Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZQzxHlEjFz6OqQxUToy7Gl6xKTQ.roa
File: ZQzxHlEjFz6OqQxUToy7Gl6xKTQ.roa (raw, json)
Hash identifier: ME7lH4a/Btx0q/ykZdWvb7QiITq0FkQ7Q8LFSF0jsJ0=
Subject key identifier: 65:0C:F1:1E:51:23:17:3E:8E:A9:0C:54:4E:8C:BB:1A:5E:B1:29:34
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FE70C82F4EDD7DF437CAC4FED25969823
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZQzxHlEjFz6OqQxUToy7Gl6xKTQ.roa
Signing time: Wed 05 Jun 2024 06:18:27 +0000
ROA not before: Wed 05 Jun 2024 06:18:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:2d80:1292::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a0f:e847:1::/48 maxlen: 48
2a12:d6c0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Fri 07 Jun 2024 08:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e7:0c:82:f4:ed:d7:df:43:7c:ac:4f:ed:25:96:98:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 5 06:18:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=650cf11e5123173e8ea90c544e8cbb1a5eb12934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:26:01:6e:a9:d6:aa:f0:5b:5b:21:d3:b3:4d:
81:94:0b:a8:85:76:b8:26:83:3b:f8:0a:4e:4c:6e:
42:68:5e:f9:4b:e1:24:65:8a:91:f5:b8:71:f3:44:
17:76:97:e5:30:d0:05:ec:63:9c:80:ed:2e:56:32:
30:a6:0c:c3:51:67:54:9b:ec:19:5e:72:25:9a:bd:
f9:dd:b3:9e:11:4a:0e:ff:cd:20:f5:10:dc:0f:58:
b1:3b:1e:99:45:83:36:a3:d0:39:56:22:8a:b5:ce:
ca:1f:a9:34:d4:6e:e3:3a:ce:53:39:c0:84:6c:76:
dd:46:ab:3b:83:77:d8:ed:f8:88:4a:1e:95:4a:19:
de:55:0e:66:b1:4f:23:40:d7:0d:2d:09:75:61:bb:
51:82:1d:83:d7:22:55:db:88:07:43:3e:07:d7:6d:
28:65:9f:b4:55:41:2e:57:32:70:e7:fb:d8:94:fd:
c9:7f:10:e1:09:12:8b:85:99:4f:c9:cc:ff:df:d5:
59:ad:a6:b9:8e:1b:07:40:8d:05:ab:3b:81:19:f2:
2d:e4:82:cf:c7:63:4a:02:d3:30:c5:c2:b4:e6:4c:
d6:fe:09:f1:b7:b3:14:14:d6:08:ed:6a:e7:73:97:
e6:b3:5b:63:4b:a2:2e:18:45:1e:af:ba:af:f1:f4:
83:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0C:F1:1E:51:23:17:3E:8E:A9:0C:54:4E:8C:BB:1A:5E:B1:29:34
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZQzxHlEjFz6OqQxUToy7Gl6xKTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0e:1a84::/32
2a0f:2d80:1292::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a0f:e847:1::/48
2a12:d6c0::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
74:7f:65:21:e4:39:b9:d6:dc:d8:8f:6e:18:99:0c:11:b1:87:
f2:19:80:a6:c5:ad:4c:50:97:54:34:bc:6b:04:fd:e3:b5:63:
59:ac:95:45:c5:24:e8:62:12:b8:f6:e5:48:54:4a:c6:f9:c0:
b3:5d:da:01:4a:7a:f6:27:5f:aa:24:49:1a:c3:03:62:92:84:
ab:03:99:00:6f:bc:83:f7:64:5f:b6:18:c1:94:f1:3c:43:3f:
5f:e0:fa:24:09:45:db:2b:31:5c:25:2f:bc:12:db:f8:2a:99:
b1:b2:3f:65:ab:11:78:17:c9:e3:a0:e8:1b:2f:a4:19:42:ac:
45:f4:98:a6:ef:02:0a:09:f0:b5:22:e8:0c:fa:7a:ba:8b:13:
d2:63:ca:1b:dd:88:19:e7:a7:03:12:dc:93:4e:b2:a4:fa:cd:
fe:81:01:9f:10:22:58:20:65:cd:e5:3d:30:c3:e8:a0:b0:53:
1d:62:78:5d:dc:26:9f:09:3e:b2:5d:c2:fa:19:e4:01:ca:b2:
dc:9a:1a:a6:77:22:5b:a9:76:f9:ca:ef:d5:83:70:4c:c1:50:
e1:78:81:54:72:7d:f5:1b:a5:6e:80:7d:54:5e:3e:77:b5:51:
e0:c1:f0:ed:e8:db:e0:5e:80:ec:78:8d:29:0f:52:07:08:ba:
56:31:3a:cb
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY/nDIL07dffQ3ysT+0llpgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjA1MDYxODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTBjZjExZTUxMjMxNzNlOGVhOTBjNTQ0ZThjYmIxYTVlYjEyOTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCYBbqnWqvBbWyHTs02BlAuohXa4
JoM7+ApOTG5CaF75S+EkZYqR9bhx80QXdpflMNAF7GOcgO0uVjIwpgzDUWdUm+wZ
XnIlmr353bOeEUoO/80g9RDcD1ixOx6ZRYM2o9A5ViKKtc7KH6k01G7jOs5TOcCE
bHbdRqs7g3fY7fiISh6VShneVQ5msU8jQNcNLQl1YbtRgh2D1yJV24gHQz4H120o
ZZ+0VUEuVzJw5/vYlP3JfxDhCRKLhZlPycz/39VZraa5jhsHQI0FqzuBGfIt5ILP
x2NKAtMwxcK05kzW/gnxt7MUFNYI7Wrnc5fms1tjS6IuGEUer7qv8fSDMQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFGUM8R5RIxc+jqkMVE6MuxpesSk0MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWlF6eEhsRWpGejZPcVF4VVRveTdHbDZ4S1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAAjBAAwUAKgx4hAMF
ACoOGoQDBwAqDy2AEpIDBwAqD30AAAEDBwAqD7wAocQDBwAqD+hHAAEDBQMqEtbA
AwUDKhMrQDANBgkqhkiG9w0BAQsFAAOCAQEAdH9lIeQ5udbc2I9uGJkMEbGH8hmA
psWtTFCXVDS8awT947VjWayVRcUk6GISuPblSFRKxvnAs13aAUp69idfqiRJGsMD
YpKEqwOZAG+8g/dkX7YYwZTxPEM/X+D6JAlF2ysxXCUvvBLb+CqZsbI/ZasReBfJ
46DoGy+kGUKsRfSYpu8CCgnwtSLoDPp6uosT0mPKG92IGeenAxLck06ypPrN/oEB
nxAiWCBlzeU9MMPooLBTHWJ4Xdwmnwk+sl3C+hnkAcqy3JoapnciW6l2+crv1YNw
TMFQ4XiBVHJ99RulboB9VF4+d7VR4MHw7ejb4F6A7HiNKQ9SBwi6VjE6yw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:10:54 2025 by rpki-client