Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uOMlTPmcZTXULH_7K0phkXPCgNc.roa
File: uOMlTPmcZTXULH_7K0phkXPCgNc.roa (raw, json)
Hash identifier: ay653DBtJ2kLFl4B5Fq2vHjUpLJmd/MRr85be2XRo18=
Subject key identifier: B8:E3:25:4C:F9:9C:65:35:D4:2C:7F:FB:2B:4A:61:91:73:C2:80:D7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193029BBEEF471A084CA040AEE27C97F019
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uOMlTPmcZTXULH_7K0phkXPCgNc.roa
Signing time: Wed 06 Nov 2024 17:53:01 +0000
ROA not before: Wed 06 Nov 2024 17:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197992
IP address blocks: 2a05:b300::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a07:a300::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a10:30c0::/29 maxlen: 29
2a10:33c0::/29 maxlen: 29
2a10:3840::/29 maxlen: 29
2a10:5c00::/29 maxlen: 29
2a10:6400::/29 maxlen: 29
2a10:7700::/29 maxlen: 29
2a10:7b00::/29 maxlen: 29
2a11:1200::/29 maxlen: 29
2a11:1880::/29 maxlen: 29
2a11:5c80::/29 maxlen: 29
2a11:8700::/29 maxlen: 29
2a11:89c0::/29 maxlen: 29
2a11:9340::/29 maxlen: 29
2a11:9e00::/29 maxlen: 29
2a11:b200::/29 maxlen: 29
2a11:b740::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a11:efc0::/29 maxlen: 29
2a11:f040::/29 maxlen: 29
2a12:ba00::/29 maxlen: 29
2a12:dc00::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a13:cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 20 Nov 2024 11:21:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:02:9b:be:ef:47:1a:08:4c:a0:40:ae:e2:7c:97:f0:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 6 17:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b8e3254cf99c6535d42c7ffb2b4a619173c280d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:55:51:e2:3f:f6:c6:db:a9:89:2c:a4:9f:ca:
c8:ab:c7:9d:ef:16:7f:d9:65:2d:06:6d:f8:f2:1a:
dd:e9:c5:3b:96:32:3f:b8:d0:b9:ab:93:8c:d9:92:
3c:cb:b7:a0:f2:5e:49:19:1a:75:54:4e:38:a1:94:
7e:5c:f2:3c:8a:de:0d:67:20:13:12:e7:59:e6:85:
10:59:45:ee:39:a2:f7:51:8f:34:4e:43:79:9b:7f:
e0:1e:4b:99:d7:bb:8e:26:17:40:50:3b:a5:8f:42:
74:0b:74:32:e9:af:60:a6:1d:6d:e9:82:89:c1:b5:
23:26:26:31:ae:b4:e5:fe:34:98:b2:b7:38:c8:b9:
94:0c:6e:bb:79:22:ba:70:e8:4c:14:f0:8a:ce:f7:
a5:3c:19:c3:34:93:fa:5f:aa:1f:f5:10:94:d5:0f:
44:f0:13:d2:7b:89:03:2e:9d:11:f8:9f:53:d9:3f:
d0:19:a4:ff:df:ac:4a:99:ad:a8:3d:f0:25:d8:95:
33:f9:b4:8f:8d:40:7f:ee:dc:78:57:d1:9a:10:61:
4f:69:9d:e5:2a:6c:d0:7c:b2:f9:a1:e3:e4:8c:73:
4d:38:05:86:6f:ac:6c:c6:3a:fd:5b:8d:e9:b9:b5:
98:cb:1d:60:76:ce:2f:36:14:0c:e6:65:39:bc:ea:
d9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E3:25:4C:F9:9C:65:35:D4:2C:7F:FB:2B:4A:61:91:73:C2:80:D7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uOMlTPmcZTXULH_7K0phkXPCgNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a06:dfc0::/29
2a07:a300::/29
2a0e:5800::/29
2a0f:1740::/29
2a0f:19c0::/29
2a0f:1ac0::/29
2a0f:e740::/29
2a10:30c0::/29
2a10:33c0::/29
2a10:3840::/29
2a10:5c00::/29
2a10:6400::/29
2a10:7700::/29
2a10:7b00::/29
2a11:1200::/29
2a11:1880::/29
2a11:5c80::/29
2a11:8700::/29
2a11:89c0::/29
2a11:9340::/29
2a11:9e00::/29
2a11:b200::/29
2a11:b740::/29
2a11:e580::/29
2a11:efc0::/29
2a11:f040::/29
2a12:ba00::/29
2a12:dc00::/29
2a13:200::/29
2a13:cc0::/29
Signature Algorithm: sha256WithRSAEncryption
bd:d3:34:db:53:cf:58:78:09:84:a1:67:3b:d9:c5:27:e7:7b:
ad:e8:ac:2f:e9:33:49:ca:bc:ef:fe:ee:69:9d:8d:3c:02:8e:
c9:ba:76:d3:cb:f2:02:b9:25:ea:a3:e4:66:9a:a8:22:bb:17:
f1:37:49:c8:ba:d8:28:f4:f4:7b:ef:23:e5:e1:83:8e:b6:e1:
68:2d:15:38:cb:9b:cd:36:1a:c5:a1:56:30:96:88:72:a6:a8:
c8:a2:91:6c:f0:cd:5a:29:c7:1d:e6:e9:bc:78:20:29:80:e3:
54:a1:3e:d2:39:1a:55:48:d7:04:b5:c7:db:b6:97:ad:75:61:
e9:25:ed:81:25:ba:42:a1:ea:7e:2f:b1:e5:6f:b9:8b:a0:8e:
87:63:4a:1c:7d:52:d3:04:a4:20:4e:51:45:6e:b8:3d:82:96:
78:df:57:b1:84:de:ec:d2:33:33:16:b3:bd:50:f2:a8:23:91:
1f:6d:41:be:96:15:91:38:09:f7:24:66:eb:01:23:4d:59:1f:
59:24:55:3f:86:95:18:ef:e0:9c:13:d5:7c:24:ba:11:b8:cb:
c1:af:99:31:2c:7f:64:2d:ec:32:a5:4d:de:25:11:f7:fe:3e:
07:75:79:1a:cc:2e:1a:3b:43:12:f3:1b:87:41:1b:60:53:ee:
c6:30:6f:65
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZMCm77vRxoITKBAruJ8l/AZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTA2MTc1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGUzMjU0Y2Y5OWM2NTM1ZDQyYzdmZmIyYjRhNjE5MTczYzI4MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11VR4j/2xtupiSykn8rIq8ed7xZ/
2WUtBm348hrd6cU7ljI/uNC5q5OM2ZI8y7eg8l5JGRp1VE44oZR+XPI8it4NZyAT
EudZ5oUQWUXuOaL3UY80TkN5m3/gHkuZ17uOJhdAUDulj0J0C3Qy6a9gph1t6YKJ
wbUjJiYxrrTl/jSYsrc4yLmUDG67eSK6cOhMFPCKzvelPBnDNJP6X6of9RCU1Q9E
8BPSe4kDLp0R+J9T2T/QGaT/36xKma2oPfAl2JUz+bSPjUB/7tx4V9GaEGFPaZ3l
KmzQfLL5oePkjHNNOAWGb6xsxjr9W43pubWYyx1gds4vNhQM5mU5vOrZSwIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFLjjJUz5nGU11Cx/+ytKYZFzwoDXMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdU9NbFRQbWNaVFhVTEhfN0swcGhrWFBDZ05jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCB4AQCAAIwgdkDBQMq
BbMAAwUDKgbfwAMFAyoHowADBQMqDlgAAwUDKg8XQAMFAyoPGcADBQMqDxrAAwUD
Kg/nQAMFAyoQMMADBQMqEDPAAwUDKhA4QAMFAyoQXAADBQMqEGQAAwUDKhB3AAMF
AyoQewADBQMqERIAAwUDKhEYgAMFAyoRXIADBQMqEYcAAwUDKhGJwAMFAyoRk0AD
BQMqEZ4AAwUDKhGyAAMFAyoRt0ADBQMqEeWAAwUDKhHvwAMFAyoR8EADBQMqEroA
AwUDKhLcAAMFAyoTAgADBQMqEwzAMA0GCSqGSIb3DQEBCwUAA4IBAQC90zTbU89Y
eAmEoWc72cUn53ut6Kwv6TNJyrzv/u5pnY08Ao7JunbTy/ICuSXqo+Rmmqgiuxfx
N0nIutgo9PR77yPl4YOOtuFoLRU4y5vNNhrFoVYwlohypqjIopFs8M1aKccd5um8
eCApgONUoT7SORpVSNcEtcfbtpetdWHpJe2BJbpCoep+L7Hlb7mLoI6HY0ocfVLT
BKQgTlFFbrg9gpZ431exhN7s0jMzFrO9UPKoI5EfbUG+lhWROAn3JGbrASNNWR9Z
JFU/hpUY7+CcE9V8JLoRuMvBr5kxLH9kLewypU3eJRH3/j4HdXkazC4aO0MS8xuH
QRtgU+7GMG9l
-----END CERTIFICATE-----
Generated at Thu May 8 09:25:15 2025 by rpki-client