Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DxoVawvQXUA-k1uTAYjaDv-Squ0.roa
File: DxoVawvQXUA-k1uTAYjaDv-Squ0.roa (raw, json)
Hash identifier: PqcCu/hDR0rwlxp7cGIF9rZ02ihUOe3+1DJaoj/xf54=
Subject key identifier: 0F:1A:15:6B:0B:D0:5D:40:3E:93:5B:93:01:88:DA:0E:FF:92:AA:ED
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CC9BC27FF19AB7220B34080ADF5FFE274
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DxoVawvQXUA-k1uTAYjaDv-Squ0.roa
Signing time: Tue 02 Jan 2024 10:33:20 +0000
ROA not before: Tue 02 Jan 2024 10:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197992
IP address blocks: 2a0e:9b00::/29 maxlen: 29
2a0f:1380::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:1580::/29 maxlen: 29
2a0f:3f80::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0f:ee00::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
2a06:3bc0::/29 maxlen: 29
2a0a:1400::/29 maxlen: 29
2a06:a5c0::/29 maxlen: 29
2a0f:bc00::/29 maxlen: 29
2a05:b300::/29 maxlen: 29
2a0f:da40::/29 maxlen: 29
2a13:7d80::/29 maxlen: 29
2a0f:7f00::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a13:9380::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a06:a600::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Jan 2024 07:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:27:ff:19:ab:72:20:b3:40:80:ad:f5:ff:e2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 10:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f1a156b0bd05d403e935b930188da0eff92aaed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:3a:80:7b:a7:a3:7f:6e:93:13:83:ba:0f:6f:
bf:5b:c3:6a:2b:94:2d:dc:4f:fd:38:56:9f:31:2d:
90:df:e7:02:66:50:ce:f5:17:1e:d4:8c:3a:b2:dd:
61:d2:03:b6:ca:fe:fc:28:fb:c5:a4:b1:7b:5c:77:
eb:0a:c6:59:64:b8:d5:44:ce:ed:16:8c:db:13:6a:
70:36:85:c2:cd:72:84:91:7d:15:90:48:ad:f8:8d:
98:40:9d:7f:8c:54:2e:e2:26:2c:f0:ee:80:75:af:
b9:59:df:4d:90:31:70:58:16:6c:8b:d3:2c:fc:ea:
d9:40:bb:f5:a4:7d:e7:a6:12:cf:6c:83:d6:ed:fa:
d0:2b:ef:26:b3:ad:51:46:84:bb:09:4d:aa:a4:7f:
2b:8e:de:cd:48:81:be:f7:c1:3d:ba:7f:89:b5:b0:
06:87:23:6e:ad:5e:a4:1b:d6:30:80:53:5e:b8:2d:
d1:63:40:06:3d:10:2d:9c:34:4d:38:6c:91:e1:c5:
ec:b4:8f:26:6d:92:cb:5c:fe:4b:6b:73:81:7e:94:
e4:a0:4f:db:16:f3:1f:07:44:d1:ed:48:3e:07:84:
a8:d4:38:54:9e:54:e0:8e:4d:01:66:ee:6d:ca:f3:
97:d4:3a:23:54:a1:5b:c1:81:31:3a:02:23:62:95:
6e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:1A:15:6B:0B:D0:5D:40:3E:93:5B:93:01:88:DA:0E:FF:92:AA:ED
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DxoVawvQXUA-k1uTAYjaDv-Squ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a06:3bc0::/29
2a06:a5c0::/29
2a06:a600::/29
2a06:dfc0::/29
2a0a:1400::/29
2a0c:4880::/29
2a0e:5a80::/29
2a0e:9b00::/29
2a0f:1380::/29
2a0f:1580::/29
2a0f:2300::/29
2a0f:3f80::/29
2a0f:7f00::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:9600::/29
2a0f:bc00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:dd40::/29
2a0f:e0c0::/29
2a0f:e140::/29
2a0f:e640::/29
2a0f:ec00::/29
2a0f:ee00::/29
2a12:d540::/29
2a13:200::/29
2a13:7d80::/29
2a13:9380::/29
Signature Algorithm: sha256WithRSAEncryption
c6:06:62:b3:ec:75:a3:93:32:b0:6f:6c:dc:f5:60:8e:13:82:
31:94:d4:03:e3:17:c8:52:93:d0:8d:f8:e0:50:0f:76:e6:19:
c5:0e:4c:c6:af:46:88:1b:9a:a7:3f:76:5c:81:68:9e:67:19:
f7:af:2f:44:f4:39:a6:f5:86:89:d4:fe:41:94:25:27:0f:5e:
93:4a:fc:0e:dd:e5:21:a8:49:06:39:a8:18:aa:28:5a:fe:7f:
ab:7f:a5:4e:14:a5:5b:fd:4a:d4:6f:b4:b7:4d:d7:e7:4f:63:
42:42:cd:bf:e1:1f:4a:5c:17:f2:e8:2c:70:84:e8:38:c2:48:
93:1a:b3:e7:72:ff:4a:c0:c2:49:fa:ee:b8:4d:74:7a:69:ec:
8c:fb:c6:c0:07:11:65:78:db:54:41:76:fe:5d:cf:32:29:dd:
b2:35:b4:d2:70:59:20:cd:1e:26:fb:a7:09:b7:67:fe:4f:a3:
35:33:f5:10:71:78:58:cd:93:f4:c9:4b:fd:23:5b:5a:b2:1b:
b1:11:4d:10:07:60:52:98:57:9a:1c:50:7b:d9:3f:41:14:dd:
de:08:24:0f:c9:12:47:60:08:b6:ac:14:e7:4e:17:54:d8:49:
c2:4d:a1:02:3d:6f:f7:2b:28:22:97:23:fa:89:2d:c9:66:4f:
e0:66:3c:37
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYzJvCf/GatyILNAgK31/+J0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjFhMTU2YjBiZDA1ZDQwM2U5MzViOTMwMTg4ZGEwZWZmOTJhYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DqAe6ejf26TE4O6D2+/W8NqK5Qt
3E/9OFafMS2Q3+cCZlDO9Rce1Iw6st1h0gO2yv78KPvFpLF7XHfrCsZZZLjVRM7t
FozbE2pwNoXCzXKEkX0VkEit+I2YQJ1/jFQu4iYs8O6Ada+5Wd9NkDFwWBZsi9Ms
/OrZQLv1pH3nphLPbIPW7frQK+8ms61RRoS7CU2qpH8rjt7NSIG+98E9un+JtbAG
hyNurV6kG9YwgFNeuC3RY0AGPRAtnDRNOGyR4cXstI8mbZLLXP5La3OBfpTkoE/b
FvMfB0TR7Ug+B4So1DhUnlTgjk0BZu5tyvOX1DojVKFbwYExOgIjYpVuBwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFA8aFWsL0F1APpNbkwGI2g7/kqrtMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRHhvVmF3dlFYVUEtazF1VEFZamFEdi1TcXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAIwgdIDBQMq
BbMAAwUDKgY7wAMFAyoGpcADBQMqBqYAAwUDKgbfwAMFAyoKFAADBQMqDEiAAwUD
Kg5agAMFAyoOmwADBQMqDxOAAwUDKg8VgAMFAyoPIwADBQMqDz+AAwUDKg9/AAMF
AyoPgQADBQMqD4MAAwUDKg+WAAMFAyoPvAADBQMqD9pAAwUDKg/awAMFAyoP3UAD
BQMqD+DAAwUDKg/hQAMFAyoP5kADBQMqD+wAAwUDKg/uAAMFAyoS1UADBQMqEwIA
AwUDKhN9gAMFAyoTk4AwDQYJKoZIhvcNAQELBQADggEBAMYGYrPsdaOTMrBvbNz1
YI4TgjGU1APjF8hSk9CN+OBQD3bmGcUOTMavRogbmqc/dlyBaJ5nGfevL0T0Oab1
honU/kGUJScPXpNK/A7d5SGoSQY5qBiqKFr+f6t/pU4UpVv9StRvtLdN1+dPY0JC
zb/hH0pcF/LoLHCE6DjCSJMas+dy/0rAwkn67rhNdHpp7Iz7xsAHEWV421RBdv5d
zzIp3bI1tNJwWSDNHib7pwm3Z/5PozUz9RBxeFjNk/TJS/0jW1qyG7ERTRAHYFKY
V5ocUHvZP0EU3d4IJA/JEkdgCLasFOdOF1TYScJNoQI9b/crKCKXI/qJLclmT+Bm
PDc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:51:00 2025 by rpki-client