Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fHBB-3AMTqamZUYcAHlUWea8SnI.roa
File: fHBB-3AMTqamZUYcAHlUWea8SnI.roa (raw, json)
Hash identifier: Yj8I5fGWZUMWcZjP2Z04xBIpO2vp7++Ib8v/oq0kFlw=
Subject key identifier: 7C:70:41:FB:70:0C:4E:A6:A6:65:46:1C:00:79:54:59:E6:BC:4A:72
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CED246289A6EEB676456032C5331FCC9E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fHBB-3AMTqamZUYcAHlUWea8SnI.roa
Signing time: Tue 09 Jan 2024 07:33:53 +0000
ROA not before: Tue 09 Jan 2024 07:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199925
IP address blocks: 2a0f:e040::/29 maxlen: 29
2a0f:1480::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jul 2024 20:35:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:24:62:89:a6:ee:b6:76:45:60:32:c5:33:1f:cc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 9 07:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c7041fb700c4ea6a665461c00795459e6bc4a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e8:9b:8e:9f:dd:04:6c:88:87:6b:5a:5c:eb:
23:6e:96:e6:f6:db:7c:a3:2c:68:2f:46:e7:17:eb:
8c:f7:ad:8f:07:be:fa:98:2f:e1:bd:5c:18:d6:60:
81:df:84:fa:2d:12:3d:c6:1e:71:95:fa:71:9f:48:
7b:d7:c7:17:f7:d4:18:3a:1d:c8:4c:ce:ea:fe:54:
87:5a:b1:83:5e:27:08:96:d0:13:13:81:d6:92:50:
5c:fc:e0:a2:50:74:3f:48:53:ad:9c:de:a1:d4:9f:
c9:3f:4d:31:43:4c:65:07:fa:21:5e:9c:db:6d:ea:
52:e2:80:d1:be:28:b7:17:7e:e5:84:e6:57:1a:20:
21:29:a0:45:ea:9f:36:34:a7:2f:b8:c8:6c:f8:41:
88:f7:c5:f8:77:9a:29:b0:dc:2a:05:08:ea:3d:14:
29:92:3b:04:d1:a2:5a:f0:12:56:21:a8:25:30:98:
a6:f5:a3:e7:cc:8a:58:46:a5:a0:8b:ce:d1:88:3f:
18:7a:8d:44:89:e4:c8:1b:99:5b:05:54:70:17:eb:
97:b6:9d:dc:e3:7b:d0:ba:67:82:ad:56:67:e4:ab:
87:32:ad:f3:0c:64:0f:a2:04:cc:75:da:ea:75:0a:
0b:1d:53:03:81:ac:a5:30:9b:af:4f:96:a8:4d:54:
65:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:70:41:FB:70:0C:4E:A6:A6:65:46:1C:00:79:54:59:E6:BC:4A:72
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fHBB-3AMTqamZUYcAHlUWea8SnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1480::/29
2a0f:e040::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
61:91:2a:7c:61:03:f0:42:40:cf:b0:bf:ac:8d:e4:e7:cb:08:
f7:f2:e4:92:c6:92:1b:a0:ff:bc:49:9a:d5:57:ff:77:76:5d:
76:bc:72:a7:cd:a5:ec:b7:14:ac:f2:ab:93:2f:97:73:e4:44:
5c:49:2d:ae:f7:7d:49:15:41:ca:0c:f1:c1:75:cd:8b:25:ff:
3f:02:fc:2a:24:3f:73:67:69:4f:3a:a8:e8:78:59:10:1e:da:
70:88:6a:0f:1a:4f:06:a8:f6:d4:f2:3e:b5:18:9d:ba:bd:32:
96:8b:bb:50:7b:31:b8:74:bd:46:35:7f:55:4a:30:60:e3:dd:
5f:28:2a:78:a7:e1:13:44:a6:90:83:f1:8a:6c:21:c3:a7:ae:
fa:c4:e1:1f:c2:80:df:8a:4e:e6:1a:e0:e4:8e:5e:5a:9b:ff:
24:26:39:f2:c4:e8:7b:ec:3e:64:8a:a3:bc:a0:05:ca:81:27:
3f:23:05:27:dd:4a:ca:2e:91:a0:95:11:07:eb:76:5e:ca:69:
b7:8c:ec:e2:05:2b:ce:c3:51:52:34:77:3c:43:8d:f3:6f:d4:
df:ab:0f:a4:bd:45:34:94:8e:8c:a4:73:37:20:bc:04:8f:1f:
d2:79:2d:34:d5:b9:0a:cd:b4:18:dd:19:0e:9b:36:37:a6:7b:
fe:42:52:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYztJGKJpu62dkVgMsUzH8yeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTA5MDczMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzcwNDFmYjcwMGM0ZWE2YTY2NTQ2MWMwMDc5NTQ1OWU2YmM0YTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluibjp/dBGyIh2taXOsjbpbm9tt8
oyxoL0bnF+uM962PB776mC/hvVwY1mCB34T6LRI9xh5xlfpxn0h718cX99QYOh3I
TM7q/lSHWrGDXicIltATE4HWklBc/OCiUHQ/SFOtnN6h1J/JP00xQ0xlB/ohXpzb
bepS4oDRvii3F37lhOZXGiAhKaBF6p82NKcvuMhs+EGI98X4d5opsNwqBQjqPRQp
kjsE0aJa8BJWIaglMJim9aPnzIpYRqWgi87RiD8Yeo1EieTIG5lbBVRwF+uXtp3c
43vQumeCrVZn5KuHMq3zDGQPogTMddrqdQoLHVMDgaylMJuvT5aoTVRlNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHxwQftwDE6mpmVGHAB5VFnmvEpyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZkhCQi0zQU1UcWFtWlVZY0FIbFVXZWE4U25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg8UgAMF
AyoP4EADBQMqEytAMA0GCSqGSIb3DQEBCwUAA4IBAQBhkSp8YQPwQkDPsL+sjeTn
ywj38uSSxpIboP+8SZrVV/93dl12vHKnzaXstxSs8quTL5dz5ERcSS2u931JFUHK
DPHBdc2LJf8/AvwqJD9zZ2lPOqjoeFkQHtpwiGoPGk8GqPbU8j61GJ26vTKWi7tQ
ezG4dL1GNX9VSjBg491fKCp4p+ETRKaQg/GKbCHDp676xOEfwoDfik7mGuDkjl5a
m/8kJjnyxOh77D5kiqO8oAXKgSc/IwUn3UrKLpGglREH63Zeymm3jOziBSvOw1FS
NHc8Q43zb9Tfqw+kvUU0lI6MpHM3ILwEjx/SeS001bkKzbQY3RkOmzY3pnv+QlJB
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:42 2025 by rpki-client