Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jcHxjgwcgRfvHGtr43Qajol1xOQ.roa
File: jcHxjgwcgRfvHGtr43Qajol1xOQ.roa (raw, json)
Hash identifier: 98KQYimWsKwcIkg5TkIjDXmlF24pQ8B037QLqd7Uw/s=
Subject key identifier: 8D:C1:F1:8E:0C:1C:81:17:EF:1C:6B:6B:E3:74:1A:8E:89:75:C4:E4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018D20D95A5A4AED14E3F282A8DBFD74636C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jcHxjgwcgRfvHGtr43Qajol1xOQ.roa
Signing time: Fri 19 Jan 2024 08:32:11 +0000
ROA not before: Fri 19 Jan 2024 08:32:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198231
IP address blocks: 2a06:35c0::/30 maxlen: 30
2a06:35c4::/30 maxlen: 30
2a09:4500::/29 maxlen: 32
2a09:4900::/29 maxlen: 32
2a09:7300::/29 maxlen: 32
2a09:7500::/29 maxlen: 32
2a09:7b00::/29 maxlen: 32
2a09:b700::/29 maxlen: 32
2a0d:2ac0::/29 maxlen: 32
2a0d:a9c0::/29 maxlen: 32
2a0d:b740::/29 maxlen: 32
2a0f:e5c0::/29 maxlen: 29
2a13:2d40::/32 maxlen: 32
2a13:2d41::/32 maxlen: 32
2a13:2d42::/32 maxlen: 32
2a13:2d43::/32 maxlen: 32
2a13:2d44::/32 maxlen: 32
2a13:2d45::/32 maxlen: 32
2a13:2d46::/32 maxlen: 32
2a13:2d47::/32 maxlen: 32
2a13:2dc0::/32 maxlen: 32
2a13:2dc1::/32 maxlen: 32
2a13:2dc2::/32 maxlen: 32
2a13:2dc3::/32 maxlen: 32
2a13:2dc4::/32 maxlen: 32
2a13:2dc5::/32 maxlen: 32
2a13:2dc6::/32 maxlen: 32
2a13:2dc7::/32 maxlen: 32
2a13:2f40::/29 maxlen: 29
2a13:9180::/29 maxlen: 29
2a13:9680::/29 maxlen: 29
2a13:c700::/29 maxlen: 29
2a13:c900::/32 maxlen: 32
2a13:c901::/32 maxlen: 32
2a13:c902::/32 maxlen: 32
2a13:c903::/32 maxlen: 32
2a13:c904::/32 maxlen: 32
2a13:c905::/32 maxlen: 32
2a13:c906::/32 maxlen: 32
2a13:c907::/32 maxlen: 32
2a13:d100::/29 maxlen: 29
2a13:d700::/32 maxlen: 32
2a13:d701::/32 maxlen: 32
2a13:d702::/32 maxlen: 32
2a13:d703::/32 maxlen: 32
2a13:d704::/32 maxlen: 32
2a13:d705::/32 maxlen: 32
2a13:d706::/32 maxlen: 32
2a13:d707::/32 maxlen: 32
2a13:d900::/32 maxlen: 32
2a13:d901::/32 maxlen: 32
2a13:d902::/32 maxlen: 32
2a13:d903::/32 maxlen: 32
2a13:d904::/32 maxlen: 32
2a13:d905::/32 maxlen: 32
2a13:d906::/32 maxlen: 32
2a13:d907::/32 maxlen: 32
2a13:fb00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 20 Jan 2024 11:10:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:d9:5a:5a:4a:ed:14:e3:f2:82:a8:db:fd:74:63:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 19 08:32:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8dc1f18e0c1c8117ef1c6b6be3741a8e8975c4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4f:d0:51:1f:44:3a:58:5c:f2:48:f8:f0:60:
c2:c0:4f:b4:a2:69:d5:65:72:b5:85:3c:89:5f:50:
b5:a4:f1:12:a9:28:44:46:a0:24:66:90:68:f2:45:
a9:70:4b:63:3b:0b:23:45:0b:cf:b3:45:b1:75:36:
bb:20:1c:80:50:2c:a9:57:6e:38:00:5e:55:dc:67:
ee:c3:aa:04:ee:a3:51:b9:63:32:d9:0e:2c:31:6f:
ce:1a:07:ed:17:90:8e:ad:59:89:c1:ba:89:69:fc:
1d:97:97:30:fe:b1:bb:48:ee:01:e6:bb:d3:4c:c7:
be:ca:59:10:5b:54:95:42:0a:7e:a2:7b:cd:33:c7:
14:40:02:72:9c:05:bc:fb:94:2a:97:d7:97:0c:c7:
6c:fb:fa:d0:6d:16:78:98:4b:49:d9:7a:1d:e9:71:
18:9a:77:8f:86:8a:d3:de:36:47:09:9c:14:9d:7a:
69:2d:85:36:d5:5d:f2:3b:d0:34:1d:21:2c:2d:ad:
da:9e:80:1a:34:bb:02:02:9d:4e:5f:cd:23:d7:03:
e3:f2:e5:a6:c6:73:2a:b8:72:04:3f:17:ef:ba:6d:
73:50:a2:45:a9:2b:4e:d3:14:16:dc:09:dc:b2:da:
5b:ac:36:eb:e8:b0:15:09:a6:5b:38:61:a7:d5:e3:
65:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:C1:F1:8E:0C:1C:81:17:EF:1C:6B:6B:E3:74:1A:8E:89:75:C4:E4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/jcHxjgwcgRfvHGtr43Qajol1xOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c0::/29
2a09:4500::/29
2a09:4900::/29
2a09:7300::/29
2a09:7500::/29
2a09:7b00::/29
2a09:b700::/29
2a0d:2ac0::/29
2a0d:a9c0::/29
2a0d:b740::/29
2a0f:e5c0::/29
2a13:2d40::/29
2a13:2dc0::/29
2a13:2f40::/29
2a13:9180::/29
2a13:9680::/29
2a13:c700::/29
2a13:c900::/29
2a13:d100::/29
2a13:d700::/29
2a13:d900::/29
2a13:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
c9:d0:84:0b:6e:ab:76:cd:40:d0:17:0d:53:9a:b2:17:90:30:
34:9e:f0:29:82:ac:b7:f4:63:d4:18:2f:9d:ae:0a:c0:9f:f2:
ae:92:7c:12:eb:96:59:bb:d9:b9:9f:d3:7e:dc:52:28:76:d0:
c6:e8:4c:77:bf:50:d3:96:8c:90:05:74:cc:f7:f7:1a:af:db:
05:2d:0d:1a:f2:7e:1a:56:5d:0f:2a:5c:90:bf:4a:ba:d4:b7:
38:20:b4:3d:5c:03:b8:f0:b8:ed:c8:ad:fc:50:c3:4c:e9:7c:
9c:5f:2e:6d:fa:8c:3d:8f:3f:46:15:34:e8:27:aa:77:00:a1:
31:64:c3:60:a1:1b:b5:57:d8:c3:df:fd:2f:5e:77:8b:25:e9:
47:01:ba:eb:82:f1:3a:f0:00:6a:90:75:5a:f9:55:38:94:bf:
4d:ba:b2:28:c8:83:8f:6e:cc:e5:ce:2e:39:99:23:b7:23:a1:
4d:8f:1f:70:24:25:5d:10:71:49:52:b1:d3:41:ff:db:ff:d7:
40:e3:10:05:1d:21:26:4b:ff:c8:89:e3:df:5f:af:81:95:cf:
83:d9:09:ed:2c:bb:dd:e4:e1:dc:55:13:69:8a:14:c4:3b:ac:
90:23:01:cf:4b:65:45:06:af:ae:ed:4a:f6:76:09:a6:37:10:
e1:4d:e2:b2
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY0g2VpaSu0U4/KCqNv9dGNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTE5MDgzMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGMxZjE4ZTBjMWM4MTE3ZWYxYzZiNmJlMzc0MWE4ZTg5NzVjNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk/QUR9EOlhc8kj48GDCwE+0omnV
ZXK1hTyJX1C1pPESqShERqAkZpBo8kWpcEtjOwsjRQvPs0WxdTa7IByAUCypV244
AF5V3Gfuw6oE7qNRuWMy2Q4sMW/OGgftF5COrVmJwbqJafwdl5cw/rG7SO4B5rvT
TMe+ylkQW1SVQgp+onvNM8cUQAJynAW8+5Qql9eXDMds+/rQbRZ4mEtJ2Xod6XEY
mnePhorT3jZHCZwUnXppLYU21V3yO9A0HSEsLa3anoAaNLsCAp1OX80j1wPj8uWm
xnMquHIEPxfvum1zUKJFqStO0xQW3AncstpbrDbr6LAVCaZbOGGn1eNlVwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFI3B8Y4MHIEX7xxra+N0Go6JdcTkMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvamNIeGpnd2NnUmZ2SEd0cjQzUWFqb2wxeE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAIwgZoDBQMq
BjXAAwUDKglFAAMFAyoJSQADBQMqCXMAAwUDKgl1AAMFAyoJewADBQMqCbcAAwUD
Kg0qwAMFAyoNqcADBQMqDbdAAwUDKg/lwAMFAyoTLUADBQMqEy3AAwUDKhMvQAMF
AyoTkYADBQMqE5aAAwUDKhPHAAMFAyoTyQADBQMqE9EAAwUDKhPXAAMFAyoT2QAD
BQMqE/sAMA0GCSqGSIb3DQEBCwUAA4IBAQDJ0IQLbqt2zUDQFw1TmrIXkDA0nvAp
gqy39GPUGC+drgrAn/KuknwS65ZZu9m5n9N+3FIodtDG6Ex3v1DTloyQBXTM9/ca
r9sFLQ0a8n4aVl0PKlyQv0q61Lc4ILQ9XAO48LjtyK38UMNM6XycXy5t+ow9jz9G
FTToJ6p3AKExZMNgoRu1V9jD3/0vXneLJelHAbrrgvE68ABqkHVa+VU4lL9NurIo
yIOPbszlzi45mSO3I6FNjx9wJCVdEHFJUrHTQf/b/9dA4xAFHSEmS//IiePfX6+B
lc+D2QntLLvd5OHcVRNpihTEO6yQIwHPS2VFBq+u7Ur2dgmmNxDhTeKy
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:25:58 2025 by rpki-client