Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fnMHRhLw_ff66YOiaIdVtop1zxY.roa
File: fnMHRhLw_ff66YOiaIdVtop1zxY.roa (raw, json)
Hash identifier: mk3pxo/piufD8Wrd8IxKoQlDqSfx2GNEOyPOVDq53SU=
Subject key identifier: 7E:73:07:46:12:F0:FD:F7:FA:E9:83:A2:68:87:55:B6:8A:75:CF:16
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191EC3CBBAD7F889404CF464BC1C8F12CA7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fnMHRhLw_ff66YOiaIdVtop1zxY.roa
Signing time: Fri 13 Sep 2024 16:34:48 +0000
ROA not before: Fri 13 Sep 2024 16:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 2a09:17c0:b19a::/48 maxlen: 48
2a09:17c7:fc3a::/48 maxlen: 48
2a0f:1200:d9::/48 maxlen: 48
2a0f:1207:fe5a::/48 maxlen: 48
2a0f:2ec0:1::/48 maxlen: 48
2a0f:e1c0:3::/48 maxlen: 48
2a0f:e1c0:37a::/48 maxlen: 48
2a0f:e200:5::/48 maxlen: 48
2a0f:e200:25f::/48 maxlen: 48
2a0f:e207:fd38::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a0f:e6c0:11c::/48 maxlen: 48
2a0f:e6c0:3af::/48 maxlen: 48
2a0f:e6c6:99::/48 maxlen: 48
2a0f:e7c7:fcd8::/48 maxlen: 48
2a0f:ea40:8::/48 maxlen: 48
2a0f:ea47:fc1d::/48 maxlen: 48
2a0f:ea47:ff49::/48 maxlen: 48
2a12:ac46:88::/48 maxlen: 48
2a12:ecc0:3::/48 maxlen: 48
2a12:ecc0:4::/48 maxlen: 48
2a12:ecc0:66::/48 maxlen: 48
2a12:ecc0:188::/48 maxlen: 48
2a12:ecc0:316::/48 maxlen: 48
2a12:ecc0:34a::/48 maxlen: 48
2a13:18c6:44::/48 maxlen: 48
2a13:18c6:99::/48 maxlen: 48
2a13:8c82:2::/48 maxlen: 48
2a13:8c86:100::/48 maxlen: 48
2a13:8c86:140::/48 maxlen: 48
2a13:c700:1::/48 maxlen: 48
2a13:c900:22::/48 maxlen: 48
2a13:c900:66::/48 maxlen: 48
2a13:c900:110::/48 maxlen: 48
2a13:e102:2::/48 maxlen: 48
2a13:e107:77::/48 maxlen: 48
2a13:e107:29b::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Sep 2024 06:53:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ec:3c:bb:ad:7f:88:94:04:cf:46:4b:c1:c8:f1:2c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 13 16:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e73074612f0fdf7fae983a2688755b68a75cf16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b5:6b:1c:c6:de:a6:78:21:3c:26:57:fc:95:
68:5b:79:2d:4d:a7:8b:c7:df:07:6c:1b:7e:39:57:
11:d5:f8:ba:35:fd:e0:3e:6f:f0:7e:03:f2:70:a0:
f3:cd:66:d7:3d:8c:4c:15:15:42:d8:f4:42:96:98:
7b:84:7e:86:7d:90:a9:7a:f8:f6:a1:f2:d7:21:dd:
06:97:1c:a9:c0:12:19:ed:55:17:a9:9f:b2:9c:c5:
84:22:00:dd:56:e1:f8:eb:73:dd:d5:b5:27:b7:e5:
0f:97:de:40:d9:3b:74:04:17:de:a6:c8:d5:87:d2:
9d:e7:19:41:51:8a:c0:55:81:64:01:ea:e9:d7:37:
a2:37:8e:ea:af:29:2f:d6:ae:b2:46:2a:cf:ba:57:
d7:43:7f:a7:a0:7c:11:a9:ba:d9:38:9c:df:cc:f9:
c3:1d:a1:32:79:36:20:7c:48:74:5b:68:e7:5f:b3:
b8:d1:17:ec:49:11:32:d5:4f:86:3c:11:90:39:22:
3b:06:dd:8c:75:26:28:7b:7e:4d:50:1d:e9:00:62:
4f:02:a7:10:e6:68:d8:37:ad:b1:f3:eb:58:1e:63:
94:57:93:99:dd:5a:3f:7c:57:62:db:32:88:c1:1f:
b8:ca:81:72:fa:11:03:b2:b7:73:46:b9:69:08:3a:
4d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:73:07:46:12:F0:FD:F7:FA:E9:83:A2:68:87:55:B6:8A:75:CF:16
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fnMHRhLw_ff66YOiaIdVtop1zxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0:b19a::/48
2a09:17c7:fc3a::/48
2a0f:1200:d9::/48
2a0f:1207:fe5a::/48
2a0f:2ec0:1::/48
2a0f:e1c0:3::/48
2a0f:e1c0:37a::/48
2a0f:e200:5::/48
2a0f:e200:25f::/48
2a0f:e207:fd38::/48
2a0f:e440::/29
2a0f:e6c0:11c::/48
2a0f:e6c0:3af::/48
2a0f:e6c6:99::/48
2a0f:e7c7:fcd8::/48
2a0f:ea40:8::/48
2a0f:ea47:fc1d::/48
2a0f:ea47:ff49::/48
2a12:ac46:88::/48
2a12:ecc0:3::-2a12:ecc0:4:ffff:ffff:ffff:ffff:ffff
2a12:ecc0:66::/48
2a12:ecc0:188::/48
2a12:ecc0:316::/48
2a12:ecc0:34a::/48
2a13:18c6:44::/48
2a13:18c6:99::/48
2a13:8c82:2::/48
2a13:8c86:100::/48
2a13:8c86:140::/48
2a13:c700:1::/48
2a13:c900:22::/48
2a13:c900:66::/48
2a13:c900:110::/48
2a13:e102:2::/48
2a13:e107:77::/48
2a13:e107:29b::/48
Signature Algorithm: sha256WithRSAEncryption
9e:b5:26:32:55:22:ae:96:d2:db:fd:9f:62:07:2f:13:35:59:
dc:9f:a2:36:51:32:a7:5d:bf:3f:7b:9e:27:a5:a5:c9:14:40:
a1:23:64:af:61:c8:0e:b4:0a:35:42:88:bf:19:22:7a:83:34:
7f:3c:e8:ff:90:36:55:ee:60:75:81:79:1f:4a:fe:26:86:e5:
f3:d9:ec:4c:14:d8:66:14:96:d6:01:3d:2e:ee:93:39:89:c5:
52:38:84:df:ff:bb:2f:cf:bf:c3:9a:43:b2:88:99:b2:e0:03:
e2:52:ef:49:07:c2:0e:97:31:40:53:14:74:53:18:8b:e0:30:
01:32:e1:8e:70:d4:33:7e:88:2d:47:06:eb:1c:43:87:c7:ec:
5b:5d:a3:59:ac:a9:93:d1:2a:66:d2:8f:ce:ce:66:78:3b:63:
59:e7:44:c9:6c:0a:d3:a3:f4:86:04:9d:9a:4a:f8:1a:ac:d0:
58:02:0b:70:d1:14:08:02:27:4f:f4:c7:0d:1d:88:31:55:ca:
a2:6b:58:34:c3:08:05:6a:29:1b:25:20:c3:60:e6:0f:b7:75:
8c:77:de:98:9a:84:2d:0e:b1:0f:e4:cd:a5:5a:39:5a:35:70:
46:cc:4e:f8:e2:06:de:42:f0:3a:a7:bb:fb:2e:b1:90:b6:12:
62:ee:ad:91
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgISAZHsPLutf4iUBM9GS8HI8SynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTEzMTYzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTczMDc0NjEyZjBmZGY3ZmFlOTgzYTI2ODg3NTViNjhhNzVjZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bVrHMbepnghPCZX/JVoW3ktTaeL
x98HbBt+OVcR1fi6Nf3gPm/wfgPycKDzzWbXPYxMFRVC2PRClph7hH6GfZCpevj2
ofLXId0GlxypwBIZ7VUXqZ+ynMWEIgDdVuH463Pd1bUnt+UPl95A2Tt0BBfepsjV
h9Kd5xlBUYrAVYFkAerp1zeiN47qrykv1q6yRirPulfXQ3+noHwRqbrZOJzfzPnD
HaEyeTYgfEh0W2jnX7O40RfsSREy1U+GPBGQOSI7Bt2MdSYoe35NUB3pAGJPAqcQ
5mjYN62x8+tYHmOUV5OZ3Vo/fFdi2zKIwR+4yoFy+hEDsrdzRrlpCDpNMQIDAQAB
o4IDWjCCA1YwHQYDVR0OBBYEFH5zB0YS8P33+umDomiHVbaKdc8WMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZm5NSFJoTHdfZmY2NllPaWFJZFZ0b3AxenhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbgYIKwYBBQUHAQcBAf8EggFdMIIBWTCCAVUEAgACMIIB
TQMHACoJF8CxmgMHACoJF8f8OgMHACoPEgAA2QMHACoPEgf+WgMHACoPLsAAAQMH
ACoP4cAAAwMHACoP4cADegMHACoP4gAABQMHACoP4gACXwMHACoP4gf9OAMFAyoP
5EADBwAqD+bAARwDBwAqD+bAA68DBwAqD+bGAJkDBwAqD+fH/NgDBwAqD+pAAAgD
BwAqD+pH/B0DBwAqD+pH/0kDBwAqEqxGAIgwEgMHACoS7MAAAwMHACoS7MAABAMH
ACoS7MAAZgMHACoS7MABiAMHACoS7MADFgMHACoS7MADSgMHACoTGMYARAMHACoT
GMYAmQMHACoTjIIAAgMHACoTjIYBAAMHACoTjIYBQAMHACoTxwAAAQMHACoTyQAA
IgMHACoTyQAAZgMHACoTyQABEAMHACoT4QIAAgMHACoT4QcAdwMHACoT4QcCmzAN
BgkqhkiG9w0BAQsFAAOCAQEAnrUmMlUirpbS2/2fYgcvEzVZ3J+iNlEyp12/P3ue
J6WlyRRAoSNkr2HIDrQKNUKIvxkieoM0fzzo/5A2Ve5gdYF5H0r+Jobl89nsTBTY
ZhSW1gE9Lu6TOYnFUjiE3/+7L8+/w5pDsoiZsuAD4lLvSQfCDpcxQFMUdFMYi+Aw
ATLhjnDUM36ILUcG6xxDh8fsW12jWaypk9EqZtKPzs5meDtjWedEyWwK06P0hgSd
mkr4GqzQWAILcNEUCAInT/THDR2IMVXKomtYNMMIBWopGyUgw2DmD7d1jHfemJqE
LQ6xD+TNpVo5WjVwRsxO+OIG3kLwOqe7+y6xkLYSYu6tkQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:26:51 2025 by rpki-client