Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/439285-722a-42df-b185-303151d76ace/1/2dwHEVLrBEBjIPXXOI0IRLy0R_o.roa
File: 2dwHEVLrBEBjIPXXOI0IRLy0R_o.roa (raw, json)
Hash identifier: op57KXYeGanvbAJkANmv+To0XgV1wxsAW3TeWs1MM1c=
Subject key identifier: D9:DC:07:11:52:EB:04:40:63:20:F5:D7:38:8D:08:44:BC:B4:47:FA
Certificate issuer: /CN=5476c3ca780cc57744adbe90a0f394f1d1cd72f3
Certificate serial: 0193A8B34ACC662B8577AE7098DD43FBC433
Authority key identifier: 54:76:C3:CA:78:0C:C5:77:44:AD:BE:90:A0:F3:94:F1:D1:CD:72:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHbDyngMxXdErb6QoPOU8dHNcvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/439285-722a-42df-b185-303151d76ace/1/2dwHEVLrBEBjIPXXOI0IRLy0R_o.roa
Signing time: Sun 08 Dec 2024 23:55:42 +0000
ROA not before: Sun 08 Dec 2024 23:55:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13023
IP address blocks: 2a0b:2bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a8:b3:4a:cc:66:2b:85:77:ae:70:98:dd:43:fb:c4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5476c3ca780cc57744adbe90a0f394f1d1cd72f3
Validity
Not Before: Dec 8 23:55:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9dc071152eb04406320f5d7388d0844bcb447fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:73:ee:45:ab:35:01:a5:df:0f:05:2b:39:fa:
bb:55:df:a1:a9:0c:d8:aa:a9:1b:55:8a:0b:d1:6a:
4c:a8:0d:cd:93:e6:79:6a:3f:ac:07:46:41:05:f5:
95:f7:de:cc:8f:48:c9:00:d8:6f:bf:50:44:7b:c0:
8a:09:1b:25:3d:51:71:82:12:d0:d9:54:94:8e:eb:
28:8e:29:04:1e:4c:22:58:ed:b5:e1:25:7a:f7:ff:
57:fd:4e:fc:42:be:cc:9e:a8:1e:84:fb:cd:cd:48:
15:3f:cd:a5:81:d6:8d:d7:fc:e0:16:3f:4f:81:42:
6e:c5:15:3e:bb:76:29:8e:cf:62:eb:00:bc:a8:ca:
0d:d8:38:76:c7:75:47:a7:c0:60:ff:54:9a:90:d2:
dc:d3:4b:15:47:0a:2e:45:43:e5:46:36:5b:b0:c2:
46:59:c2:fd:3a:bd:f4:c4:db:89:76:12:54:c7:ad:
3b:67:b2:16:67:2b:e5:0f:73:de:88:c6:8c:95:96:
16:09:09:13:76:56:e3:bc:1d:a2:b2:55:4f:5b:f1:
6d:57:98:c1:ef:c2:f2:cd:ef:32:94:78:cd:85:ac:
a5:09:45:c8:58:d3:5c:71:90:4d:06:8f:2a:67:9b:
10:5e:b2:98:1b:e6:cb:d3:08:b2:2c:58:ae:f6:ba:
58:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DC:07:11:52:EB:04:40:63:20:F5:D7:38:8D:08:44:BC:B4:47:FA
X509v3 Authority Key Identifier:
keyid:54:76:C3:CA:78:0C:C5:77:44:AD:BE:90:A0:F3:94:F1:D1:CD:72:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHbDyngMxXdErb6QoPOU8dHNcvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/439285-722a-42df-b185-303151d76ace/1/2dwHEVLrBEBjIPXXOI0IRLy0R_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/439285-722a-42df-b185-303151d76ace/1/VHbDyngMxXdErb6QoPOU8dHNcvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:2bc0::/29
Signature Algorithm: sha256WithRSAEncryption
3b:ae:e1:45:9e:dc:f3:25:4f:33:7e:43:76:3d:10:5c:57:84:
cb:da:dd:f5:8c:a8:06:55:7c:7d:fd:d8:70:01:9c:58:b4:8f:
0a:73:10:72:e6:17:1d:02:7d:3d:d1:e7:eb:af:25:d1:71:89:
44:4c:a6:c6:88:54:9c:99:04:0b:c0:8e:84:0a:c6:06:12:15:
bc:d1:4c:f1:fb:2f:23:0a:ea:82:52:cf:1f:88:de:70:a8:0c:
90:59:6e:c5:59:8e:81:89:cd:aa:68:ef:ca:1f:30:8c:5f:82:
43:33:f4:75:d6:3d:66:3c:ce:9e:d9:a5:7d:60:e1:46:33:77:
57:c1:3e:a9:92:96:83:37:f8:cc:64:ef:e3:52:83:c1:a4:0a:
51:93:58:e3:dc:1d:a4:0c:e3:50:81:6e:00:52:b9:e7:ca:c7:
8b:f3:b0:7a:21:58:39:76:ad:8a:66:dc:49:fb:32:c2:e5:59:
d6:78:c2:66:d5:e0:d3:85:a8:11:d2:f2:71:7b:4c:96:70:11:
c0:8f:5d:c4:e6:15:94:f8:58:88:24:2b:3f:eb:5f:19:6c:e7:
2c:53:7e:4e:25:a2:09:5a:56:32:4b:f5:02:50:65:e8:d6:50:
a4:c7:5d:10:8b:99:a1:50:96:93:6c:65:1c:a2:29:24:0a:1f:
7e:a2:3f:2f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOos0rMZiuFd65wmN1D+8QzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzZjM2NhNzgwY2M1Nzc0NGFkYmU5MGEwZjM5NGYxZDFj
ZDcyZjMwHhcNMjQxMjA4MjM1NTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWRjMDcxMTUyZWIwNDQwNjMyMGY1ZDczODhkMDg0NGJjYjQ0N2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3PuRas1AaXfDwUrOfq7Vd+hqQzY
qqkbVYoL0WpMqA3Nk+Z5aj+sB0ZBBfWV997Mj0jJANhvv1BEe8CKCRslPVFxghLQ
2VSUjusojikEHkwiWO214SV69/9X/U78Qr7MnqgehPvNzUgVP82lgdaN1/zgFj9P
gUJuxRU+u3Ypjs9i6wC8qMoN2Dh2x3VHp8Bg/1SakNLc00sVRwouRUPlRjZbsMJG
WcL9Or30xNuJdhJUx607Z7IWZyvlD3PeiMaMlZYWCQkTdlbjvB2islVPW/FtV5jB
78Lyze8ylHjNhaylCUXIWNNccZBNBo8qZ5sQXrKYG+bL0wiyLFiu9rpYFQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNncBxFS6wRAYyD11ziNCES8tEf6MB8GA1UdIwQY
MBaAFFR2w8p4DMV3RK2+kKDzlPHRzXLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhiRHluZ014WGRFcmI2UW9QT1U4ZEhOY3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi80MzkyODUtNzIyYS00MmRmLWIxODUt
MzAzMTUxZDc2YWNlLzEvMmR3SEVWTHJCRUJqSVBYWE9JMElSTHkwUl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi80MzkyODUtNzIyYS00MmRmLWIxODUtMzAzMTUxZDc2YWNl
LzEvVkhiRHluZ014WGRFcmI2UW9QT1U4ZEhOY3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgsrwDAN
BgkqhkiG9w0BAQsFAAOCAQEAO67hRZ7c8yVPM35Ddj0QXFeEy9rd9YyoBlV8ff3Y
cAGcWLSPCnMQcuYXHQJ9PdHn668l0XGJREymxohUnJkEC8COhArGBhIVvNFM8fsv
IwrqglLPH4jecKgMkFluxVmOgYnNqmjvyh8wjF+CQzP0ddY9ZjzOntmlfWDhRjN3
V8E+qZKWgzf4zGTv41KDwaQKUZNY49wdpAzjUIFuAFK558rHi/OweiFYOXatimbc
SfsywuVZ1njCZtXg04WoEdLycXtMlnARwI9dxOYVlPhYiCQrP+tfGWznLFN+TiWi
CVpWMkv1AlBl6NZQpMddEIuZoVCWk2xlHKIpJAoffqI/Lw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:07:52 2025 by rpki-client