Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/07iZ-mYEBXr8Ovj1AHsgMF8RI-k.roa
File: 07iZ-mYEBXr8Ovj1AHsgMF8RI-k.roa (raw, json)
Hash identifier: XPHQuw/sPXYUXWjRk0x265mYNmExuqgxCiRk8D0bYDg=
Subject key identifier: D3:B8:99:FA:66:04:05:7A:FC:3A:F8:F5:00:7B:20:30:5F:11:23:E9
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01948CA1E0E80F4BD2DE1306B7751CE18296
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/07iZ-mYEBXr8Ovj1AHsgMF8RI-k.roa
Signing time: Wed 22 Jan 2025 06:10:06 +0000
ROA not before: Wed 22 Jan 2025 06:10:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a09:6284::/32 maxlen: 32
2a09:e5c0::/32 maxlen: 32
2a09:e5c1::/32 maxlen: 32
2a09:e5c2::/32 maxlen: 32
2a09:e5c3::/32 maxlen: 32
2a09:e5c4::/32 maxlen: 32
2a09:e5c5::/32 maxlen: 32
2a09:e5c6::/32 maxlen: 32
2a0e:b140::/29 maxlen: 29
2a10:4103::/32 maxlen: 32
2a10:4104::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a344::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Feb 2025 10:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8c:a1:e0:e8:0f:4b:d2:de:13:06:b7:75:1c:e1:82:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 22 06:10:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3b899fa6604057afc3af8f5007b20305f1123e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:2e:57:35:ef:80:22:23:f0:4a:c7:93:32:29:
6d:1d:75:02:74:cf:3d:72:ea:39:d6:12:cf:bc:79:
71:57:34:cb:e2:ec:37:47:1d:bd:03:f4:51:2f:74:
39:6f:e3:a6:35:81:39:44:4c:ab:23:2c:2d:dd:27:
96:cf:12:07:a5:63:44:6e:f1:e6:30:fb:91:ea:56:
ec:32:9e:81:74:b1:95:24:aa:5d:6b:55:d4:ab:8e:
ce:29:d4:63:41:ff:96:ba:4b:a3:d3:17:89:a9:65:
b8:ac:1e:f0:80:2f:9f:19:0f:15:17:33:2a:8c:4b:
b6:09:71:a1:f3:a4:1e:87:9e:67:07:60:27:92:2c:
b2:e2:7d:58:2a:23:b8:62:d3:ab:cb:e1:9f:04:94:
04:82:ad:cf:76:d2:c7:4c:9a:09:29:9e:3f:91:18:
06:f4:29:89:5f:97:8a:4e:67:81:0d:91:c3:cd:f6:
c4:53:57:0d:81:dd:cb:c6:4c:0f:cf:f6:8f:0f:68:
27:81:1d:ad:42:95:be:5d:d1:f2:ab:0c:13:fe:7a:
f2:b5:5e:27:cc:9c:7b:72:f1:46:32:9c:33:98:5c:
a6:3a:36:a6:9e:e7:98:3f:a7:6e:c7:a6:52:3a:75:
a5:13:a4:4c:49:ae:9b:c9:89:7c:29:20:ed:3b:a6:
16:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B8:99:FA:66:04:05:7A:FC:3A:F8:F5:00:7B:20:30:5F:11:23:E9
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/07iZ-mYEBXr8Ovj1AHsgMF8RI-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6284::/32
2a09:e5c0::-2a09:e5c6:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:b140::/29
2a10:4103::-2a10:4104:ffff:ffff:ffff:ffff:ffff:ffff
2a12:a343::-2a12:a344:ffff:ffff:ffff:ffff:ffff:ffff
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
a7:01:07:1e:1e:eb:c8:41:8d:ac:9b:79:4e:e3:ab:85:4f:9f:
d6:02:da:db:40:86:87:b5:d2:92:fb:10:6a:65:c2:2a:8b:f7:
bc:24:e9:ea:31:a9:1e:25:ee:57:fc:04:a4:d4:fd:3d:72:ed:
69:1a:45:d6:30:71:e0:f1:8d:52:4d:c8:3a:8a:89:b1:67:25:
f2:da:ff:d6:32:88:db:0f:fa:9e:e2:cf:c8:6f:3f:02:c8:a5:
d3:a5:de:79:a7:df:83:01:fe:6f:52:4f:36:39:b0:06:99:b8:
c5:02:d1:50:5b:cb:ad:ac:27:53:d7:7a:96:e2:46:ca:1a:63:
8e:a5:33:97:bc:32:9e:38:9c:0e:d3:dc:62:38:2e:07:9d:b6:
1f:40:f9:98:71:2e:7a:c1:46:90:ad:1e:7f:8f:28:72:bc:5d:
78:69:bd:e8:b5:e1:40:36:75:7b:68:f4:e0:4a:dc:83:ca:dc:
55:e0:a5:16:f8:72:db:ef:8b:17:53:e7:af:47:67:3d:c6:a5:
92:7c:3e:82:f6:b0:9a:b9:62:7b:8a:5f:00:4d:43:93:cd:65:
da:02:f3:1b:64:be:ee:5c:19:2d:82:66:ce:cf:65:f4:2c:13:
47:0a:ba:b2:f9:9c:47:c3:ff:5f:ea:36:6f:24:27:3d:81:1b:
0e:2e:92:f7
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZSMoeDoD0vS3hMGt3Uc4YKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTIyMDYxMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2I4OTlmYTY2MDQwNTdhZmMzYWY4ZjUwMDdiMjAzMDVmMTEyM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3i5XNe+AIiPwSseTMiltHXUCdM89
cuo51hLPvHlxVzTL4uw3Rx29A/RRL3Q5b+OmNYE5REyrIywt3SeWzxIHpWNEbvHm
MPuR6lbsMp6BdLGVJKpda1XUq47OKdRjQf+Wukuj0xeJqWW4rB7wgC+fGQ8VFzMq
jEu2CXGh86Qeh55nB2Ankiyy4n1YKiO4YtOry+GfBJQEgq3PdtLHTJoJKZ4/kRgG
9CmJX5eKTmeBDZHDzfbEU1cNgd3LxkwPz/aPD2gngR2tQpW+XdHyqwwT/nrytV4n
zJx7cvFGMpwzmFymOjamnueYP6dux6ZSOnWlE6RMSa6byYl8KSDtO6YWpQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNO4mfpmBAV6/Dr49QB7IDBfESPpMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMDdpWi1tWUVCWHI4T3ZqMUFIc2dNRjhSSS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTBLBAIAAjBFAwUAKglihDAO
AwUGKgnlwAMFACoJ5cYDBQMqDrFAMA4DBQAqEEEDAwUAKhBBBDAOAwUAKhKjQwMF
ACoSo0QDBQAqEqNGMA0GCSqGSIb3DQEBCwUAA4IBAQCnAQceHuvIQY2sm3lO46uF
T5/WAtrbQIaHtdKS+xBqZcIqi/e8JOnqMakeJe5X/ASk1P09cu1pGkXWMHHg8Y1S
Tcg6iomxZyXy2v/WMojbD/qe4s/Ibz8CyKXTpd55p9+DAf5vUk82ObAGmbjFAtFQ
W8utrCdT13qW4kbKGmOOpTOXvDKeOJwO09xiOC4HnbYfQPmYcS56wUaQrR5/jyhy
vF14ab3oteFANnV7aPTgStyDytxV4KUW+HLb74sXU+evR2c9xqWSfD6C9rCauWJ7
il8ATUOTzWXaAvMbZL7uXBktgmbOz2X0LBNHCrqy+ZxHw/9f6jZvJCc9gRsOLpL3
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:23 2025 by rpki-client