Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zLL1WCjKXhudZPkptsDewZOvcxU.roa
File: zLL1WCjKXhudZPkptsDewZOvcxU.roa (raw, json)
Hash identifier: 3ENyJXBMckaIL6B/n2dj7nLpFh23n9n3jFMF8S3UR6o=
Subject key identifier: CC:B2:F5:58:28:CA:5E:1B:9D:64:F9:29:B6:C0:DE:C1:93:AF:73:15
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193015A651D3201C8E92555D52F6F301FD2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zLL1WCjKXhudZPkptsDewZOvcxU.roa
Signing time: Wed 06 Nov 2024 12:02:01 +0000
ROA not before: Wed 06 Nov 2024 12:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197992
IP address blocks: 2a05:b300::/29 maxlen: 29
2a06:dfc0::/29 maxlen: 29
2a07:a300::/29 maxlen: 29
2a0e:5800::/29 maxlen: 29
2a0f:1740::/29 maxlen: 29
2a0f:19c0::/29 maxlen: 29
2a0f:1ac0::/29 maxlen: 29
2a0f:e740::/29 maxlen: 29
2a10:30c0::/29 maxlen: 29
2a10:33c0::/29 maxlen: 29
2a10:3840::/29 maxlen: 29
2a10:5c00::/29 maxlen: 29
2a10:6400::/29 maxlen: 29
2a10:7700::/29 maxlen: 29
2a10:7b00::/29 maxlen: 29
2a11:1200::/29 maxlen: 29
2a11:1880::/29 maxlen: 29
2a11:5c80::/29 maxlen: 29
2a11:8700::/29 maxlen: 29
2a11:89c0::/29 maxlen: 29
2a11:9340::/29 maxlen: 29
2a11:9e00::/29 maxlen: 29
2a11:b200::/29 maxlen: 29
2a11:b740::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a11:efc0::/29 maxlen: 29
2a11:f040::/29 maxlen: 29
2a12:ba00::/29 maxlen: 29
2a12:dc00::/29 maxlen: 29
2a13:200::/29 maxlen: 29
2a13:cc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 06 Nov 2024 17:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:01:5a:65:1d:32:01:c8:e9:25:55:d5:2f:6f:30:1f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Nov 6 12:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccb2f55828ca5e1b9d64f929b6c0dec193af7315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:67:39:82:04:3c:da:8a:bb:8c:30:49:e8:34:
c8:dc:8d:ea:27:f3:0b:2e:ee:00:4d:42:8a:09:8c:
64:0a:23:db:b8:78:e9:84:96:b2:2c:1e:ce:d9:44:
d0:fd:0d:c1:71:68:38:ad:ad:a2:66:f6:af:4c:00:
25:74:a2:33:6a:96:5a:5c:e8:0f:43:bd:af:93:0a:
e3:e1:b5:c4:d9:4f:2e:b3:b3:0e:27:df:72:e8:f3:
bd:39:7e:9c:2e:d0:d5:26:5f:26:05:47:ec:28:6e:
36:8e:79:4b:25:de:b0:b4:fc:14:54:b0:87:7c:d8:
8e:0f:4b:b7:72:2c:6f:08:5f:e5:12:c8:91:2b:39:
d1:a0:80:a0:f9:75:c9:61:26:01:d1:f8:75:92:0e:
45:9e:a0:81:94:41:e1:a3:54:8a:d4:e9:bf:2a:6b:
b6:3f:f1:f4:74:d5:44:4e:71:6d:ed:96:8c:18:eb:
7d:33:ae:51:64:69:34:d6:ee:41:16:ef:86:3a:75:
40:bc:63:61:fa:3c:26:fe:89:61:0e:15:ca:fc:14:
32:f4:a9:8a:e2:68:32:ea:c0:bf:c9:2e:14:80:1e:
d9:b1:d6:46:9e:95:77:85:56:41:34:db:23:09:87:
ab:fc:66:e0:e4:e4:f6:6c:e7:5e:a3:64:20:af:3f:
e7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B2:F5:58:28:CA:5E:1B:9D:64:F9:29:B6:C0:DE:C1:93:AF:73:15
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zLL1WCjKXhudZPkptsDewZOvcxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b300::/29
2a06:dfc0::/29
2a07:a300::/29
2a0e:5800::/29
2a0f:1740::/29
2a0f:19c0::/29
2a0f:1ac0::/29
2a0f:e740::/29
2a10:30c0::/29
2a10:33c0::/29
2a10:3840::/29
2a10:5c00::/29
2a10:6400::/29
2a10:7700::/29
2a10:7b00::/29
2a11:1200::/29
2a11:1880::/29
2a11:5c80::/29
2a11:8700::/29
2a11:89c0::/29
2a11:9340::/29
2a11:9e00::/29
2a11:b200::/29
2a11:b740::/29
2a11:e580::/29
2a11:efc0::/29
2a11:f040::/29
2a12:ba00::/29
2a12:dc00::/29
2a13:200::/29
2a13:cc0::/29
Signature Algorithm: sha256WithRSAEncryption
cd:07:1c:69:46:71:f5:17:3b:9c:60:a7:4e:97:11:52:05:4a:
a7:f3:19:e8:eb:72:b7:fd:92:9b:fb:15:7e:b0:c6:8e:d7:54:
b2:0c:15:94:e3:41:de:c5:7b:e7:42:3c:90:a4:06:d0:10:79:
da:13:fa:56:66:ee:de:b6:b0:08:2b:4c:29:ff:35:70:ac:c0:
33:2b:3d:ef:76:62:6b:20:7f:c7:e5:99:6c:84:1a:b5:53:23:
19:9f:44:38:ca:da:29:05:b5:c4:3f:fc:44:8e:cd:58:19:f6:
05:85:d3:57:c8:e3:35:57:ee:e3:fc:72:11:64:72:c9:db:f8:
0f:1f:11:f4:7b:98:c6:cb:c2:96:03:ca:c3:d3:59:ab:00:83:
e0:bb:9a:f1:45:9b:8a:e0:b9:a1:56:08:cf:55:9c:d4:fa:aa:
d6:d6:6f:d4:cf:c8:c3:32:fc:50:6e:b2:a3:2f:28:1e:5e:9c:
4b:1d:e1:86:51:fe:8e:e5:0d:aa:15:06:2f:8c:3d:a5:35:b5:
e1:d9:64:ea:b6:b0:5d:e5:fb:fb:d8:d8:00:43:53:c9:50:2e:
05:46:eb:6b:3e:e0:69:b3:90:b1:2e:14:c3:8a:33:82:bc:7e:
1d:7f:f0:0c:30:03:29:21:bb:cf:f8:47:e7:7d:e1:af:58:65:
4c:af:f1:e7
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAZMBWmUdMgHI6SVV1S9vMB/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMTA2MTIwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2IyZjU1ODI4Y2E1ZTFiOWQ2NGY5MjliNmMwZGVjMTkzYWY3MzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGc5ggQ82oq7jDBJ6DTI3I3qJ/ML
Lu4ATUKKCYxkCiPbuHjphJayLB7O2UTQ/Q3BcWg4ra2iZvavTAAldKIzapZaXOgP
Q72vkwrj4bXE2U8us7MOJ99y6PO9OX6cLtDVJl8mBUfsKG42jnlLJd6wtPwUVLCH
fNiOD0u3cixvCF/lEsiRKznRoICg+XXJYSYB0fh1kg5FnqCBlEHho1SK1Om/Kmu2
P/H0dNVETnFt7ZaMGOt9M65RZGk01u5BFu+GOnVAvGNh+jwm/olhDhXK/BQy9KmK
4mgy6sC/yS4UgB7ZsdZGnpV3hVZBNNsjCYer/Gbg5OT2bOdeo2Qgrz/nxQIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFMyy9Vgoyl4bnWT5KbbA3sGTr3MVMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvekxMMVdDaktYaHVkWlBrcHRzRGV3Wk92Y3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zCB4AQCAAIwgdkDBQMq
BbMAAwUDKgbfwAMFAyoHowADBQMqDlgAAwUDKg8XQAMFAyoPGcADBQMqDxrAAwUD
Kg/nQAMFAyoQMMADBQMqEDPAAwUDKhA4QAMFAyoQXAADBQMqEGQAAwUDKhB3AAMF
AyoQewADBQMqERIAAwUDKhEYgAMFAyoRXIADBQMqEYcAAwUDKhGJwAMFAyoRk0AD
BQMqEZ4AAwUDKhGyAAMFAyoRt0ADBQMqEeWAAwUDKhHvwAMFAyoR8EADBQMqEroA
AwUDKhLcAAMFAyoTAgADBQMqEwzAMA0GCSqGSIb3DQEBCwUAA4IBAQDNBxxpRnH1
FzucYKdOlxFSBUqn8xno63K3/ZKb+xV+sMaO11SyDBWU40HexXvnQjyQpAbQEHna
E/pWZu7etrAIK0wp/zVwrMAzKz3vdmJrIH/H5ZlshBq1UyMZn0Q4ytopBbXEP/xE
js1YGfYFhdNXyOM1V+7j/HIRZHLJ2/gPHxH0e5jGy8KWA8rD01mrAIPgu5rxRZuK
4LmhVgjPVZzU+qrW1m/Uz8jDMvxQbrKjLygeXpxLHeGGUf6O5Q2qFQYvjD2lNbXh
2WTqtrBd5fv72NgAQ1PJUC4FRutrPuBps5CxLhTDijOCvH4df/AMMAMpIbvP+Efn
feGvWGVMr/Hn
-----END CERTIFICATE-----
Generated at Sun May 11 12:16:03 2025 by rpki-client