Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ozr4KunMEskvTfjmvcNLM1Dz8g0.roa
File: Ozr4KunMEskvTfjmvcNLM1Dz8g0.roa (raw, json)
Hash identifier: onJ5oEjX67ayZiJPHbgpNMh5D1G7Pkaw3GnwQ1Mur2M=
Subject key identifier: 3B:3A:F8:2A:E9:CC:12:C9:2F:4D:F8:E6:BD:C3:4B:33:50:F3:F2:0D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F3D8AC9F337E30B04FFE0A97833EE3AFA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ozr4KunMEskvTfjmvcNLM1Dz8g0.roa
Signing time: Fri 03 May 2024 08:20:56 +0000
ROA not before: Fri 03 May 2024 08:20:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 64.226.54.0/23 maxlen: 23
64.226.156.0/22 maxlen: 22
2a07:f300::/29 maxlen: 29
2a0f:e847:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 14 May 2024 14:43:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:8a:c9:f3:37:e3:0b:04:ff:e0:a9:78:33:ee:3a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 3 08:20:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b3af82ae9cc12c92f4df8e6bdc34b3350f3f20d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6b:ce:f7:f6:e4:da:b4:b0:c6:90:80:31:a3:
34:29:52:f9:d2:d3:b6:75:41:e7:15:72:2e:f1:c0:
72:f8:33:bf:21:9f:55:d4:e7:e8:35:c8:8d:83:3d:
ff:5d:a7:0a:72:95:05:77:73:60:26:07:70:60:4a:
f3:0e:49:ad:a3:82:dd:15:57:62:ba:d6:cf:ed:62:
38:e9:b8:5c:18:d5:53:c1:02:5f:53:25:80:91:8c:
e5:6c:6e:88:1b:a0:55:09:81:32:5d:42:8f:4b:08:
f6:f9:10:3a:33:9b:14:a2:ed:6b:b4:3b:49:de:fc:
29:5a:8e:ea:50:67:5e:27:9a:55:75:6c:af:b9:df:
ae:7b:52:1b:1c:8d:91:d5:53:87:bc:75:bd:cd:a9:
13:33:94:7e:a8:61:ec:cf:1c:3d:3c:ea:8c:61:34:
82:a9:ef:d7:54:30:57:f6:9e:e7:78:a0:2f:52:b4:
ae:6b:ac:70:02:7b:95:69:31:6e:d9:26:9e:47:49:
fb:d5:01:30:6a:9e:1e:3b:43:7d:9b:58:d5:b9:df:
0a:42:66:9f:2c:fe:b1:b5:36:a5:02:42:e2:36:0a:
d9:93:55:b6:97:d4:e1:52:f7:5f:66:ff:8b:ff:ad:
48:ee:85:3f:bc:fd:d6:b5:e8:ef:6d:5a:07:38:e7:
07:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3A:F8:2A:E9:CC:12:C9:2F:4D:F8:E6:BD:C3:4B:33:50:F3:F2:0D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Ozr4KunMEskvTfjmvcNLM1Dz8g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
IPv6:
2a07:f300::/29
2a0f:e847:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
10:be:3d:06:80:a4:aa:27:5f:33:7e:d2:20:93:33:c6:0f:0b:
22:d2:a2:fb:89:b6:54:91:17:21:79:ce:13:7b:cf:d6:48:dc:
b6:0b:cd:d3:74:93:6b:9d:02:a7:d7:83:59:46:c4:d8:69:20:
28:e8:32:53:d1:45:a5:01:66:c0:b9:ac:ff:85:7b:cd:f6:e9:
db:c7:35:76:24:8e:b0:09:67:ce:f9:9a:46:79:10:38:04:91:
32:b5:8b:81:de:87:ee:50:7b:4e:8c:42:72:3e:3d:4b:47:59:
c2:a7:ed:2a:44:48:5f:cd:2c:47:b5:8c:0b:32:50:53:0f:20:
db:b3:55:b2:d6:b0:95:96:b8:f7:75:6f:14:fb:4e:bf:4a:84:
d9:cd:82:48:bc:eb:e2:79:38:43:ee:3d:6b:83:ea:74:10:96:
fb:61:64:7f:f7:65:3d:9e:3c:0e:fa:cc:4d:8f:b4:ac:50:2c:
89:93:0d:15:30:43:50:de:82:3e:f4:f1:1e:c3:96:b3:7f:ca:
d2:cf:9b:4b:82:6e:3c:09:07:e7:cf:41:bc:9d:41:a5:d0:96:
00:2c:ab:39:71:6d:1c:ee:99:9e:87:2e:e1:bf:5f:e7:dc:dd:
20:e6:e3:aa:16:c6:79:b5:58:99:b2:ad:e2:7d:71:66:72:72:
ce:39:20:94
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY89isnzN+MLBP/gqXgz7jr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTAzMDgyMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjNhZjgyYWU5Y2MxMmM5MmY0ZGY4ZTZiZGMzNGIzMzUwZjNmMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGvO9/bk2rSwxpCAMaM0KVL50tO2
dUHnFXIu8cBy+DO/IZ9V1OfoNciNgz3/XacKcpUFd3NgJgdwYErzDkmto4LdFVdi
utbP7WI46bhcGNVTwQJfUyWAkYzlbG6IG6BVCYEyXUKPSwj2+RA6M5sUou1rtDtJ
3vwpWo7qUGdeJ5pVdWyvud+ue1IbHI2R1VOHvHW9zakTM5R+qGHszxw9POqMYTSC
qe/XVDBX9p7neKAvUrSua6xwAnuVaTFu2SaeR0n71QEwap4eO0N9m1jVud8KQmaf
LP6xtTalAkLiNgrZk1W2l9ThUvdfZv+L/61I7oU/vP3WtejvbVoHOOcHrQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDs6+CrpzBLJL0345r3DSzNQ8/INMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT3pyNEt1bk1Fc2t2VGZqbXZjTkxNMUR6OGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQBQOI2AwQC
QOKcMBYEAgACMBADBQMqB/MAAwcAKg/oR///MA0GCSqGSIb3DQEBCwUAA4IBAQAQ
vj0GgKSqJ18zftIgkzPGDwsi0qL7ibZUkRchec4Te8/WSNy2C83TdJNrnQKn14NZ
RsTYaSAo6DJT0UWlAWbAuaz/hXvN9unbxzV2JI6wCWfO+ZpGeRA4BJEytYuB3ofu
UHtOjEJyPj1LR1nCp+0qREhfzSxHtYwLMlBTDyDbs1Wy1rCVlrj3dW8U+06/SoTZ
zYJIvOvieThD7j1rg+p0EJb7YWR/92U9njwO+sxNj7SsUCyJkw0VMENQ3oI+9PEe
w5azf8rSz5tLgm48CQfnz0G8nUGl0JYALKs5cW0c7pmehy7hv1/n3N0g5uOqFsZ5
tViZsq3ifXFmcnLOOSCU
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:39:58 2025 by rpki-client