Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sHBF0uDFgOPxrYGmNHRVPolcp9g.roa
File: sHBF0uDFgOPxrYGmNHRVPolcp9g.roa (raw, json)
Hash identifier: TqwjfJzYLzQPW60sB+fDykr1VyBxcGHMVJpWfk9jlGg=
Subject key identifier: B0:70:45:D2:E0:C5:80:E3:F1:AD:81:A6:34:74:55:3E:89:5C:A7:D8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193089EBECFA45C6A7A1F7FC1CF3E8CC886
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sHBF0uDFgOPxrYGmNHRVPolcp9g.roa
Signing time: Thu 07 Nov 2024 21:54:01 +0000
ROA not before: Thu 07 Nov 2024 21:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 64.226.54.0/23 maxlen: 23
64.226.156.0/22 maxlen: 22
2a06:a5c0::/29 maxlen: 29
2a06:a600::/29 maxlen: 29
2a06:b5c0::/29 maxlen: 29
2a06:bf40::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 21 Nov 2024 15:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:08:9e:be:cf:a4:5c:6a:7a:1f:7f:c1:cf:3e:8c:c8:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 7 21:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b07045d2e0c580e3f1ad81a63474553e895ca7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:69:74:0c:e4:dd:da:2e:74:fc:50:20:3a:3d:
d0:a7:7d:29:d9:93:d5:74:70:f6:c0:9a:9e:11:b3:
2f:1f:33:3d:68:9d:0e:a7:3a:b1:f1:81:e3:00:02:
09:96:f8:35:c3:0c:a2:50:e2:bf:71:5d:37:22:e5:
6f:c9:2f:29:ec:e8:4e:fc:d8:17:3b:70:55:bf:df:
5a:42:af:6c:3f:9a:70:41:e9:2d:a4:95:a7:dc:72:
ef:73:dd:01:c0:77:16:b1:4c:b8:ed:58:68:f7:d1:
33:65:1a:e1:6e:30:5f:17:e0:81:73:a3:0a:7a:2c:
b3:2a:ab:ea:5c:77:69:ef:bd:05:86:2d:88:04:3b:
9c:6d:24:69:13:77:12:1a:d7:e6:7b:5a:d2:30:51:
52:df:2b:9a:da:50:15:0e:02:76:d1:1d:10:44:9d:
c7:e7:43:11:12:46:03:fb:dc:79:d6:d8:70:1a:42:
bf:9d:c4:2f:2c:44:94:9d:00:fb:3e:84:d9:94:8f:
87:cc:5d:eb:84:d0:fb:1f:ec:c6:91:ae:25:d8:1f:
c4:bc:d8:94:80:5d:69:a7:c6:a2:68:80:70:36:6a:
83:cd:c8:c2:bb:c0:4e:44:62:83:b9:6e:ca:a0:08:
f2:b1:d7:c8:c2:bb:62:ee:af:13:2d:87:f9:ff:4e:
ad:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:70:45:D2:E0:C5:80:E3:F1:AD:81:A6:34:74:55:3E:89:5C:A7:D8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/sHBF0uDFgOPxrYGmNHRVPolcp9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
IPv6:
2a06:a5c0::/29
2a06:a600::/29
2a06:b5c0::/29
2a06:bf40::/29
2a07:95c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:b5:5a:dc:4f:8d:66:91:b1:f9:8e:35:30:0d:a3:80:da:a4:
cc:50:5e:d6:9f:77:5a:c1:5a:76:98:0e:3d:d6:b6:85:63:60:
89:d0:b2:9b:20:b3:2a:ba:58:32:84:34:0f:8d:ce:d2:04:da:
5b:79:02:94:e5:76:28:4d:59:b9:a1:b2:b4:2c:3c:cf:11:7e:
46:5a:ae:51:10:28:ef:55:9a:ba:2d:da:d2:82:66:d0:6a:51:
2a:3f:da:e2:c4:d1:64:df:02:c5:dc:71:69:8c:fa:3f:09:48:
03:2e:b5:49:9c:b1:d5:ce:14:95:0a:f0:9f:78:da:e0:b7:50:
5a:5a:76:c0:10:22:70:ea:84:3d:3e:77:4e:28:ae:0b:f4:b3:
3f:36:21:28:59:f9:df:00:e9:ca:ba:15:6a:4b:04:f8:c3:a5:
0b:42:56:0a:f6:6d:ca:4f:d6:12:5b:10:31:23:82:1d:84:a3:
d8:98:ba:0b:75:6a:60:1e:d5:a5:a1:d7:60:e3:7c:10:cb:a3:
c2:b6:7a:4c:96:f5:43:cb:58:93:57:9c:55:b6:02:c1:5b:a7:
0b:d1:78:4a:ef:f8:ea:a7:2f:ba:c0:85:38:85:3c:5d:8c:14:
92:8a:ae:ce:3c:9f:3a:7a:6b:71:8d:e2:00:cf:03:2e:60:fe:
e0:03:91:cb
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZMInr7PpFxqeh9/wc8+jMiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTA3MjE1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDcwNDVkMmUwYzU4MGUzZjFhZDgxYTYzNDc0NTUzZTg5NWNhN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzml0DOTd2i50/FAgOj3Qp30p2ZPV
dHD2wJqeEbMvHzM9aJ0Opzqx8YHjAAIJlvg1wwyiUOK/cV03IuVvyS8p7OhO/NgX
O3BVv99aQq9sP5pwQektpJWn3HLvc90BwHcWsUy47Vho99EzZRrhbjBfF+CBc6MK
eiyzKqvqXHdp770Fhi2IBDucbSRpE3cSGtfme1rSMFFS3yua2lAVDgJ20R0QRJ3H
50MREkYD+9x51thwGkK/ncQvLESUnQD7PoTZlI+HzF3rhND7H+zGka4l2B/EvNiU
gF1pp8aiaIBwNmqDzcjCu8BORGKDuW7KoAjysdfIwrti7q8TLYf5/06txwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFLBwRdLgxYDj8a2BpjR0VT6JXKfYMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvc0hCRjB1REZnT1B4cllHbU5IUlZQb2xjcDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzASBAIAATAMAwQBQOI2AwQC
QOKcMCkEAgACMCMDBQMqBqXAAwUDKgamAAMFAyoGtcADBQMqBr9AAwUDKgeVwDAN
BgkqhkiG9w0BAQsFAAOCAQEAmbVa3E+NZpGx+Y41MA2jgNqkzFBe1p93WsFadpgO
Pda2hWNgidCymyCzKrpYMoQ0D43O0gTaW3kClOV2KE1ZuaGytCw8zxF+RlquURAo
71Waui3a0oJm0GpRKj/a4sTRZN8CxdxxaYz6PwlIAy61SZyx1c4UlQrwn3ja4LdQ
Wlp2wBAicOqEPT53TiiuC/SzPzYhKFn53wDpyroVaksE+MOlC0JWCvZtyk/WElsQ
MSOCHYSj2Ji6C3VqYB7VpaHXYON8EMujwrZ6TJb1Q8tYk1ecVbYCwVunC9F4Su/4
6qcvusCFOIU8XYwUkoquzjyfOnprcY3iAM8DLmD+4AORyw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:25:53 2025 by rpki-client