Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I_FCRRubYvcgXhTCd1lbJ74f-jc.roa
File: I_FCRRubYvcgXhTCd1lbJ74f-jc.roa (raw, json)
Hash identifier: hHLmegCEG+9ouzrnvJdX0AzDTJItu6NpzKdbO4OEN+o=
Subject key identifier: 23:F1:42:45:1B:9B:62:F7:20:5E:14:C2:77:59:5B:27:BE:1F:FA:37
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019280A68EE6F3CA4442AA8CB13E70940FB2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I_FCRRubYvcgXhTCd1lbJ74f-jc.roa
Signing time: Sat 12 Oct 2024 12:14:12 +0000
ROA not before: Sat 12 Oct 2024 12:14:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21738
IP address blocks: 2a0e:e980::/29 maxlen: 29
2a0f:140::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a10:6f00::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a10:7300::/29 maxlen: 29
2a10:7f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 20 Oct 2024 12:46:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:80:a6:8e:e6:f3:ca:44:42:aa:8c:b1:3e:70:94:0f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 12 12:14:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23f142451b9b62f7205e14c277595b27be1ffa37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a4:ff:14:40:2d:56:b5:fc:6c:7e:a6:e3:1e:
1d:9c:84:07:00:95:64:18:64:7d:54:84:5d:a2:01:
6b:d6:c3:ba:5d:de:ba:6c:91:d8:39:fa:21:37:f5:
1a:ac:2d:ae:72:cd:3f:56:8d:8e:b1:44:d9:dd:76:
39:4e:91:09:4d:91:bf:0e:a2:ba:48:ff:3a:ad:33:
64:1c:7c:af:50:5d:dd:c7:b7:34:20:00:89:87:90:
c1:c3:6c:bc:3c:ca:eb:4b:08:7b:79:9e:a6:77:32:
5f:a0:c1:a3:f6:9b:5a:e2:c0:f4:b0:36:f9:b1:02:
95:4a:92:2f:f8:cd:f5:2e:4e:f3:6c:7f:41:e3:7a:
22:3a:80:5d:d2:32:ac:c3:66:2e:88:ff:1c:71:5e:
47:86:6c:65:6a:ad:21:75:44:e3:9d:6e:1f:7b:c0:
d1:4f:d4:4a:28:b2:3f:a4:e6:c7:64:9b:cd:a8:dc:
2e:63:9a:df:67:3e:80:55:72:c5:e9:ad:e6:8d:83:
94:88:75:25:5e:34:bc:13:ca:0f:18:e9:a2:63:5f:
5d:2a:f9:93:9d:12:f0:62:d8:df:10:f8:20:63:f1:
05:88:1a:d0:0b:dd:d7:d0:38:f5:6d:4a:7d:09:f6:
d7:28:b8:7b:ad:af:35:83:3e:ae:09:9f:1e:9f:49:
8d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F1:42:45:1B:9B:62:F7:20:5E:14:C2:77:59:5B:27:BE:1F:FA:37
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/I_FCRRubYvcgXhTCd1lbJ74f-jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:e980::/29
2a0f:140::/29
2a0f:e740::/29
2a10:37c0::/29
2a10:5200::/29
2a10:6900::/29
2a10:6f00::/29
2a10:7100::/29
2a10:7300::/29
2a10:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
bb:cf:21:59:f1:f3:91:b0:5e:a3:6c:d1:75:ae:a3:d1:79:c0:
e1:6b:16:ce:80:58:4f:37:4c:e4:02:9d:da:7b:c4:07:0c:6e:
35:6c:d5:c8:d0:a9:c6:c6:f5:4f:81:ce:f6:73:2a:2e:cc:06:
d6:00:28:bb:08:b4:f4:76:1b:d0:42:2d:82:5f:13:ec:3a:91:
5a:09:2e:9d:33:c7:74:2d:51:b4:d0:64:25:c3:b0:2b:f8:30:
d3:35:5c:de:ca:bf:53:0f:b0:10:f6:20:10:27:a6:56:6d:a9:
13:3a:d0:b5:6f:e6:40:8b:d4:c4:97:4a:6c:f3:b4:22:9b:db:
bc:4d:c7:56:b2:43:35:13:0d:a6:52:ac:d1:68:2a:ca:5c:c9:
72:a4:dc:bd:74:93:af:ee:03:16:24:30:a1:ea:c1:e8:c6:a6:
ce:7d:c1:3d:87:86:a0:3e:dc:36:a7:c8:2d:5e:89:1b:9d:36:
66:ea:25:98:ea:d9:7c:67:e8:5d:26:78:b7:eb:70:b5:2a:8f:
11:6f:74:57:48:25:1e:ae:2b:ea:31:9d:c9:f1:06:71:cb:c5:
76:96:9c:6e:87:0f:6f:08:42:d4:19:bd:56:1d:fb:f8:ad:08:
5d:df:d7:e5:bd:fc:a6:5b:8f:ee:29:ca:cb:cb:96:0c:ff:00:
21:38:32:b0
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZKApo7m88pEQqqMsT5wlA+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDEyMTIxNDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2YxNDI0NTFiOWI2MmY3MjA1ZTE0YzI3NzU5NWIyN2JlMWZmYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaT/FEAtVrX8bH6m4x4dnIQHAJVk
GGR9VIRdogFr1sO6Xd66bJHYOfohN/UarC2ucs0/Vo2OsUTZ3XY5TpEJTZG/DqK6
SP86rTNkHHyvUF3dx7c0IACJh5DBw2y8PMrrSwh7eZ6mdzJfoMGj9pta4sD0sDb5
sQKVSpIv+M31Lk7zbH9B43oiOoBd0jKsw2YuiP8ccV5Hhmxlaq0hdUTjnW4fe8DR
T9RKKLI/pObHZJvNqNwuY5rfZz6AVXLF6a3mjYOUiHUlXjS8E8oPGOmiY19dKvmT
nRLwYtjfEPggY/EFiBrQC93X0Dj1bUp9CfbXKLh7ra81gz6uCZ8en0mNeQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCPxQkUbm2L3IF4UwndZWye+H/o3MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSV9GQ1JSdWJZdmNnWGhUQ2QxbGJKNzRmLWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKg7pgAMF
AyoPAUADBQMqD+dAAwUDKhA3wAMFAyoQUgADBQMqEGkAAwUDKhBvAAMFAyoQcQAD
BQMqEHMAAwUDKhB/ADANBgkqhkiG9w0BAQsFAAOCAQEAu88hWfHzkbBeo2zRda6j
0XnA4WsWzoBYTzdM5AKd2nvEBwxuNWzVyNCpxsb1T4HO9nMqLswG1gAouwi09HYb
0EItgl8T7DqRWgkunTPHdC1RtNBkJcOwK/gw0zVc3sq/Uw+wEPYgECemVm2pEzrQ
tW/mQIvUxJdKbPO0IpvbvE3HVrJDNRMNplKs0WgqylzJcqTcvXSTr+4DFiQwoerB
6Mamzn3BPYeGoD7cNqfILV6JG502ZuolmOrZfGfoXSZ4t+twtSqPEW90V0glHq4r
6jGdyfEGccvFdpacbocPbwhC1Bm9Vh37+K0IXd/X5b38pluP7inKy8uWDP8AITgy
sA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:24 2025 by rpki-client