Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/DHl5VG0TArCMdK3S1PJeyE7v4-4.roa
File: DHl5VG0TArCMdK3S1PJeyE7v4-4.roa (raw, json)
Hash identifier: gTOr2Vr4HSHvdISuJ5EmK0d2g1jbDuZnJcbyERERSUs=
Subject key identifier: 0C:79:79:54:6D:13:02:B0:8C:74:AD:D2:D4:F2:5E:C8:4E:EF:E3:EE
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 018DD624BE000CCF3FA1B2B6A38FE9A26651
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/DHl5VG0TArCMdK3S1PJeyE7v4-4.roa
Signing time: Fri 23 Feb 2024 13:25:48 +0000
ROA not before: Fri 23 Feb 2024 13:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40065
IP address blocks: 2.56.255.0/24 maxlen: 24
2.59.151.0/24 maxlen: 24
5.181.219.0/24 maxlen: 24
31.40.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 14:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:24:be:00:0c:cf:3f:a1:b2:b6:a3:8f:e9:a2:66:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Feb 23 13:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c7979546d1302b08c74add2d4f25ec84eefe3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8b:e9:34:b5:5f:ef:3f:a7:8b:0b:a8:b9:91:
9d:50:cb:7f:2d:1d:ee:65:77:bb:53:af:1f:4b:04:
4a:84:ee:85:56:80:47:cd:63:5c:49:b7:af:2a:9c:
81:47:fe:70:70:3d:1d:4d:21:88:57:98:43:40:9f:
3b:f7:f7:53:94:1c:19:6c:ae:44:2b:af:3d:eb:ed:
7f:b1:45:6e:c0:59:1f:87:7e:6d:0d:d8:ab:07:44:
b7:0b:1a:e0:5f:9a:91:5b:06:61:0e:7f:37:96:38:
77:b1:55:56:59:d9:8c:32:db:d4:38:4c:fc:c5:2c:
cd:e0:00:a9:90:34:07:4c:b5:57:9b:1b:80:b9:2f:
b0:b1:ac:87:34:32:d3:12:c2:8e:fc:b6:2c:c4:04:
29:da:78:f4:e0:d1:ec:7f:d3:ef:ca:3c:34:aa:70:
de:45:67:70:68:fa:1a:9f:ec:d7:b4:5c:54:2d:ae:
ee:13:e0:7b:2a:05:c7:1a:38:44:bb:8c:9a:df:df:
0b:73:5b:ae:ce:78:a0:7f:36:e6:db:a3:26:93:3d:
65:12:b6:60:fe:22:3a:0a:07:89:79:38:bb:28:38:
02:6b:7b:c6:d8:79:b6:d4:c5:53:e2:06:ce:dc:81:
2d:7a:b9:eb:cb:dc:53:dd:fe:0e:60:32:8a:07:c9:
27:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:79:79:54:6D:13:02:B0:8C:74:AD:D2:D4:F2:5E:C8:4E:EF:E3:EE
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/DHl5VG0TArCMdK3S1PJeyE7v4-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.255.0/24
2.59.151.0/24
5.181.219.0/24
31.40.214.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ad:33:4c:0e:37:64:1b:54:7a:e6:65:fc:b7:7d:e1:dd:fd:
ed:c5:7d:91:a8:f2:b9:f8:77:25:fe:15:22:57:2c:86:b7:85:
29:64:4e:a4:46:ce:84:33:1b:e3:c8:1d:b1:28:4d:80:e7:40:
1b:e3:1c:ef:b1:fa:8b:04:ca:53:38:0d:c1:21:fc:39:77:f4:
e7:79:7b:93:8b:94:e0:21:26:44:00:f1:77:46:0a:1d:7a:32:
5b:9e:0b:02:e5:d9:e9:f1:99:87:b4:aa:f6:d8:f6:9b:39:25:
ae:f6:e0:10:e9:bc:53:ab:c5:9c:f4:34:85:a4:ea:9f:60:70:
b4:5c:e3:d4:ea:01:80:51:12:c2:90:16:16:41:51:e3:28:a6:
58:90:9f:1c:61:c6:4d:c7:4e:c6:71:50:0a:d3:b3:7a:7c:ef:
f1:6b:08:e6:56:9e:f0:29:6c:29:86:5b:a4:b8:f7:19:a8:75:
fc:aa:88:59:fa:35:cd:8a:43:19:75:b2:73:b1:20:9b:0d:e4:
0c:57:9c:79:80:27:12:16:f5:b7:7b:c6:1e:15:0d:38:29:d2:
3e:0f:1f:47:e7:a0:81:ce:a2:df:1a:cd:e5:d5:f5:9e:3f:63:
84:75:81:9c:c9:8a:a1:3f:6a:14:c3:ea:1b:9b:55:66:bd:51:
ab:f9:87:8f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3WJL4ADM8/obK2o4/pomZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQwMjIzMTMyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzc5Nzk1NDZkMTMwMmIwOGM3NGFkZDJkNGYyNWVjODRlZWZlM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYvpNLVf7z+niwuouZGdUMt/LR3u
ZXe7U68fSwRKhO6FVoBHzWNcSbevKpyBR/5wcD0dTSGIV5hDQJ879/dTlBwZbK5E
K6896+1/sUVuwFkfh35tDdirB0S3CxrgX5qRWwZhDn83ljh3sVVWWdmMMtvUOEz8
xSzN4ACpkDQHTLVXmxuAuS+wsayHNDLTEsKO/LYsxAQp2nj04NHsf9Pvyjw0qnDe
RWdwaPoan+zXtFxULa7uE+B7KgXHGjhEu4ya398Lc1uuznigfzbm26Mmkz1lErZg
/iI6CgeJeTi7KDgCa3vG2Hm21MVT4gbO3IEternry9xT3f4OYDKKB8knDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAx5eVRtEwKwjHSt0tTyXshO7+PuMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvREhsNVZHMFRBckNNZEszUzFQSmV5RTd2NC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjj/AwQA
AjuXAwQABbXbAwQAHyjWMA0GCSqGSIb3DQEBCwUAA4IBAQAtrTNMDjdkG1R65mX8
t33h3f3txX2RqPK5+Hcl/hUiVyyGt4UpZE6kRs6EMxvjyB2xKE2A50Ab4xzvsfqL
BMpTOA3BIfw5d/TneXuTi5TgISZEAPF3RgodejJbngsC5dnp8ZmHtKr22PabOSWu
9uAQ6bxTq8Wc9DSFpOqfYHC0XOPU6gGAURLCkBYWQVHjKKZYkJ8cYcZNx07GcVAK
07N6fO/xawjmVp7wKWwphlukuPcZqHX8qohZ+jXNikMZdbJzsSCbDeQMV5x5gCcS
FvW3e8YeFQ04KdI+Dx9H56CBzqLfGs3l1fWeP2OEdYGcyYqhP2oUw+obm1VmvVGr
+YeP
-----END CERTIFICATE-----
Generated at Thu Apr 17 03:46:40 2025 by rpki-client