:2f40::/29 maxlen: 29
2a13:9180::/29 maxlen: 29
2a13:9680::/29 maxlen: 29
2a13:c700::/29 maxlen: 29
2a13:c900::/32 maxlen: 32
2a13:c901::/32 maxlen: 32
2a13:c902::/32 maxlen: 32
2a13:c903::/32 maxlen: 32
2a13:c904::/32 maxlen: 32
2a13:c905::/32 maxlen: 32
2a13:c906::/32 maxlen: 32
2a13:c907::/32 maxlen: 32
2a13:d100::/29 maxlen: 29
2a13:d700::/32 maxlen: 32
2a13:d701::/32 maxlen: 32
2a13:d702::/32 maxlen: 32
2a13:d703::/32 maxlen: 32
2a13:d704::/32 maxlen: 32
2a13:d705::/32 maxlen: 32
2a13:d706::/32 maxlen: 32
2a13:d707::/32 maxlen: 32
2a13:d900::/32 maxlen: 32
2a13:d901::/32 maxlen: 32
2a13:d902::/32 maxlen: 32
2a13:d903::/32 maxlen: 32
2a13:d904::/32 maxlen: 32
2a13:d905::/32 maxlen: 32
2a13:d906::/32 maxlen: 32
2a13:d907::/32 maxlen: 32
2a13:fb00::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 19 Jan 2024 07:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:ef:f3:29:d8:44:d8:f4:d6:7c:0d:b2:f7:1d:e5:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 18 14:18:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09f77bab53418691133eca3181b2c0c1cc67ac6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8b:b0:7b:68:de:47:11:be:74:10:ae:9c:fc:
e3:5f:e3:56:21:f4:12:92:7a:01:98:fe:5d:68:0f:
43:05:61:c8:4d:47:fc:2b:41:90:01:b5:ab:c8:18:
6c:24:22:73:eb:a0:d9:01:08:bc:7b:d9:81:a7:71:
47:e1:43:3c:55:f7:98:11:5b:bf:81:d7:ee:1d:27:
34:8a:e9:e4:66:79:25:d0:b2:7b:49:ec:6f:73:b5:
6e:9d:ab:61:7c:ca:e3:57:22:fa:d3:61:f2:f2:bf:
c7:d3:9a:a2:db:2e:4a:b0:2a:b5:25:d6:95:d1:00:
53:f9:58:85:1e:1a:32:b7:3e:58:fd:9c:f6:fc:ae:
12:f0:4b:8e:86:97:81:a3:18:15:0f:84:8b:7a:48:
87:13:d7:f9:40:1d:73:60:d3:cb:49:7c:a1:d0:5d:
e2:37:fd:d4:e6:b6:27:eb:5e:89:00:5a:35:7a:c2:
32:31:9c:ee:36:b2:b0:88:e8:4a:4a:cf:55:ea:38:
75:93:b6:f4:b1:bd:b1:a0:fb:6a:3b:e7:93:82:c9:
3a:ff:a6:b8:05:15:d7:ac:5c:06:3c:ac:f6:bc:e9:
d8:4d:a0:b2:c5:a1:7e:8d:a1:48:97:9d:4d:20:7c:
10:e8:a2:4e:98:02:70:e5:dc:15:0e:55:7f:44:c2:
15:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F7:7B:AB:53:41:86:91:13:3E:CA:31:81:B2:C0:C1:CC:67:AC:6F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Cfd7q1NBhpETPsoxgbLAwcxnrG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c0::/29
2a07:a300::/29
2a09:4500::/29
2a09:4900::/29
2a09:7300::/29
2a09:7500::/29
2a09:7b00::/29
2a09:b700::/29
2a0d:2ac0::/29
2a0d:a9c0::/29
2a0d:b740::/29
2a0e:e980::/29
2a0f:140::/29
2a0f:2d80::/29
2a0f:2e80::/29
2a0f:7280::/29
2a0f:c400::/29
2a0f:cc00::/29
2a0f:df40::/29
2a0f:e600::/29
2a13:2d40::/29
2a13:2dc0::/29
2a13:2f40::/29
2a13:9180::/29
2a13:9680::/29
2a13:c700::/29
2a13:c900::/29
2a13:d100::/29
2a13:d700::/29
2a13:d900::/29
2a13:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
81:66:a8:ff:75:94:4c:3a:6e:9e:4d:60:7b:0b:ed:1c:b5:7d:
3d:8d:06:57:b4:8d:80:6c:fc:c7:e3:f7:07:58:dd:92:45:37:
e3:a5:a9:18:2a:69:48:b4:16:b2:2c:e8:58:88:e0:67:8f:ad:
02:31:a8:2e:f6:a6:b9:9c:33:0d:ce:6b:a6:f5:be:8f:42:eb:
be:55:64:4d:49:55:45:3b:52:6e:7e:ce:e0:8b:fc:f7:60:53:
b6:0f:13:02:ab:4c:8f:6c:07:e0:01:91:b2:bf:a2:52:56:d5:
11:45:f4:e0:0b:e4:5c:d5:f7:ca:52:5e:83:b5:d2:5d:5f:fd:
22:56:57:b5:60:20:17:28:75:44:cd:15:c2:67:18:47:b2:7c:
61:f8:d6:7f:59:e0:09:bc:37:e0:d3:a6:83:32:96:f8:25:ca:
c4:3f:80:06:9b:d0:9c:a5:ae:dc:6a:2e:3f:75:b9:7a:12:bb:
f4:93:ba:e9:5c:38:f7:7a:9f:57:c4:6c:f7:a0:31:ad:2a:72:
63:f1:8e:92:06:7c:79:e9:22:7d:09:15:31:3d:bb:06:71:48:
59:b9:44:be:24:07:56:42:df:19:9b:48:6e:aa:b3:9e:f3:ad:
0d:a5:cb:41:14:df:1b:f0:4d:0c:25:bb:eb:1e:1f:48:a7:ae:
46:22:44:5d
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAY0c7/Mp2ETY9NZ8DbL3HeW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTE4MTQxODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWY3N2JhYjUzNDE4NjkxMTMzZWNhMzE4MWIyYzBjMWNjNjdhYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Yuwe2jeRxG+dBCunPzjX+NWIfQS
knoBmP5daA9DBWHITUf8K0GQAbWryBhsJCJz66DZAQi8e9mBp3FH4UM8VfeYEVu/
gdfuHSc0iunkZnkl0LJ7Sexvc7VunathfMrjVyL602Hy8r/H05qi2y5KsCq1JdaV
0QBT+ViFHhoytz5Y/Zz2/K4S8EuOhpeBoxgVD4SLekiHE9f5QB1zYNPLSXyh0F3i
N/3U5rYn616JAFo1esIyMZzuNrKwiOhKSs9V6jh1k7b0sb2xoPtqO+eTgsk6/6a4
BRXXrFwGPKz2vOnYTaCyxaF+jaFIl51NIHwQ6KJOmAJw5dwVDlV/RMIVIQIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFAn3e6tTQYaREz7KMYGywMHMZ6xvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQ2ZkN3ExTkJocEVUUHNveGdiTEF3Y3huckc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCB4AQCAAIwgdkDBQMq
BjXAAwUDKgejAAMFAyoJRQADBQMqCUkAAwUDKglzAAMFAyoJdQADBQMqCXsAAwUD
Kgm3AAMFAyoNKsADBQMqDanAAwUDKg23QAMFAyoO6YADBQMqDwFAAwUDKg8tgAMF
AyoPLoADBQMqD3KAAwUDKg/EAAMFAyoPzAADBQMqD99AAwUDKg/mAAMFAyoTLUAD
BQMqEy3AAwUDKhMvQAMFAyoTkYADBQMqE5aAAwUDKhPHAAMFAyoTyQADBQMqE9EA
AwUDKhPXAAMFAyoT2QADBQMqE/sAMA0GCSqGSIb3DQEBCwUAA4IBAQCBZqj/dZRM
Om6eTWB7C+0ctX09jQZXtI2AbPzH4/cHWN2SRTfjpakYKmlItBayLOhYiOBnj60C
Magu9qa5nDMNzmum9b6PQuu+VWRNSVVFO1Jufs7gi/z3YFO2DxMCq0yPbAfgAZGy
v6JSVtURRfTgC+Rc1ffKUl6DtdJdX/0iVle1YCAXKHVEzRXCZxhHsnxh+NZ/WeAJ
vDfg06aDMpb4JcrEP4AGm9Ccpa7cai4/dbl6Erv0k7rpXDj3ep9XxGz3oDGtKnJj
8Y6SBnx56SJ9CRUxPbsGcUhZuUS+JAdWQt8Zm0huqrOe860NpctBFN8b8E0MJbvr
Hh9Ip65GIkRd
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:56:15 2025 by rpki-client