Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uEwJococX7TS7yTN6obflio7rMo.roa
File: uEwJococX7TS7yTN6obflio7rMo.roa (raw, json)
Hash identifier: lbSE3Y3MqtiymW+pXF5hltZmvMhuH720YHvE7vZzRZQ=
Subject key identifier: B8:4C:09:A1:CA:1C:5F:B4:D2:EF:24:CD:EA:86:DF:96:2A:3B:AC:CA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019427481662075588C322AA9AA694CC7799
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uEwJococX7TS7yTN6obflio7rMo.roa
Signing time: Thu 02 Jan 2025 13:50:23 +0000
ROA not before: Thu 02 Jan 2025 13:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 64.226.54.0/23 maxlen: 23
64.226.156.0/22 maxlen: 22
2a0d:8f80::/29 maxlen: 29
2a0e:1a81::/32 maxlen: 32
2a0e:f500::/29 maxlen: 29
2a0e:f602::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a10:37c0::/29 maxlen: 29
2a10:67c0::/32 maxlen: 32
2a13:9281::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 17 Jan 2025 11:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:16:62:07:55:88:c3:22:aa:9a:a6:94:cc:77:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 2 13:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b84c09a1ca1c5fb4d2ef24cdea86df962a3bacca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3d:72:20:48:55:f0:0c:84:9d:9a:72:65:f2:
52:bc:05:f6:5f:6c:ba:e8:b0:07:55:6a:16:7f:f7:
b8:68:fd:b1:92:34:e2:4a:d2:bb:10:b5:65:a1:fc:
e0:c7:6a:8c:90:f4:3e:34:a8:6a:cd:88:4b:7b:85:
da:64:14:67:35:7d:65:30:78:50:8b:5c:7a:f6:b2:
e0:de:8c:e9:70:36:23:36:97:ea:e1:e3:8c:ef:e9:
7c:dc:04:85:05:dd:18:1b:1d:b3:68:25:d4:af:64:
57:32:96:c7:2f:85:3f:3e:eb:1e:d3:a3:dc:1d:99:
b0:1a:02:82:33:29:5c:6a:5d:68:fd:3c:26:ec:65:
c3:c6:fa:6c:27:1d:6f:62:c5:30:90:be:03:bc:c1:
81:df:02:51:b8:ae:1c:f8:55:fc:9e:76:ff:9b:a8:
78:1f:5d:cb:16:50:e5:9c:b3:69:b5:f6:c9:33:f5:
ab:d9:a6:f8:00:71:7c:c9:8c:54:97:99:cc:4e:f8:
5d:34:30:b2:3d:34:f4:e2:4f:74:bd:53:32:08:71:
cd:5d:b0:9b:5e:b6:fa:e1:34:05:6e:45:9a:96:c9:
41:1c:bc:2a:27:2a:61:b8:42:a0:28:68:c3:a6:15:
f7:03:ce:ff:72:fb:00:e3:39:67:07:05:97:b1:f4:
19:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4C:09:A1:CA:1C:5F:B4:D2:EF:24:CD:EA:86:DF:96:2A:3B:AC:CA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uEwJococX7TS7yTN6obflio7rMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
IPv6:
2a0d:8f80::/29
2a0e:1a81::/32
2a0e:f500::/29
2a0e:f602::/32
2a0f:3d83::/32
2a10:37c0::/29
2a10:67c0::/32
2a13:9281::/32
Signature Algorithm: sha256WithRSAEncryption
24:3b:76:0b:6e:64:47:39:4e:4e:08:8e:33:76:2b:c9:83:44:
7f:de:9e:e9:27:db:18:ee:d6:d4:d6:bc:2d:c7:40:df:45:62:
60:c6:c3:aa:d1:56:6f:47:e2:7a:21:50:6c:d7:25:96:6b:a9:
c5:b0:ff:ec:fe:e0:05:c8:09:8d:fc:55:a6:54:de:e4:37:2c:
31:be:30:57:6f:48:f5:cc:32:14:bb:a8:bc:a8:08:23:a5:6d:
03:24:c0:95:31:b5:20:39:1b:e2:ea:ed:ef:c1:3c:c9:57:13:
2c:5c:1b:9d:fe:75:a5:a4:e1:94:62:26:2a:45:9d:2f:8e:25:
87:5e:97:d9:d2:d2:f0:a7:70:30:3b:dd:ee:3c:13:97:a0:76:
6f:d3:7f:b6:76:de:71:f8:9b:ad:9c:8e:b7:0f:06:3a:73:27:
3d:d8:e8:13:4c:35:f7:cb:87:37:cd:99:0c:a1:36:d2:9c:0f:
5a:d3:37:97:fa:f4:64:38:bf:14:4f:34:3e:cd:c9:84:83:3b:
5c:36:7c:1c:54:e6:f8:49:5f:7f:51:52:35:c5:d1:85:22:37:
28:35:0f:89:48:cf:5d:eb:38:0b:e4:35:d4:4d:68:4b:03:84:
7d:a6:a7:bd:7b:de:ca:91:0f:72:0c:78:42:62:59:f7:3b:95:
13:1e:15:e4
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQnSBZiB1WIwyKqmqaUzHeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMTAyMTM1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODRjMDlhMWNhMWM1ZmI0ZDJlZjI0Y2RlYTg2ZGY5NjJhM2JhY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT1yIEhV8AyEnZpyZfJSvAX2X2y6
6LAHVWoWf/e4aP2xkjTiStK7ELVlofzgx2qMkPQ+NKhqzYhLe4XaZBRnNX1lMHhQ
i1x69rLg3ozpcDYjNpfq4eOM7+l83ASFBd0YGx2zaCXUr2RXMpbHL4U/Puse06Pc
HZmwGgKCMylcal1o/Twm7GXDxvpsJx1vYsUwkL4DvMGB3wJRuK4c+FX8nnb/m6h4
H13LFlDlnLNptfbJM/Wr2ab4AHF8yYxUl5nMTvhdNDCyPTT04k90vVMyCHHNXbCb
Xrb64TQFbkWalslBHLwqJyphuEKgKGjDphX3A87/cvsA4zlnBwWXsfQZdwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFLhMCaHKHF+00u8kzeqG35YqO6zKMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdUV3Sm9jb2NYN1RTN3lUTjZvYmZsaW83ck1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDASBAIAATAMAwQBQOI2AwQC
QOKcMD4EAgACMDgDBQMqDY+AAwUAKg4agQMFAyoO9QADBQAqDvYCAwUAKg89gwMF
AyoQN8ADBQAqEGfAAwUAKhOSgTANBgkqhkiG9w0BAQsFAAOCAQEAJDt2C25kRzlO
TgiOM3YryYNEf96e6SfbGO7W1Na8LcdA30ViYMbDqtFWb0fieiFQbNcllmupxbD/
7P7gBcgJjfxVplTe5DcsMb4wV29I9cwyFLuovKgII6VtAyTAlTG1IDkb4urt78E8
yVcTLFwbnf51paThlGImKkWdL44lh16X2dLS8KdwMDvd7jwTl6B2b9N/tnbecfib
rZyOtw8GOnMnPdjoE0w198uHN82ZDKE20pwPWtM3l/r0ZDi/FE80Ps3JhIM7XDZ8
HFTm+Elff1FSNcXRhSI3KDUPiUjPXes4C+Q11E1oSwOEfaanvXveypEPcgx4QmJZ
9zuVEx4V5A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:21 2025 by rpki-client