Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3Iw7hp4h-nG_zzZ3uuYK0SJmS28.roa
File: 3Iw7hp4h-nG_zzZ3uuYK0SJmS28.roa (raw, json)
Hash identifier: gxHiX/yX1ZB3ZyHo2uMiQzgZMDMb+D89Z0rMrfOxEtg=
Subject key identifier: DC:8C:3B:86:9E:21:FA:71:BF:CF:36:77:BA:E6:0A:D1:22:66:4B:6F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FD2C921FDBD3AAD74FA5ADABA57B532A4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3Iw7hp4h-nG_zzZ3uuYK0SJmS28.roa
Signing time: Sat 01 Jun 2024 07:52:27 +0000
ROA not before: Sat 01 Jun 2024 07:52:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2a0c:7884::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:2d80:1292::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:e847:1::/48 maxlen: 48
2a12:d6c0::/29 maxlen: 29
2a13:2b40::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 05 Jun 2024 06:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d2:c9:21:fd:bd:3a:ad:74:fa:5a:da:ba:57:b5:32:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 1 07:52:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc8c3b869e21fa71bfcf3677bae60ad122664b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9d:ff:43:1e:63:42:8f:75:cc:e6:78:29:e1:
3c:92:16:e3:1a:d4:6b:46:b0:67:ec:33:b9:57:07:
ae:23:34:45:e0:29:2a:4f:c6:d2:d1:a5:8b:8d:ab:
75:ca:f6:c7:be:83:cc:f0:c0:36:93:a7:f1:07:67:
67:1c:5a:d5:d1:b5:e7:e7:ad:cd:24:56:65:8c:19:
4f:38:b8:57:f3:94:d4:f6:71:ff:a3:80:0b:27:ba:
bc:2d:86:8e:09:7d:52:24:b4:51:89:db:a7:89:41:
9e:71:73:8b:c7:b7:02:97:2d:fa:3c:11:03:14:80:
20:3d:96:74:f1:16:35:a0:1c:57:58:7a:c4:cc:33:
00:31:12:94:af:8c:e0:19:d7:24:cd:7c:1d:5b:20:
be:bd:18:4e:de:e8:8e:11:a6:bb:9f:17:07:8c:f0:
67:65:d2:40:fa:c0:28:e0:6e:4a:f9:e7:cc:d4:be:
e5:d3:d9:3e:ca:d1:f6:23:fa:a6:35:6d:d8:72:ea:
00:16:20:20:5b:3e:9f:73:2c:c0:49:87:2e:04:cc:
4d:9f:28:21:73:bd:85:f7:84:4e:fa:ea:10:f0:8b:
cd:25:ab:92:c2:4e:31:dd:e6:63:5a:9b:37:e2:0a:
2e:95:07:69:f0:34:a4:a0:ed:0e:6e:6e:06:bb:25:
b4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8C:3B:86:9E:21:FA:71:BF:CF:36:77:BA:E6:0A:D1:22:66:4B:6F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/3Iw7hp4h-nG_zzZ3uuYK0SJmS28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7884::/32
2a0e:1a84::/32
2a0f:2d80:1292::/48
2a0f:7d00:1::/48
2a0f:e847:1::/48
2a12:d6c0::/29
2a13:2b40::/29
Signature Algorithm: sha256WithRSAEncryption
5f:cf:db:0a:06:5a:5a:eb:bd:45:f2:01:c3:54:fa:32:30:83:
57:f9:38:46:86:0d:a7:2c:b5:49:28:c1:c6:e9:20:93:9d:9b:
b8:3a:a3:26:26:d6:38:45:50:21:99:9f:63:3a:81:b2:40:c2:
e9:ac:aa:d2:94:bf:4d:af:0b:82:28:8b:b8:3b:2b:e4:af:1b:
fa:96:86:67:86:ec:e5:01:63:bc:e5:5f:31:1f:9f:76:ac:05:
b6:f4:79:35:80:70:eb:e1:ef:2e:08:81:eb:cc:17:26:87:19:
a1:10:e4:11:ef:cc:83:10:7e:d2:27:0e:33:60:9c:5d:44:d5:
4a:ed:28:b5:55:fe:cf:1e:92:0e:7e:a5:01:6d:06:b2:40:62:
a8:62:6f:8f:39:36:9f:cc:78:61:be:05:d7:a9:a2:45:aa:90:
0b:85:5a:b2:4e:d0:a2:a5:c3:a4:98:86:b8:06:b0:4f:d5:e4:
df:42:7e:bd:d0:42:1e:cc:f5:6f:94:d6:08:81:a9:92:f7:90:
7b:c5:b2:ff:4e:6e:de:23:b6:62:72:d9:f4:50:a4:aa:71:f7:
8e:b5:04:55:7a:5a:ea:04:18:ce:69:2a:ce:de:a9:d4:eb:75:
89:f2:02:f4:f3:8d:2f:93:5f:9a:9d:b7:3d:0d:4e:f5:8e:5f:
86:e0:ae:c0
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAY/SySH9vTqtdPpa2rpXtTKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjAxMDc1MjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzhjM2I4NjllMjFmYTcxYmZjZjM2NzdiYWU2MGFkMTIyNjY0YjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp3/Qx5jQo91zOZ4KeE8khbjGtRr
RrBn7DO5VweuIzRF4CkqT8bS0aWLjat1yvbHvoPM8MA2k6fxB2dnHFrV0bXn563N
JFZljBlPOLhX85TU9nH/o4ALJ7q8LYaOCX1SJLRRiduniUGecXOLx7cCly36PBED
FIAgPZZ08RY1oBxXWHrEzDMAMRKUr4zgGdckzXwdWyC+vRhO3uiOEaa7nxcHjPBn
ZdJA+sAo4G5K+efM1L7l09k+ytH2I/qmNW3YcuoAFiAgWz6fcyzASYcuBMxNnygh
c72F94RO+uoQ8IvNJauSwk4x3eZjWps34goulQdp8DSkoO0Obm4GuyW0PQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFNyMO4aeIfpxv882d7rmCtEiZktvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvM0l3N2hwNGgtbkdfenpaM3V1WUswU0ptUzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzA9BAIAAjA3AwUAKgx4hAMF
ACoOGoQDBwAqDy2AEpIDBwAqD30AAAEDBwAqD+hHAAEDBQMqEtbAAwUDKhMrQDAN
BgkqhkiG9w0BAQsFAAOCAQEAX8/bCgZaWuu9RfIBw1T6MjCDV/k4RoYNpyy1SSjB
xukgk52buDqjJibWOEVQIZmfYzqBskDC6ayq0pS/Ta8LgiiLuDsr5K8b+paGZ4bs
5QFjvOVfMR+fdqwFtvR5NYBw6+HvLgiB68wXJocZoRDkEe/MgxB+0icOM2CcXUTV
Su0otVX+zx6SDn6lAW0GskBiqGJvjzk2n8x4Yb4F16miRaqQC4Vask7QoqXDpJiG
uAawT9Xk30J+vdBCHsz1b5TWCIGpkveQe8Wy/05u3iO2YnLZ9FCkqnH3jrUEVXpa
6gQYzmkqzt6p1Ot1ifIC9PONL5Nfmp23PQ1O9Y5fhuCuwA==
-----END CERTIFICATE-----
Generated at Sun May 11 10:20:27 2025 by rpki-client