Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/2KdtsH5mYfkke7WWFX1m4Xak9Bs.roa
File: 2KdtsH5mYfkke7WWFX1m4Xak9Bs.roa (raw, json)
Hash identifier: 4xbO3yLbMZEMAoelGakY38dRQW1kv0N/Xsv5ywIk84g=
Subject key identifier: D8:A7:6D:B0:7E:66:61:F9:24:7B:B5:96:15:7D:66:E1:76:A4:F4:1B
Certificate issuer: /CN=107807c2518915138f555123605c0133dfdbb4fa
Certificate serial: 018CC5DC29BC0F7922FEC42E2614C4E34F3A
Authority key identifier: 10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/2KdtsH5mYfkke7WWFX1m4Xak9Bs.roa
Signing time: Mon 01 Jan 2024 16:29:49 +0000
ROA not before: Mon 01 Jan 2024 16:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 132.71.0.0/16 maxlen: 16
132.70.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:29:bc:0f:79:22:fe:c4:2e:26:14:c4:e3:4f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107807c2518915138f555123605c0133dfdbb4fa
Validity
Not Before: Jan 1 16:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8a76db07e6661f9247bb596157d66e176a4f41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0e:53:77:2c:1e:46:28:e8:d0:d2:49:3a:fb:
a8:21:f7:ee:4d:7d:2c:2d:6c:d9:ad:53:b5:ae:41:
f0:35:4d:b5:87:51:fa:42:8a:12:36:10:72:ee:f2:
36:44:7a:4f:f4:23:80:6a:f9:71:d7:95:7b:34:e4:
49:05:3d:50:07:bb:43:f5:7e:17:83:65:2e:1e:eb:
4c:89:c8:0a:9f:40:85:ae:a6:33:af:4e:8c:33:ea:
0f:e1:2b:2e:5d:33:88:49:a3:f7:b5:0f:51:c5:b9:
81:66:1a:08:d2:b5:bc:a5:12:80:04:ed:2f:c7:17:
27:94:df:a7:f6:05:c1:d6:a8:a1:25:e9:d3:41:a9:
93:b8:25:1c:f1:81:8f:1a:fa:82:8d:a8:f8:42:e2:
6b:06:80:23:51:74:ec:a5:cc:cb:c1:5d:18:ec:dc:
14:a8:0e:e7:e4:2d:22:95:81:12:59:6d:31:32:81:
2d:42:30:97:27:62:0a:8e:4b:c0:ee:db:73:52:40:
5e:64:22:13:69:13:fe:49:f2:72:fc:33:83:f6:71:
56:75:cc:0e:53:48:a7:3f:94:ed:8c:6d:7c:71:d2:
f4:dc:62:d2:96:53:47:75:c8:a0:cf:b0:97:e7:d0:
fc:08:53:ca:07:f3:92:f8:a1:ec:d9:d7:87:fc:22:
79:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A7:6D:B0:7E:66:61:F9:24:7B:B5:96:15:7D:66:E1:76:A4:F4:1B
X509v3 Authority Key Identifier:
keyid:10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/2KdtsH5mYfkke7WWFX1m4Xak9Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.70.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1f:bf:dd:6d:6e:fe:02:c5:1e:2d:f6:8c:35:89:5f:5f:9a:7e:
bd:43:fb:05:e0:aa:c9:e9:0e:f6:f8:ca:f7:24:f4:09:2f:91:
6d:99:f1:f1:7c:90:e2:ce:33:38:d2:b1:ed:72:1f:13:0c:09:
0c:0c:92:eb:b1:03:08:12:50:90:74:2a:31:5b:08:0e:b8:0a:
05:ce:e1:8d:d8:ec:23:34:49:1e:2a:ee:21:4d:6e:59:36:89:
b8:c8:aa:7f:a2:20:cc:c9:f3:c9:07:be:d8:b8:34:6f:25:c5:
c6:83:cc:49:ad:fa:77:7a:44:92:83:77:ae:ee:cb:1e:7d:f3:
a5:96:3f:13:3a:f9:0a:bc:6c:80:b3:92:31:20:fa:f5:d7:7f:
85:2b:51:bf:08:90:3c:59:1f:bb:74:54:80:ec:f6:e7:ab:cb:
60:64:25:cb:f1:c8:42:ed:d8:33:fc:e1:10:9e:2c:5c:41:1b:
25:a1:1b:79:6d:a5:9d:75:c2:21:2e:94:85:6a:6e:19:4e:d2:
9d:c2:57:b1:82:3b:c6:9b:33:8d:69:8c:7c:21:ef:91:6b:19:
54:fc:83:73:68:44:a7:5a:85:08:d5:9e:97:08:65:e0:96:00:
f0:a9:dd:6b:91:fd:d9:0a:b2:e7:73:8f:84:8c:a7:63:8f:e0:
38:70:10:b2
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzF3Cm8D3ki/sQuJhTE4086MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzgwN2MyNTE4OTE1MTM4ZjU1NTEyMzYwNWMwMTMzZGZk
YmI0ZmEwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE3NmRiMDdlNjY2MWY5MjQ3YmI1OTYxNTdkNjZlMTc2YTRmNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApA5TdyweRijo0NJJOvuoIffuTX0s
LWzZrVO1rkHwNU21h1H6QooSNhBy7vI2RHpP9COAavlx15V7NORJBT1QB7tD9X4X
g2UuHutMicgKn0CFrqYzr06MM+oP4SsuXTOISaP3tQ9RxbmBZhoI0rW8pRKABO0v
xxcnlN+n9gXB1qihJenTQamTuCUc8YGPGvqCjaj4QuJrBoAjUXTspczLwV0Y7NwU
qA7n5C0ilYESWW0xMoEtQjCXJ2IKjkvA7ttzUkBeZCITaRP+SfJy/DOD9nFWdcwO
U0inP5TtjG18cdL03GLSllNHdcigz7CX59D8CFPKB/OS+KHs2deH/CJ5RQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNinbbB+ZmH5JHu1lhV9ZuF2pPQbMB8GA1UdIwQY
MBaAFBB4B8JRiRUTj1VRI2BcATPf27T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTIt
ZjlhYzE1ZTY2Mzg2LzEvMktkdHNINW1ZZmtrZTdXV0ZYMW00WGFrOUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTItZjlhYzE1ZTY2Mzg2
LzEvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEYwDQYJ
KoZIhvcNAQELBQADggEBAB+/3W1u/gLFHi32jDWJX1+afr1D+wXgqsnpDvb4yvck
9AkvkW2Z8fF8kOLOMzjSse1yHxMMCQwMkuuxAwgSUJB0KjFbCA64CgXO4Y3Y7CM0
SR4q7iFNblk2ibjIqn+iIMzJ88kHvti4NG8lxcaDzEmt+nd6RJKDd67uyx5986WW
PxM6+Qq8bICzkjEg+vXXf4UrUb8IkDxZH7t0VIDs9uery2BkJcvxyELt2DP84RCe
LFxBGyWhG3ltpZ11wiEulIVqbhlO0p3CV7GCO8abM41pjHwh75FrGVT8g3NoRKda
hQjVnpcIZeCWAPCp3WuR/dkKsudzj4SMp2OP4DhwELI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:39 2025 by rpki-client