Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WsAhHh2wHUlJzljBvmsDskp4A14.roa
File: WsAhHh2wHUlJzljBvmsDskp4A14.roa (raw, json)
Hash identifier: 7sB/KAqPaM1SJqBfe2+VWOmqGHC2cI4CXwiA/VTLJ/A=
Subject key identifier: 5A:C0:21:1E:1D:B0:1D:49:49:CE:58:C1:BE:6B:03:B2:4A:78:03:5E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01913C402F17DF78A18EB145EC5B6177E3CF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WsAhHh2wHUlJzljBvmsDskp4A14.roa
Signing time: Sat 10 Aug 2024 12:25:24 +0000
ROA not before: Sat 10 Aug 2024 12:25:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214734
IP address blocks: 2a07:bb40::/29 maxlen: 29
2a0a:2940::/29 maxlen: 29
2a10:3240::/29 maxlen: 29
2a10:3340::/29 maxlen: 29
2a10:3440::/29 maxlen: 29
2a10:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Aug 2024 06:12:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3c:40:2f:17:df:78:a1:8e:b1:45:ec:5b:61:77:e3:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 10 12:25:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ac0211e1db01d4949ce58c1be6b03b24a78035e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c1:cf:7d:93:61:6d:6a:b8:b5:76:57:25:e6:
f0:6e:b5:94:a2:ad:ab:64:85:be:fa:fa:3b:6c:b6:
c3:29:cc:cf:ca:da:27:8e:be:e1:b7:7a:c7:aa:9c:
79:7b:96:d5:f2:d6:84:3e:82:89:b1:1e:ff:d5:d0:
a2:e5:ac:e8:d6:72:c4:de:9a:cc:3b:84:e7:f7:51:
73:49:16:f3:4d:57:0c:5c:7e:29:29:d7:a0:34:4d:
b4:7a:68:d4:ff:79:2e:44:0f:d8:7d:eb:36:32:7b:
e9:c3:89:e6:0f:1a:08:87:ab:40:2a:aa:40:7d:58:
cc:1c:f8:2e:3d:11:36:0f:ac:e3:59:16:66:6e:8c:
b0:8d:96:8d:ef:fc:ce:6d:d7:25:ac:f4:a9:f0:23:
a0:20:d3:4f:49:8d:08:65:6c:40:bd:31:25:df:52:
65:c0:d6:3d:58:4f:99:01:46:48:89:d4:70:c7:ab:
8b:3d:a8:f2:81:7d:db:ca:7f:4d:84:f6:06:11:5b:
e2:00:7d:66:af:65:29:0c:61:bf:a3:bf:ef:0b:cb:
36:a8:d0:dc:2a:8d:77:71:69:e6:74:70:fc:c2:52:
62:2d:38:43:d8:9a:5b:c2:1d:50:28:b2:f7:0d:71:
c4:d6:d9:9c:57:64:34:3b:a7:ad:3c:33:93:e1:be:
80:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C0:21:1E:1D:B0:1D:49:49:CE:58:C1:BE:6B:03:B2:4A:78:03:5E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/WsAhHh2wHUlJzljBvmsDskp4A14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bb40::/29
2a0a:2940::/29
2a10:3240::/29
2a10:3340::/29
2a10:3440::/29
2a10:7900::/29
Signature Algorithm: sha256WithRSAEncryption
11:71:33:b1:68:70:39:5d:51:60:28:2f:c8:2d:46:44:48:76:
9d:2a:6c:af:40:ef:b2:59:46:0a:ff:35:b3:e4:12:72:6e:1a:
7d:ab:71:03:b2:c0:ce:73:07:15:ec:50:f0:c0:2a:f8:81:89:
92:b0:fd:4d:de:32:28:4f:66:40:b3:e3:87:8b:3a:9a:bb:f0:
cd:bf:fa:69:2f:5d:b3:d6:7b:46:b9:39:68:93:7d:74:af:48:
79:4f:24:24:db:18:67:76:dc:9e:8a:bb:aa:17:2b:4d:36:6a:
85:18:44:fd:31:d8:08:be:b5:66:e3:84:1c:ac:85:e7:3d:9d:
c0:43:32:fe:79:ef:be:35:6f:6f:6a:06:b1:d9:20:b8:aa:ce:
37:2f:ef:dd:6e:99:00:87:d8:d7:db:d9:a4:aa:32:be:c1:f0:
ab:6e:a6:fa:2b:f8:a3:2d:b5:d2:6e:48:87:cd:04:95:c1:58:
e4:38:ec:4f:c6:29:64:c5:f8:b3:98:69:1c:d6:e9:f7:69:ad:
d9:d4:e2:cf:b5:87:25:26:17:e1:5b:e1:26:5f:96:8a:62:d9:
6c:6c:d2:e9:89:da:97:35:7b:19:0a:07:66:9b:a3:7a:32:df:
3c:23:51:1a:31:f7:d4:45:77:a3:d2:22:49:6a:9c:6e:76:70:
22:93:63:08
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZE8QC8X33ihjrFF7Fthd+PPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODEwMTIyNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWMwMjExZTFkYjAxZDQ5NDljZTU4YzFiZTZiMDNiMjRhNzgwMzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38HPfZNhbWq4tXZXJebwbrWUoq2r
ZIW++vo7bLbDKczPytonjr7ht3rHqpx5e5bV8taEPoKJsR7/1dCi5azo1nLE3prM
O4Tn91FzSRbzTVcMXH4pKdegNE20emjU/3kuRA/Yfes2Mnvpw4nmDxoIh6tAKqpA
fVjMHPguPRE2D6zjWRZmboywjZaN7/zObdclrPSp8COgINNPSY0IZWxAvTEl31Jl
wNY9WE+ZAUZIidRwx6uLPajygX3byn9NhPYGEVviAH1mr2UpDGG/o7/vC8s2qNDc
Ko13cWnmdHD8wlJiLThD2Jpbwh1QKLL3DXHE1tmcV2Q0O6etPDOT4b6AcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFrAIR4dsB1JSc5Ywb5rA7JKeANeMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvV3NBaEhoMndIVWxKemxqQnZtc0Rza3A0QTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKge7QAMF
AyoKKUADBQMqEDJAAwUDKhAzQAMFAyoQNEADBQMqEHkAMA0GCSqGSIb3DQEBCwUA
A4IBAQARcTOxaHA5XVFgKC/ILUZESHadKmyvQO+yWUYK/zWz5BJybhp9q3EDssDO
cwcV7FDwwCr4gYmSsP1N3jIoT2ZAs+OHizqau/DNv/ppL12z1ntGuTlok310r0h5
TyQk2xhndtyeiruqFytNNmqFGET9MdgIvrVm44QcrIXnPZ3AQzL+ee++NW9vagax
2SC4qs43L+/dbpkAh9jX29mkqjK+wfCrbqb6K/ijLbXSbkiHzQSVwVjkOOxPxilk
xfizmGkc1un3aa3Z1OLPtYclJhfhW+EmX5aKYtlsbNLpidqXNXsZCgdmm6N6Mt88
I1EaMffURXej0iJJapxudnAik2MI
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:28 2025 by rpki-client