Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZaDznzjYbEk75CvNK3qONUJGucU.roa
File: ZaDznzjYbEk75CvNK3qONUJGucU.roa (raw, json)
Hash identifier: +Tj+Qi+3IMhjjTMWE1d+gyXBYRol7hK+oDPgaZ5SFJo=
Subject key identifier: 65:A0:F3:9F:38:D8:6C:49:3B:E4:2B:CD:2B:7A:8E:35:42:46:B9:C5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01916943E6477B25D218E1CA6F18C8F1D9CC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZaDznzjYbEk75CvNK3qONUJGucU.roa
Signing time: Mon 19 Aug 2024 06:12:23 +0000
ROA not before: Mon 19 Aug 2024 06:12:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214734
IP address blocks: 2a07:bb40::/29 maxlen: 29
2a10:3240::/29 maxlen: 29
2a10:3340::/29 maxlen: 29
2a10:3440::/29 maxlen: 29
2a10:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 21 Aug 2024 09:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:69:43:e6:47:7b:25:d2:18:e1:ca:6f:18:c8:f1:d9:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 19 06:12:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65a0f39f38d86c493be42bcd2b7a8e354246b9c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f4:5f:c9:6b:57:fc:17:63:49:83:4f:e5:47:
a5:25:2c:c4:d2:1d:00:f0:4c:cf:08:28:63:b4:74:
b2:ad:ac:44:77:bb:e4:1a:23:eb:a8:ee:54:9c:45:
8b:a0:ae:e0:28:f7:71:4e:7f:ee:ee:ba:da:07:ca:
f9:f7:12:6b:de:8d:da:13:a9:73:b3:5e:0a:5b:99:
85:e6:45:a1:84:a7:2c:c2:10:1d:69:92:f9:f5:5b:
54:de:69:b0:9a:3e:fe:65:09:6d:d8:5c:a9:ac:01:
39:1e:90:da:a7:bf:1e:c8:ed:84:8c:63:be:cb:cf:
6e:60:a4:2b:28:33:19:14:da:f9:32:8e:e1:0d:63:
ca:dd:96:0c:6e:8a:66:f5:e0:a5:e2:e4:fb:97:f3:
67:90:d6:9d:79:b1:ed:a9:85:bf:24:5e:ac:42:77:
79:9a:d6:09:84:5d:48:8a:e2:c1:eb:85:10:26:f8:
d5:c3:51:e6:e2:db:4f:87:fe:5c:44:ba:fd:0e:09:
2b:05:c5:71:7e:36:9c:f6:e0:d8:52:ea:76:91:3d:
2d:1c:dc:39:03:d8:bb:5f:e8:4e:61:80:3d:10:36:
a8:ff:23:78:88:fd:c6:56:eb:81:96:d3:c8:32:fd:
3c:d2:53:da:55:b3:02:72:0c:af:8c:d8:bc:33:3e:
92:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A0:F3:9F:38:D8:6C:49:3B:E4:2B:CD:2B:7A:8E:35:42:46:B9:C5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/ZaDznzjYbEk75CvNK3qONUJGucU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:bb40::/29
2a10:3240::/29
2a10:3340::/29
2a10:3440::/29
2a10:7900::/29
Signature Algorithm: sha256WithRSAEncryption
ae:c1:cb:8d:6f:64:34:05:ed:a1:3c:4c:03:e8:82:18:1b:53:
ff:da:de:55:1b:3a:31:f5:76:c3:a2:8a:85:23:34:c6:fb:c6:
5b:23:ff:2f:51:9b:af:85:ce:1e:9b:39:11:11:c5:f9:56:e0:
45:08:f9:48:f6:e5:ef:fe:70:b2:72:d3:9c:e5:6c:9c:b9:c1:
f8:6a:4b:e2:ac:22:80:8c:d2:10:a0:cc:b6:c2:c8:ab:1f:0e:
19:19:ef:e3:ca:13:33:ea:65:10:cf:24:f1:60:48:60:61:41:
bd:dc:c6:cd:7f:6e:22:8b:c4:6e:c4:24:6e:df:80:43:68:2c:
fd:31:3b:fb:3e:ac:a0:28:5d:85:17:30:3e:db:a0:d1:e2:bf:
90:66:ab:d0:90:3b:1e:c8:9f:f9:1e:e0:62:b0:14:fd:0b:56:
5a:5e:54:e0:4d:af:fe:9f:80:ab:99:2e:12:05:0e:a3:a3:44:
f8:9c:91:d9:0d:e8:d0:d4:c1:e8:89:5a:68:0d:fd:99:5c:c4:
a4:7e:0a:74:6b:04:98:73:55:76:52:21:e1:eb:6f:ad:00:b1:
5e:d3:0b:e6:38:0c:72:b3:b1:be:30:df:bb:fa:c4:b1:b5:97:
ff:80:45:5e:1a:c7:05:cc:0d:24:b6:ae:1f:34:5e:c1:85:1e:
6e:8d:11:1c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZFpQ+ZHeyXSGOHKbxjI8dnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODE5MDYxMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWEwZjM5ZjM4ZDg2YzQ5M2JlNDJiY2QyYjdhOGUzNTQyNDZiOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/RfyWtX/BdjSYNP5UelJSzE0h0A
8EzPCChjtHSyraxEd7vkGiPrqO5UnEWLoK7gKPdxTn/u7rraB8r59xJr3o3aE6lz
s14KW5mF5kWhhKcswhAdaZL59VtU3mmwmj7+ZQlt2FyprAE5HpDap78eyO2EjGO+
y89uYKQrKDMZFNr5Mo7hDWPK3ZYMbopm9eCl4uT7l/NnkNadebHtqYW/JF6sQnd5
mtYJhF1IiuLB64UQJvjVw1Hm4ttPh/5cRLr9DgkrBcVxfjac9uDYUup2kT0tHNw5
A9i7X+hOYYA9EDao/yN4iP3GVuuBltPIMv080lPaVbMCcgyvjNi8Mz6SfwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGWg85842GxJO+QrzSt6jjVCRrnFMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvWmFEem56alliRWs3NUN2TkszcU9OVUpHdWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKge7QAMF
AyoQMkADBQMqEDNAAwUDKhA0QAMFAyoQeQAwDQYJKoZIhvcNAQELBQADggEBAK7B
y41vZDQF7aE8TAPoghgbU//a3lUbOjH1dsOiioUjNMb7xlsj/y9Rm6+Fzh6bORER
xflW4EUI+Uj25e/+cLJy05zlbJy5wfhqS+KsIoCM0hCgzLbCyKsfDhkZ7+PKEzPq
ZRDPJPFgSGBhQb3cxs1/biKLxG7EJG7fgENoLP0xO/s+rKAoXYUXMD7boNHiv5Bm
q9CQOx7In/ke4GKwFP0LVlpeVOBNr/6fgKuZLhIFDqOjRPickdkN6NDUweiJWmgN
/ZlcxKR+CnRrBJhzVXZSIeHrb60AsV7TC+Y4DHKzsb4w37v6xLG1l/+ARV4axwXM
DSS2rh80XsGFHm6NERw=
-----END CERTIFICATE-----
Generated at Sat May 10 07:23:01 2025 by rpki-client