Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Lz7zSEx1EUpMyx9XaIE1HuQ3h_I.roa
File: Lz7zSEx1EUpMyx9XaIE1HuQ3h_I.roa (raw, json)
Hash identifier: OESU9rFfCV5FhTfr3AiSd/TYB6qlvf2N1MmaPZl/RHU=
Subject key identifier: 2F:3E:F3:48:4C:75:11:4A:4C:CB:1F:57:68:81:35:1E:E4:37:87:F2
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01932A5A2255F41232B7D3CFBC91AAC64046
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Lz7zSEx1EUpMyx9XaIE1HuQ3h_I.roa
Signing time: Thu 14 Nov 2024 11:06:10 +0000
ROA not before: Thu 14 Nov 2024 11:06:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54852
IP address blocks: 2a09:7b00::/29 maxlen: 29
2a0e:8880::/29 maxlen: 29
2a10:31c0::/29 maxlen: 29
2a10:4e00::/29 maxlen: 29
2a11:1c40::/29 maxlen: 29
2a11:7440::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 04 Dec 2024 07:32:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:5a:22:55:f4:12:32:b7:d3:cf:bc:91:aa:c6:40:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 14 11:06:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f3ef3484c75114a4ccb1f576881351ee43787f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:56:41:b6:68:a9:36:54:fd:b3:e9:2a:1a:97:
83:39:25:0b:14:c0:8f:39:e5:f3:07:24:de:b2:77:
1f:c3:f0:f5:c0:69:b3:23:e9:bc:c0:bf:11:9e:eb:
99:c7:d3:20:b6:9c:e4:41:37:34:56:70:06:c3:cd:
0a:7e:45:ce:97:34:8e:4d:d4:bc:ac:d2:28:65:b4:
24:1a:07:46:0f:bc:22:79:2c:d1:2c:32:d3:84:7c:
09:b6:db:bf:bb:fd:02:0e:79:fb:17:d8:bc:d9:e8:
89:33:a0:b9:f7:9d:18:64:3a:af:ec:bd:ec:19:d5:
65:10:0d:c0:d7:b6:fe:39:58:85:e0:b5:b5:ee:49:
d1:75:dd:c5:25:10:f2:df:33:bc:4f:cd:b5:56:d6:
6e:f4:b6:1e:4a:e6:b0:27:82:06:d8:45:f5:3a:ce:
60:7b:c2:d6:2f:db:34:41:da:a0:5d:57:65:16:d9:
29:1f:d8:18:70:94:a1:28:7a:86:77:f9:90:da:a2:
81:e4:54:fd:ae:77:5c:1e:d4:af:e9:e4:34:89:b1:
f2:02:6a:6b:2e:21:ad:7e:99:de:c5:b3:2a:85:37:
19:8c:28:a4:93:d1:04:41:58:e8:86:95:fb:c1:07:
d0:21:51:e2:c5:8e:11:3e:5b:58:73:5a:21:53:e9:
ef:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3E:F3:48:4C:75:11:4A:4C:CB:1F:57:68:81:35:1E:E4:37:87:F2
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Lz7zSEx1EUpMyx9XaIE1HuQ3h_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:7b00::/29
2a0e:8880::/29
2a10:31c0::/29
2a10:4e00::/29
2a11:1c40::/29
2a11:7440::/29
Signature Algorithm: sha256WithRSAEncryption
14:c3:cf:ae:6e:c7:d7:72:d4:59:7b:01:c0:64:09:82:d1:65:
62:cd:4c:bb:83:57:05:aa:f6:0e:c5:53:0f:d0:c9:74:51:db:
c1:4b:13:1d:a3:4f:0a:b3:5b:46:cc:9c:2e:00:3c:2d:bf:6b:
f4:ff:e0:80:7c:50:34:3c:de:5d:28:47:1e:a6:88:49:67:c4:
0f:2b:91:ac:e6:b3:c3:0d:ea:d2:3e:d0:a3:30:da:af:38:f9:
f1:21:62:4a:a4:ef:3b:44:4b:ad:6d:ef:78:16:39:d5:b6:e6:
d2:17:ac:c4:2e:41:b9:ba:6a:56:cf:e0:83:3f:38:c4:eb:1f:
00:92:2d:1d:41:69:ff:eb:b8:08:0f:ae:41:51:d2:38:4b:3f:
4d:7f:26:30:4c:0d:4a:b1:66:df:95:01:14:c8:f6:b5:a6:21:
98:1a:00:c9:fb:7f:e5:64:7c:eb:60:00:14:b4:8a:e3:f6:73:
38:4c:04:7d:4e:59:86:66:41:58:5a:5a:c1:d4:64:ec:ab:6f:
a1:e8:f4:2b:01:a5:d4:47:d1:de:c0:ef:da:7a:14:a2:3d:92:
3f:14:27:55:82:ec:85:f7:c1:a0:e9:cc:23:f7:41:47:e2:ea:
12:c5:e7:4a:fc:66:11:91:3b:1c:b7:0f:aa:6d:7b:cc:7e:7c:
7d:4a:65:47
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZMqWiJV9BIyt9PPvJGqxkBGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTE0MTEwNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNlZjM0ODRjNzUxMTRhNGNjYjFmNTc2ODgxMzUxZWU0Mzc4N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlZBtmipNlT9s+kqGpeDOSULFMCP
OeXzByTesncfw/D1wGmzI+m8wL8RnuuZx9MgtpzkQTc0VnAGw80KfkXOlzSOTdS8
rNIoZbQkGgdGD7wieSzRLDLThHwJttu/u/0CDnn7F9i82eiJM6C5950YZDqv7L3s
GdVlEA3A17b+OViF4LW17knRdd3FJRDy3zO8T821VtZu9LYeSuawJ4IG2EX1Os5g
e8LWL9s0QdqgXVdlFtkpH9gYcJShKHqGd/mQ2qKB5FT9rndcHtSv6eQ0ibHyAmpr
LiGtfpnexbMqhTcZjCikk9EEQVjohpX7wQfQIVHixY4RPltYc1ohU+nv4QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC8+80hMdRFKTMsfV2iBNR7kN4fyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTHo3elNFeDFFVXBNeXg5WGFJRTFIdVEzaF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKgl7AAMF
AyoOiIADBQMqEDHAAwUDKhBOAAMFAyoRHEADBQMqEXRAMA0GCSqGSIb3DQEBCwUA
A4IBAQAUw8+ubsfXctRZewHAZAmC0WVizUy7g1cFqvYOxVMP0Ml0UdvBSxMdo08K
s1tGzJwuADwtv2v0/+CAfFA0PN5dKEcepohJZ8QPK5Gs5rPDDerSPtCjMNqvOPnx
IWJKpO87REutbe94FjnVtubSF6zELkG5umpWz+CDPzjE6x8Aki0dQWn/67gID65B
UdI4Sz9NfyYwTA1KsWbflQEUyPa1piGYGgDJ+3/lZHzrYAAUtIrj9nM4TAR9TlmG
ZkFYWlrB1GTsq2+h6PQrAaXUR9HewO/aehSiPZI/FCdVguyF98Gg6cwj90FH4uoS
xedK/GYRkTsctw+qbXvMfnx9SmVH
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:16 2025 by rpki-client