Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hqWjDToe0yaIK5Nb7Hi_t1Sq5tc.roa
File: hqWjDToe0yaIK5Nb7Hi_t1Sq5tc.roa (raw, json)
Hash identifier: o9wNWsQIkTCYLok9Lb3avrpas6S3EkNEnoDpuoiomv8=
Subject key identifier: 86:A5:A3:0D:3A:1E:D3:26:88:2B:93:5B:EC:78:BF:B7:54:AA:E6:D7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018CD36AE97DD59CAF59FC394D1298FF57C5
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hqWjDToe0yaIK5Nb7Hi_t1Sq5tc.roa
Signing time: Thu 04 Jan 2024 07:40:48 +0000
ROA not before: Thu 04 Jan 2024 07:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197992
IP address blocks: 2a0e:9b00::/29 maxlen: 29
2a0f:1380::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a0f:ec00::/29 maxlen: 29
2a0f:8300::/29 maxlen: 29
2a0f:1580::/29 maxlen: 29
2a0f:3f80::/29 maxlen: 29
2a0f:dac0::/29 maxlen: 29
2a0f:ee00::/29 maxlen: 29
2a0e:5a80::/29 maxlen: 29
2a0f:e140::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a12:d540::/29 maxlen: 29
2a0a:1400::/29 maxlen: 29
2a06:a5c0::/29 maxlen: 29
2a0f:bc00::/29 maxlen: 29
2a05:b300::/29 maxlen: 29
2a0f:da40::/29 maxlen: 29
2a13:7d80::/29 maxlen: 29
2a0f:7f00::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a0f:e0c0::/29 maxlen: 29
2a06:a600::/29 maxlen: 29
2a0f:e640::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:8100::/29 maxlen: 29
2a0f:dd40::/29 maxlen: 29
2a0f:2300::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 17 Jan 2024 10:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:6a:e9:7d:d5:9c:af:59:fc:39:4d:12:98:ff:57:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 4 07:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86a5a30d3a1ed326882b935bec78bfb754aae6d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c2:67:ab:07:a0:3c:c5:bc:a6:55:0c:44:3e:
ef:5b:b4:ad:e9:bb:ad:c4:76:5a:5e:ab:a5:2f:55:
51:09:ac:d4:ca:12:95:2c:7a:ba:8c:03:75:26:7d:
6d:f8:43:a3:48:c9:ce:e0:37:d2:a0:b7:75:f1:ab:
d6:0a:cb:e5:be:0e:80:3d:cd:9d:69:a6:5f:a2:e9:
f1:bf:86:d5:3c:26:bd:34:eb:33:d2:87:fc:fc:e6:
0c:ee:bf:99:f4:f0:63:c4:f5:ca:32:01:e1:8d:65:
97:7e:17:61:81:f0:3e:56:fa:95:eb:0b:e0:09:2a:
d7:f8:d2:58:70:70:ff:f9:77:be:cd:45:a8:fa:fe:
22:db:1a:10:47:ca:ad:dc:99:c8:bc:29:29:03:aa:
be:83:6d:8c:69:8b:77:e4:fe:4a:82:fe:aa:84:48:
9b:2f:a7:42:af:eb:57:60:8a:2b:2c:ed:28:d3:53:
63:37:90:ee:1c:43:e8:d2:a0:14:0a:49:c4:69:f7:
63:4e:3a:24:ed:4a:9c:1c:3e:61:41:e5:4e:2b:1c:
ef:ff:01:d5:32:35:98:f8:f5:0b:af:62:b5:af:40:
91:ab:8c:06:2b:34:d3:5f:f2:2c:ab:31:eb:71:bc:
7c:af:d8:a4:f8:98:dc:54:ac:6d:a5:9d:c5:78:2f:
7e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A5:A3:0D:3A:1E:D3:26:88:2B:93:5B:EC:78:BF:B7:54:AA:E6:D7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hqWjDToe0yaIK5Nb7Hi_t1Sq5tc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a06:a5c0::/29
2a06:a600::/29
2a06:dfc0::/29
2a0a:1400::/29
2a0c:4880::/29
2a0e:5a80::/29
2a0e:9b00::/29
2a0f:1380::/29
2a0f:1580::/29
2a0f:2300::/29
2a0f:3f80::/29
2a0f:7f00::/29
2a0f:8100::/29
2a0f:8300::/29
2a0f:9600::/29
2a0f:bc00::/29
2a0f:da40::/29
2a0f:dac0::/29
2a0f:dd40::/29
2a0f:e0c0::/29
2a0f:e140::/29
2a0f:e640::/29
2a0f:ec00::/29
2a0f:ee00::/29
2a12:d540::/29
2a13:200::/29
2a13:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
7a:93:c8:19:ce:81:a1:fb:5b:e5:72:7d:45:de:c6:69:40:9d:
14:ac:f5:4c:94:74:4a:48:67:34:8e:79:6a:3d:64:6d:87:9e:
23:4f:fe:96:fb:6c:ad:00:08:e6:02:1f:ff:e8:b8:25:5a:c4:
7f:18:12:d3:b7:c8:7a:5b:53:ef:ca:01:f4:eb:53:ec:e3:fb:
bb:32:f5:5d:3b:e9:e0:5c:91:d9:59:dd:72:32:66:60:9c:4a:
ef:d6:a4:4d:ac:a0:c5:ce:b0:e0:c4:18:ac:4c:64:e9:ea:0a:
25:01:83:65:15:ed:4d:13:d2:ba:4f:61:70:d2:ab:f5:fc:01:
4e:27:c3:f0:15:e3:0a:27:3b:83:e6:10:ac:3c:17:e3:df:52:
84:d0:2b:bc:b8:ab:06:75:74:b8:0e:44:4e:d3:66:3c:c2:c5:
2d:f0:23:84:6e:44:0b:84:b3:25:91:9c:3d:b0:0c:c9:52:93:
60:0e:0d:e9:17:88:00:2b:50:60:dc:9c:69:6c:9c:99:60:da:
43:d1:37:77:a4:42:c2:dd:84:53:bf:81:1c:75:c7:1f:d5:14:
e7:60:b2:ea:1e:c4:a5:ae:8e:52:48:91:30:57:9a:50:b4:7d:
fe:d7:00:9f:db:1a:10:34:89:b7:49:00:d7:df:fb:4a:87:38:
e9:9d:c7:f6
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYzTaul91ZyvWfw5TRKY/1fFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMTA0MDc0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE1YTMwZDNhMWVkMzI2ODgyYjkzNWJlYzc4YmZiNzU0YWFlNmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMJnqwegPMW8plUMRD7vW7St6but
xHZaXqulL1VRCazUyhKVLHq6jAN1Jn1t+EOjSMnO4DfSoLd18avWCsvlvg6APc2d
aaZfounxv4bVPCa9NOsz0of8/OYM7r+Z9PBjxPXKMgHhjWWXfhdhgfA+VvqV6wvg
CSrX+NJYcHD/+Xe+zUWo+v4i2xoQR8qt3JnIvCkpA6q+g22MaYt35P5Kgv6qhEib
L6dCr+tXYIorLO0o01NjN5DuHEPo0qAUCknEafdjTjok7UqcHD5hQeVOKxzv/wHV
MjWY+PULr2K1r0CRq4wGKzTTX/IsqzHrcbx8r9ik+JjcVKxtpZ3FeC9+DwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFIalow06HtMmiCuTW+x4v7dUqubXMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaHFXakRUb2UweWFJSzVOYjdIaV90MVNxNXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAIwgcQDBQMq
BbMAAwUDKgalwAMFAyoGpgADBQMqBt/AAwUDKgoUAAMFAyoMSIADBQMqDlqAAwUD
Kg6bAAMFAyoPE4ADBQMqDxWAAwUDKg8jAAMFAyoPP4ADBQMqD38AAwUDKg+BAAMF
AyoPgwADBQMqD5YAAwUDKg+8AAMFAyoP2kADBQMqD9rAAwUDKg/dQAMFAyoP4MAD
BQMqD+FAAwUDKg/mQAMFAyoP7AADBQMqD+4AAwUDKhLVQAMFAyoTAgADBQMqE32A
MA0GCSqGSIb3DQEBCwUAA4IBAQB6k8gZzoGh+1vlcn1F3sZpQJ0UrPVMlHRKSGc0
jnlqPWRth54jT/6W+2ytAAjmAh//6LglWsR/GBLTt8h6W1PvygH061Ps4/u7MvVd
O+ngXJHZWd1yMmZgnErv1qRNrKDFzrDgxBisTGTp6golAYNlFe1NE9K6T2Fw0qv1
/AFOJ8PwFeMKJzuD5hCsPBfj31KE0Cu8uKsGdXS4DkRO02Y8wsUt8COEbkQLhLMl
kZw9sAzJUpNgDg3pF4gAK1Bg3JxpbJyZYNpD0Td3pELC3YRTv4Ecdccf1RTnYLLq
HsSlro5SSJEwV5pQtH3+1wCf2xoQNIm3SQDX3/tKhzjpncf2
-----END CERTIFICATE-----
Generated at Thu May 8 03:46:57 2025 by rpki-client