Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xwQljK11GI0xzNclY8HmedIWnC4.roa
File: xwQljK11GI0xzNclY8HmedIWnC4.roa (raw, json)
Hash identifier: oFfT5pg6MMndmhnU631ZEGPJiFrPvt0/T+7xBYBZKo4=
Subject key identifier: C7:04:25:8C:AD:75:18:8D:31:CC:D7:25:63:C1:E6:79:D2:16:9C:2E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191745AF2399B67D69DF89C09306BFBD794
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xwQljK11GI0xzNclY8HmedIWnC4.roa
Signing time: Wed 21 Aug 2024 09:53:22 +0000
ROA not before: Wed 21 Aug 2024 09:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214734
IP address blocks: 2a07:bb40::/29 maxlen: 29
2a10:3240::/29 maxlen: 29
2a10:3340::/29 maxlen: 29
2a10:3440::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 28 Aug 2024 08:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:5a:f2:39:9b:67:d6:9d:f8:9c:09:30:6b:fb:d7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 21 09:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c704258cad75188d31ccd72563c1e679d2169c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d0:3a:15:86:80:e9:d8:19:a8:ea:de:a7:d0:
e1:fa:48:6d:fe:59:79:34:0e:3f:09:f9:cd:95:bc:
1e:29:a2:1e:35:87:62:b2:64:91:42:32:0c:37:31:
76:2f:9f:48:50:21:98:fa:cd:ea:67:f2:c7:f0:e8:
65:8e:3e:6c:93:9c:98:ca:ca:7f:9c:10:8a:2b:a5:
5c:49:36:c5:bf:45:c0:6b:4b:59:59:52:8c:e3:d1:
e4:60:56:0e:80:f5:6c:93:81:46:23:a0:be:30:1c:
c6:12:cd:d7:dd:46:77:ee:48:7b:28:d1:ff:a0:67:
bf:43:7e:d9:c9:49:01:b4:90:d8:a8:94:e7:25:9b:
c4:de:95:44:d5:e3:88:6a:65:c8:df:4e:e5:35:4a:
f2:59:ff:c9:d7:4f:af:4b:28:3d:3f:1c:b1:ae:50:
da:c5:b2:d6:62:0a:2a:13:1d:1e:ed:a2:ab:02:68:
53:b0:f3:d4:cc:c7:50:19:a8:49:12:5e:47:ec:d2:
e6:9a:fe:b2:71:d8:4a:50:b6:a9:31:4f:d9:30:e7:
cb:56:74:b8:4c:86:9f:23:e3:bf:e7:f9:52:ad:c0:
9b:eb:43:de:ec:8c:b7:41:72:df:51:e6:da:ae:b8:
e7:5d:cd:a8:1a:67:24:75:f3:97:de:41:da:b7:55:
29:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:04:25:8C:AD:75:18:8D:31:CC:D7:25:63:C1:E6:79:D2:16:9C:2E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xwQljK11GI0xzNclY8HmedIWnC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bb40::/29
2a10:3240::/29
2a10:3340::/29
2a10:3440::/29
Signature Algorithm: sha256WithRSAEncryption
26:ac:a8:36:c9:a4:18:b8:65:49:28:93:b8:01:f7:aa:ad:8f:
02:9e:b5:2e:a6:4e:92:97:ff:b8:8e:fc:d1:cd:d7:7b:47:db:
7c:c8:2f:15:03:f9:01:1e:ae:4a:32:0b:1e:4b:d0:df:5f:19:
7d:11:21:ba:0b:d1:f7:6b:f6:3c:f1:38:c5:04:e7:e9:4d:69:
fa:fd:e9:bb:8d:97:ce:9e:5a:a3:8c:04:30:c9:eb:24:8e:fd:
ec:ba:2c:e0:5e:51:0c:3c:fe:3e:b9:be:ea:86:a4:52:c8:bd:
ef:9b:8a:b0:fc:8e:01:06:81:c5:20:2d:ad:68:dc:e2:63:8c:
a9:45:d4:80:53:bc:22:49:d0:e3:c4:10:23:bd:ff:45:04:a1:
45:fe:0a:bc:a4:7f:aa:ec:90:6c:73:a7:4d:c0:47:98:8e:85:
eb:0a:76:c5:d3:f4:c3:20:ac:5b:17:67:49:7b:12:36:17:db:
b2:e9:db:b3:2c:54:fb:87:dc:07:2d:39:4e:81:00:73:aa:bf:
31:db:dd:b7:10:36:9b:55:bf:a5:a3:8f:6b:5c:1c:ac:5c:da:
74:26:0e:5b:d9:6c:40:95:95:b5:41:d6:42:17:84:d5:cc:b0:
f6:3f:bb:54:17:ae:d9:da:63:40:e7:c8:27:63:8e:32:3c:31:
e8:e5:02:a4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZF0WvI5m2fWnficCTBr+9eUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODIxMDk1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzA0MjU4Y2FkNzUxODhkMzFjY2Q3MjU2M2MxZTY3OWQyMTY5YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNA6FYaA6dgZqOrep9Dh+kht/ll5
NA4/CfnNlbweKaIeNYdismSRQjIMNzF2L59IUCGY+s3qZ/LH8Ohljj5sk5yYysp/
nBCKK6VcSTbFv0XAa0tZWVKM49HkYFYOgPVsk4FGI6C+MBzGEs3X3UZ37kh7KNH/
oGe/Q37ZyUkBtJDYqJTnJZvE3pVE1eOIamXI307lNUryWf/J10+vSyg9PxyxrlDa
xbLWYgoqEx0e7aKrAmhTsPPUzMdQGahJEl5H7NLmmv6ycdhKULapMU/ZMOfLVnS4
TIafI+O/5/lSrcCb60Pe7Iy3QXLfUebarrjnXc2oGmckdfOX3kHat1UplQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMcEJYytdRiNMczXJWPB5nnSFpwuMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveHdRbGpLMTFHSTB4ek5jbFk4SG1lZElXbkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKge7QAMF
AyoQMkADBQMqEDNAAwUDKhA0QDANBgkqhkiG9w0BAQsFAAOCAQEAJqyoNsmkGLhl
SSiTuAH3qq2PAp61LqZOkpf/uI780c3Xe0fbfMgvFQP5AR6uSjILHkvQ318ZfREh
ugvR92v2PPE4xQTn6U1p+v3pu42Xzp5ao4wEMMnrJI797Los4F5RDDz+Prm+6oak
Usi975uKsPyOAQaBxSAtrWjc4mOMqUXUgFO8IknQ48QQI73/RQShRf4KvKR/quyQ
bHOnTcBHmI6F6wp2xdP0wyCsWxdnSXsSNhfbsunbsyxU+4fcBy05ToEAc6q/Mdvd
txA2m1W/paOPa1wcrFzadCYOW9lsQJWVtUHWQheE1cyw9j+7VBeu2dpjQOfIJ2OO
Mjwx6OUCpA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:58:44 2025 by rpki-client