Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u9eoPf4ccGTkJDJQTBRSFGwkJts.roa
File: u9eoPf4ccGTkJDJQTBRSFGwkJts.roa (raw, json)
Hash identifier: E4z06lEutahoPGEYVrI51U8g3P2RXx+d99UBM8nVBEY=
Subject key identifier: BB:D7:A8:3D:FE:1C:70:64:E4:24:32:50:4C:14:52:14:6C:24:26:DB
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01951470F8907E66BC0A46758B59154F68B6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u9eoPf4ccGTkJDJQTBRSFGwkJts.roa
Signing time: Mon 17 Feb 2025 15:05:02 +0000
ROA not before: Mon 17 Feb 2025 15:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 64.226.54.0/23 maxlen: 23
64.226.156.0/22 maxlen: 22
2a06:35c2::/32 maxlen: 32
2a0d:8f80::/29 maxlen: 29
2a0e:1a81::/32 maxlen: 32
2a0e:c783::/32 maxlen: 32
2a0e:f500::/29 maxlen: 29
2a0e:f602::/32 maxlen: 32
2a0f:1e82::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a10:37c0::/29 maxlen: 29
2a10:67c0::/32 maxlen: 32
2a13:9281::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 20 Feb 2025 18:36:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:14:70:f8:90:7e:66:bc:0a:46:75:8b:59:15:4f:68:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 17 15:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbd7a83dfe1c7064e42432504c1452146c2426db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:71:c8:e6:f2:7d:c5:1d:af:d8:c0:e5:d1:28:
03:cd:39:63:85:87:b0:c9:f4:9b:31:27:a0:3f:63:
00:15:4f:6c:c3:1b:27:bd:e8:2a:8b:f6:98:9c:bb:
41:6f:0c:a3:92:8b:6b:af:6e:1c:10:5a:f3:5d:53:
ae:e3:a8:84:34:ec:ae:f1:f7:f7:5f:50:26:15:63:
e0:f9:30:47:bd:bf:47:cb:83:6e:56:60:e3:bb:69:
0c:57:2b:ff:3f:62:42:97:c5:be:6f:5c:4e:08:ad:
ab:a9:c8:8c:a7:56:a4:a5:3e:f7:fa:cd:92:25:cd:
cb:c7:24:a5:14:ff:0b:b3:6d:84:c4:1c:f2:f0:4b:
51:bd:e0:05:0a:cc:f4:94:dc:84:0c:9d:37:3f:fa:
bd:90:c8:7c:bf:a5:70:c4:83:a3:70:38:c5:8d:bd:
4f:26:06:7a:88:3b:16:15:c7:fe:be:8e:95:ea:5e:
60:04:1b:57:24:b9:dd:af:57:3a:7a:f9:c4:81:49:
54:60:b3:b2:3c:d0:04:27:89:a9:70:a4:f3:8b:db:
33:4e:f6:2c:51:b9:c0:64:62:f8:54:4c:1c:b3:3a:
93:44:08:e5:81:c1:ed:51:b3:cc:b8:54:65:75:69:
06:32:c1:be:b6:aa:32:21:aa:57:4f:99:1e:de:2d:
1f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D7:A8:3D:FE:1C:70:64:E4:24:32:50:4C:14:52:14:6C:24:26:DB
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/u9eoPf4ccGTkJDJQTBRSFGwkJts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.226.54.0/23
64.226.156.0/22
IPv6:
2a06:35c2::/32
2a0d:8f80::/29
2a0e:1a81::/32
2a0e:c783::/32
2a0e:f500::/29
2a0e:f602::/32
2a0f:1e82::/32
2a0f:3d83::/32
2a10:37c0::/29
2a10:67c0::/32
2a13:9281::/32
Signature Algorithm: sha256WithRSAEncryption
9a:c2:0f:e7:63:9d:e2:2c:7f:ef:bb:78:ca:11:5b:e7:df:f2:
a4:9a:20:ec:e5:f1:b8:0c:a2:10:ff:ba:cc:1d:77:ac:a7:1e:
b6:72:cf:77:b7:30:85:32:fd:c2:a7:e1:5b:a4:37:1b:3f:46:
83:6d:9c:46:aa:6a:8c:ff:b3:70:0d:59:be:33:13:ed:53:29:
fb:71:91:a5:31:33:11:d1:ca:6e:a3:48:11:71:36:a8:d9:91:
c2:b6:e9:b2:92:27:0a:66:72:32:91:c4:c1:5b:00:ca:93:fc:
52:90:e2:ae:30:ba:0c:74:af:cc:7a:30:8d:2d:d9:f5:29:4d:
ea:23:30:8e:b5:15:2d:60:53:4c:de:0c:a8:54:e9:2e:44:57:
b3:81:89:36:24:96:b7:aa:a2:41:bb:b5:e9:d8:f2:c5:4f:41:
d7:68:f8:d6:62:ae:48:76:f9:1f:e9:97:71:37:0e:de:3e:60:
07:60:50:e5:c7:32:7b:94:fe:02:97:a4:3b:c3:dd:ad:c5:8c:
96:8e:58:90:5a:b3:61:ee:54:7c:48:99:d4:0e:f8:a9:01:6f:
29:d0:f7:3b:0e:ec:e2:fd:7c:39:32:d3:cb:8c:ec:0f:c2:ae:
62:74:1b:5d:2c:0f:83:dd:a2:53:51:29:0e:fb:21:e8:9b:6f:
be:61:22:2b
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZUUcPiQfma8CkZ1i1kVT2i2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwMjE3MTUwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ3YTgzZGZlMWM3MDY0ZTQyNDMyNTA0YzE0NTIxNDZjMjQyNmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+HHI5vJ9xR2v2MDl0SgDzTljhYew
yfSbMSegP2MAFU9swxsnvegqi/aYnLtBbwyjkotrr24cEFrzXVOu46iENOyu8ff3
X1AmFWPg+TBHvb9Hy4NuVmDju2kMVyv/P2JCl8W+b1xOCK2rqciMp1akpT73+s2S
Jc3LxySlFP8Ls22ExBzy8EtRveAFCsz0lNyEDJ03P/q9kMh8v6VwxIOjcDjFjb1P
JgZ6iDsWFcf+vo6V6l5gBBtXJLndr1c6evnEgUlUYLOyPNAEJ4mpcKTzi9szTvYs
UbnAZGL4VEwcszqTRAjlgcHtUbPMuFRldWkGMsG+tqoyIapXT5ke3i0fbwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFLvXqD3+HHBk5CQyUEwUUhRsJCbbMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdTllb1BmNGNjR1RrSkRKUVRCUlNGR3drSnRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTASBAIAATAMAwQBQOI2AwQC
QOKcMFMEAgACME0DBQAqBjXCAwUDKg2PgAMFACoOGoEDBQAqDseDAwUDKg71AAMF
ACoO9gIDBQAqDx6CAwUAKg89gwMFAyoQN8ADBQAqEGfAAwUAKhOSgTANBgkqhkiG
9w0BAQsFAAOCAQEAmsIP52Od4ix/77t4yhFb59/ypJog7OXxuAyiEP+6zB13rKce
tnLPd7cwhTL9wqfhW6Q3Gz9Gg22cRqpqjP+zcA1ZvjMT7VMp+3GRpTEzEdHKbqNI
EXE2qNmRwrbpspInCmZyMpHEwVsAypP8UpDirjC6DHSvzHowjS3Z9SlN6iMwjrUV
LWBTTN4MqFTpLkRXs4GJNiSWt6qiQbu16djyxU9B12j41mKuSHb5H+mXcTcO3j5g
B2BQ5ccye5T+ApekO8PdrcWMlo5YkFqzYe5UfEiZ1A74qQFvKdD3Ow7s4v18OTLT
y4zsD8KuYnQbXSwPg92iU1EpDvsh6JtvvmEiKw==
-----END CERTIFICATE-----
Generated at Mon May 12 22:53:54 2025 by rpki-client