Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zEC-5cDyct9STW-x2JXIGniF3rM.roa
File: zEC-5cDyct9STW-x2JXIGniF3rM.roa (raw, json)
Hash identifier: hNQFu083fxDZsaM6xN7Vi7VHb9f3Ory6XivlD2EfGHk=
Subject key identifier: CC:40:BE:E5:C0:F2:72:DF:52:4D:6F:B1:D8:95:C8:1A:78:85:DE:B3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018E12F4903935ADC0AA8128B1C81204EA92
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zEC-5cDyct9STW-x2JXIGniF3rM.roa
Signing time: Wed 06 Mar 2024 08:50:01 +0000
ROA not before: Wed 06 Mar 2024 08:50:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395839
IP address blocks: 2a06:5280::/29 maxlen: 29
2a0f:3940::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 04 Apr 2024 07:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:f4:90:39:35:ad:c0:aa:81:28:b1:c8:12:04:ea:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 6 08:50:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc40bee5c0f272df524d6fb1d895c81a7885deb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e4:e0:bd:3b:d8:8b:00:c6:0e:2f:37:48:db:
23:ed:91:de:bd:8e:61:90:48:1f:e2:b6:85:49:a3:
e6:6c:8d:ca:62:7a:09:9a:91:4e:51:68:29:fd:aa:
a6:f6:30:34:6d:a0:09:c3:05:da:ad:23:46:b5:45:
45:86:77:8f:95:a2:ba:9b:06:fc:40:43:a8:05:d6:
db:95:2b:1a:16:48:b1:12:51:d3:f2:9e:e8:2b:aa:
e6:64:ea:bb:a2:01:e0:8b:46:23:86:34:9c:40:9c:
50:fe:bb:cf:44:5a:2b:dc:d8:f0:9b:7d:7a:b4:b5:
65:19:19:69:13:07:63:aa:54:e5:5c:74:f1:99:61:
62:0f:fd:26:28:de:48:b3:db:67:11:7e:22:5f:60:
af:33:51:31:cb:ab:97:c7:10:1f:10:58:c8:b1:a0:
05:95:51:b7:c8:ea:46:6d:73:b3:be:71:be:11:02:
4d:6a:74:25:27:5b:f8:c8:3a:d8:0b:37:4a:3f:d0:
7e:13:49:c0:97:ee:94:97:4f:fa:52:7d:a1:68:da:
32:bd:4e:d7:85:07:5c:ff:1e:5f:08:37:42:c9:06:
4f:04:73:7b:ec:4e:35:8f:73:91:aa:43:3f:d8:fd:
76:01:22:de:01:60:78:9b:55:d1:a9:29:0d:02:1c:
73:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:40:BE:E5:C0:F2:72:DF:52:4D:6F:B1:D8:95:C8:1A:78:85:DE:B3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zEC-5cDyct9STW-x2JXIGniF3rM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5280::/29
2a0f:3940::/29
2a0f:39c0::/29
2a11:4e80::/29
Signature Algorithm: sha256WithRSAEncryption
ae:c5:ad:d7:b5:07:5d:0f:88:0b:63:18:53:78:e3:7c:6c:d8:
38:9a:a8:f5:88:b1:2d:23:e5:4b:f0:18:a0:b3:29:4a:68:7f:
56:35:36:d6:58:ea:a9:08:de:25:1f:80:b9:49:c5:72:34:bd:
30:54:dd:64:0d:70:9e:57:f2:57:31:79:1a:ed:2c:35:51:50:
db:cd:25:a0:56:a6:18:19:00:e3:d4:23:db:c5:72:45:54:d9:
51:38:db:7c:a0:17:d6:5e:96:74:2f:a0:6c:62:a1:c0:2f:38:
57:fe:41:fa:36:e8:5d:16:31:2e:6f:93:3c:4f:27:72:66:bb:
6e:df:84:9f:6c:84:97:d8:3c:2a:ed:3e:c8:28:a0:01:22:13:
d1:62:aa:ee:12:b3:3d:37:a7:f9:c8:88:87:df:87:5f:50:40:
19:2c:93:ad:4f:c1:a9:78:c6:cf:04:6c:07:b0:d9:81:97:d4:
d6:79:35:3b:e4:b1:c5:e3:af:85:83:0c:5f:2c:f8:c2:49:dc:
b6:90:34:20:92:4b:29:d8:b6:08:6e:9b:10:0c:3e:a6:f3:5c:
4c:00:4a:25:13:1d:a4:b1:ad:27:db:bc:79:aa:a7:18:0c:31:
8b:a1:10:33:9f:a8:b0:35:a4:ef:1c:8a:2c:61:f2:9a:a1:69:
54:d5:06:7b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY4S9JA5Na3AqoEoscgSBOqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwMzA2MDg1MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQwYmVlNWMwZjI3MmRmNTI0ZDZmYjFkODk1YzgxYTc4ODVkZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouTgvTvYiwDGDi83SNsj7ZHevY5h
kEgf4raFSaPmbI3KYnoJmpFOUWgp/aqm9jA0baAJwwXarSNGtUVFhnePlaK6mwb8
QEOoBdbblSsaFkixElHT8p7oK6rmZOq7ogHgi0YjhjScQJxQ/rvPRFor3Njwm316
tLVlGRlpEwdjqlTlXHTxmWFiD/0mKN5Is9tnEX4iX2CvM1Exy6uXxxAfEFjIsaAF
lVG3yOpGbXOzvnG+EQJNanQlJ1v4yDrYCzdKP9B+E0nAl+6Ul0/6Un2haNoyvU7X
hQdc/x5fCDdCyQZPBHN77E41j3ORqkM/2P12ASLeAWB4m1XRqSkNAhxzAwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMxAvuXA8nLfUk1vsdiVyBp4hd6zMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvekVDLTVjRHljdDlTVFcteDJKWElHbmlGM3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgZSgAMF
AyoPOUADBQMqDznAAwUDKhFOgDANBgkqhkiG9w0BAQsFAAOCAQEArsWt17UHXQ+I
C2MYU3jjfGzYOJqo9YixLSPlS/AYoLMpSmh/VjU21ljqqQjeJR+AuUnFcjS9MFTd
ZA1wnlfyVzF5Gu0sNVFQ280loFamGBkA49Qj28VyRVTZUTjbfKAX1l6WdC+gbGKh
wC84V/5B+jboXRYxLm+TPE8ncma7bt+En2yEl9g8Ku0+yCigASIT0WKq7hKzPTen
+ciIh9+HX1BAGSyTrU/BqXjGzwRsB7DZgZfU1nk1O+SxxeOvhYMMXyz4wknctpA0
IJJLKdi2CG6bEAw+pvNcTABKJRMdpLGtJ9u8eaqnGAwxi6EQM5+osDWk7xyKLGHy
mqFpVNUGew==
-----END CERTIFICATE-----
Generated at Tue May 13 11:13:35 2025 by rpki-client