Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cZ1XKe_CwOFb5v-YWEzCMftdj6E.roa
File: cZ1XKe_CwOFb5v-YWEzCMftdj6E.roa (raw, json)
Hash identifier: ZuPQWJeBuF76Y6ZuN/vQe7P2gILoQIgPaESfvTYRLQk=
Subject key identifier: 71:9D:57:29:EF:C2:C0:E1:5B:E6:FF:98:58:4C:C2:31:FB:5D:8F:A1
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018FC4E573BA3AC56C1320580C2D69866932
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cZ1XKe_CwOFb5v-YWEzCMftdj6E.roa
Signing time: Wed 29 May 2024 15:08:42 +0000
ROA not before: Wed 29 May 2024 15:08:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 64.226.54.0/23 maxlen: 23
64.226.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 07 Oct 2024 18:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c4:e5:73:ba:3a:c5:6c:13:20:58:0c:2d:69:86:69:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 29 15:08:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=719d5729efc2c0e15be6ff98584cc231fb5d8fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f6:94:e4:d9:b8:03:62:c7:5c:5f:86:d9:de:
67:48:3c:54:11:88:81:a7:66:53:78:f5:90:64:e1:
02:f7:d0:8f:67:5e:f9:f0:b7:32:57:ed:97:e9:7c:
3f:d7:e6:63:b0:2d:bd:5a:b7:7d:64:66:32:af:50:
48:c0:3c:7f:7f:6b:55:d8:64:5b:46:85:74:93:66:
dd:6e:0a:95:cf:8b:2d:58:49:2a:7b:29:5f:ff:30:
69:7f:dc:41:a2:9a:3e:4c:60:47:6b:e3:6f:ab:05:
25:cc:99:b1:71:65:b5:05:a9:d1:97:6e:ca:3d:5f:
83:0b:78:f6:b0:cf:a5:ba:37:3b:1e:0f:f6:fb:73:
e1:2f:af:ee:c7:31:bd:28:99:7b:19:78:eb:ff:f9:
45:a4:67:a1:7f:8c:1f:1a:39:e1:f1:0e:8e:21:a3:
f0:a9:3d:ff:b9:67:d2:db:64:f4:0b:37:c4:b9:5a:
ea:39:21:23:12:f7:0e:0d:45:be:7c:7e:f0:37:a5:
1f:f6:67:25:23:e9:41:57:d7:d7:f1:19:2f:6f:ee:
3c:d6:2f:7a:78:6d:0f:0f:51:5d:29:1f:a2:54:29:
3f:9b:1b:ec:8c:d0:1f:a2:9f:0f:1c:d6:cd:b1:12:
73:0e:25:7a:c1:ff:8c:74:74:2f:8e:27:8a:aa:84:
b1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9D:57:29:EF:C2:C0:E1:5B:E6:FF:98:58:4C:C2:31:FB:5D:8F:A1
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/cZ1XKe_CwOFb5v-YWEzCMftdj6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:f0:93:42:75:03:af:dd:11:e2:ea:76:c2:b6:af:8d:ce:40:
ec:b3:c4:a5:e1:99:44:17:78:b4:96:f1:df:4f:40:af:26:fe:
aa:87:03:fc:08:3e:ae:56:a2:79:4a:a1:52:1f:23:ac:74:a8:
86:fd:72:51:61:06:26:85:46:7f:5b:e1:ad:0b:d6:b0:4d:26:
2c:30:a6:a0:45:44:c9:65:97:e5:c7:33:25:1d:f5:9b:86:60:
9e:1b:b8:5c:96:59:3e:09:35:83:be:5a:6d:21:f2:79:03:1e:
9d:47:d2:3f:18:01:1b:28:f7:80:c7:59:db:69:64:ea:83:10:
90:99:47:66:f9:be:e9:b9:f6:d1:96:60:c0:84:e4:90:b9:38:
ea:6a:05:50:fd:7c:04:d3:f2:8d:72:78:19:1a:00:15:69:19:
ea:45:a6:59:d3:46:3c:7f:6b:78:f2:56:22:ea:6b:9f:10:a5:
4c:00:0f:8d:8b:09:bc:5a:fe:ba:d4:84:5f:8d:ff:f4:ba:9e:
52:6a:b0:66:3a:fe:6b:39:00:1b:bb:65:7a:de:78:00:90:f5:
6b:d7:e9:aa:a3:92:bc:21:10:58:94:54:17:a6:8f:f8:b4:3b:
a3:0e:ad:ac:da:19:eb:9e:77:e3:db:4c:11:c8:1c:0a:cc:a0:
7f:06:ec:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/E5XO6OsVsEyBYDC1phmkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTI5MTUwODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTlkNTcyOWVmYzJjMGUxNWJlNmZmOTg1ODRjYzIzMWZiNWQ4ZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPaU5Nm4A2LHXF+G2d5nSDxUEYiB
p2ZTePWQZOEC99CPZ1758LcyV+2X6Xw/1+ZjsC29Wrd9ZGYyr1BIwDx/f2tV2GRb
RoV0k2bdbgqVz4stWEkqeylf/zBpf9xBopo+TGBHa+NvqwUlzJmxcWW1BanRl27K
PV+DC3j2sM+lujc7Hg/2+3PhL6/uxzG9KJl7GXjr//lFpGehf4wfGjnh8Q6OIaPw
qT3/uWfS22T0CzfEuVrqOSEjEvcODUW+fH7wN6Uf9mclI+lBV9fX8Rkvb+481i96
eG0PD1FdKR+iVCk/mxvsjNAfop8PHNbNsRJzDiV6wf+MdHQvjieKqoSx4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHGdVynvwsDhW+b/mFhMwjH7XY+hMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvY1oxWEtlX0N3T0ZiNXYtWVdFekNNZnRkajZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBQOI2AwQC
QOKcMA0GCSqGSIb3DQEBCwUAA4IBAQB68JNCdQOv3RHi6nbCtq+NzkDss8Sl4ZlE
F3i0lvHfT0CvJv6qhwP8CD6uVqJ5SqFSHyOsdKiG/XJRYQYmhUZ/W+GtC9awTSYs
MKagRUTJZZflxzMlHfWbhmCeG7hcllk+CTWDvlptIfJ5Ax6dR9I/GAEbKPeAx1nb
aWTqgxCQmUdm+b7pufbRlmDAhOSQuTjqagVQ/XwE0/KNcngZGgAVaRnqRaZZ00Y8
f2t48lYi6mufEKVMAA+Niwm8Wv661IRfjf/0up5SarBmOv5rOQAbu2V63ngAkPVr
1+mqo5K8IRBYlFQXpo/4tDujDq2s2hnrnnfj20wRyBwKzKB/Buw/
-----END CERTIFICATE-----
Generated at Sun May 11 01:56:18 2025 by rpki-client