Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ztUQ2L1QhesmoOYT_YsrcYxYy6g.roa
File: ztUQ2L1QhesmoOYT_YsrcYxYy6g.roa (raw, json)
Hash identifier: X8OreGsOvUYKxp+DXq+YhoRudax6Oxbom8cXjJRLxyM=
Subject key identifier: CE:D5:10:D8:BD:50:85:EB:26:A0:E6:13:FD:8B:2B:71:8C:58:CB:A8
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01918E8E1898A63AF28704D2A577AA38ACFE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ztUQ2L1QhesmoOYT_YsrcYxYy6g.roa
Signing time: Mon 26 Aug 2024 11:59:22 +0000
ROA not before: Mon 26 Aug 2024 11:59:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151814
IP address blocks: 2a0f:c400::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
2a0f:e540::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
2a12:d6c0::/29 maxlen: 29
2a13:4900::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 19 Sep 2024 06:39:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:8e:18:98:a6:3a:f2:87:04:d2:a5:77:aa:38:ac:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 26 11:59:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ced510d8bd5085eb26a0e613fd8b2b718c58cba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8d:07:a7:63:cc:1b:e6:79:db:40:a2:7e:dd:
c9:23:a3:de:c8:23:5c:f7:e2:f8:ec:92:b2:ee:0c:
13:a1:01:d9:16:ae:e0:61:88:1c:fb:5b:51:98:d9:
4f:6e:f2:6f:5d:af:7d:af:73:78:46:12:8f:c9:32:
44:8d:74:08:92:90:c8:3c:38:4c:a9:77:ed:51:e6:
4e:32:ca:28:50:a0:00:98:eb:01:f8:12:5a:1c:ea:
31:43:f7:60:40:23:76:51:83:d6:06:34:e7:65:a4:
46:10:f8:d0:09:f1:be:65:d7:32:fa:4c:56:ae:1a:
6b:db:37:28:33:8f:57:2b:06:f7:ee:b0:91:b4:a9:
dc:52:c9:1a:57:16:34:4a:57:30:87:04:db:e4:79:
92:cd:79:76:28:b3:1e:4e:75:55:37:51:4f:5e:0c:
fc:85:06:b1:1e:f8:3c:d3:a4:75:ac:dc:55:e3:87:
d6:1c:bb:66:91:09:70:97:dd:4e:5c:bc:eb:fd:48:
69:93:7b:0c:28:b9:dd:87:0d:30:56:de:af:87:49:
a3:6a:f5:da:4c:4e:b4:0e:cd:55:b5:09:ec:fe:a7:
46:18:2d:75:cc:47:86:ef:1e:97:71:5c:1d:fc:c6:
05:f7:38:40:48:d6:36:61:0f:c1:ab:a9:b6:45:f8:
d1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D5:10:D8:BD:50:85:EB:26:A0:E6:13:FD:8B:2B:71:8C:58:CB:A8
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ztUQ2L1QhesmoOYT_YsrcYxYy6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:c400::/29
2a0f:dec0::/29
2a0f:e540::/29
2a12:d5c0::/29
2a12:d6c0::/29
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
99:6d:32:84:42:bf:c5:e5:b1:c0:43:35:9e:46:10:27:12:30:
b5:a5:c5:a8:51:a4:c0:2b:09:76:c6:ce:32:df:89:d8:31:9b:
7a:90:a1:42:d3:5c:95:2b:91:68:16:73:53:dd:bd:a8:53:04:
98:36:1b:23:9f:8b:0e:31:73:30:e0:b4:77:15:f1:90:81:b0:
a5:d2:e0:ab:28:1f:09:2e:25:42:fd:d8:76:f6:e4:ec:5f:9b:
ce:4f:6d:1d:b2:71:08:0e:ca:60:c6:29:07:ce:d2:4e:83:5a:
20:be:80:18:06:64:87:3f:55:85:7f:94:00:ee:03:72:e3:f9:
ca:b1:b1:38:e8:e0:b7:58:eb:e4:47:35:78:5b:a9:51:62:d5:
67:5a:3b:32:a8:64:38:be:4b:a4:f9:b3:78:07:e2:8e:30:84:
52:9d:90:6d:f8:85:11:84:be:b3:8a:8e:95:d4:95:c2:e4:31:
95:2d:5f:84:6e:20:06:a3:e2:14:74:aa:93:3e:bb:93:43:26:
a5:99:10:f4:9a:b8:af:78:6d:a2:ff:53:04:e3:26:a8:76:d0:
47:3f:e7:39:ad:f5:c4:0e:e0:3f:df:9c:af:bb:26:5f:02:34:
b2:9f:e1:4e:37:4a:b0:9d:e4:93:a5:ba:9d:be:0e:fd:c9:68:
59:c4:f8:5f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZGOjhiYpjryhwTSpXeqOKz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODI2MTE1OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQ1MTBkOGJkNTA4NWViMjZhMGU2MTNmZDhiMmI3MThjNThjYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI0Hp2PMG+Z520Cift3JI6PeyCNc
9+L47JKy7gwToQHZFq7gYYgc+1tRmNlPbvJvXa99r3N4RhKPyTJEjXQIkpDIPDhM
qXftUeZOMsooUKAAmOsB+BJaHOoxQ/dgQCN2UYPWBjTnZaRGEPjQCfG+Zdcy+kxW
rhpr2zcoM49XKwb37rCRtKncUskaVxY0SlcwhwTb5HmSzXl2KLMeTnVVN1FPXgz8
hQaxHvg806R1rNxV44fWHLtmkQlwl91OXLzr/Uhpk3sMKLndhw0wVt6vh0mjavXa
TE60Ds1VtQns/qdGGC11zEeG7x6XcVwd/MYF9zhASNY2YQ/Bq6m2RfjRjQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM7VENi9UIXrJqDmE/2LK3GMWMuoMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvenRVUTJMMVFoZXNtb09ZVF9Zc3JjWXhZeTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg/EAAMF
AyoP3sADBQMqD+VAAwUDKhLVwAMFAyoS1sADBQMqE0kAMA0GCSqGSIb3DQEBCwUA
A4IBAQCZbTKEQr/F5bHAQzWeRhAnEjC1pcWoUaTAKwl2xs4y34nYMZt6kKFC01yV
K5FoFnNT3b2oUwSYNhsjn4sOMXMw4LR3FfGQgbCl0uCrKB8JLiVC/dh29uTsX5vO
T20dsnEIDspgxikHztJOg1ogvoAYBmSHP1WFf5QA7gNy4/nKsbE46OC3WOvkRzV4
W6lRYtVnWjsyqGQ4vkuk+bN4B+KOMIRSnZBt+IURhL6zio6V1JXC5DGVLV+EbiAG
o+IUdKqTPruTQyalmRD0mriveG2i/1ME4yaodtBHP+c5rfXEDuA/35yvuyZfAjSy
n+FON0qwneSTpbqdvg79yWhZxPhf
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:43 2025 by rpki-client