Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/ivdNzlndtMrdYSfd0Di5N9TVpeg.roa
File: ivdNzlndtMrdYSfd0Di5N9TVpeg.roa (raw, json)
Hash identifier: 15AKmGprwaJPEYphVMpGE0LWvQhW3w2t5JNiTFeCLkc=
Subject key identifier: 8A:F7:4D:CE:59:DD:B4:CA:DD:61:27:DD:D0:38:B9:37:D4:D5:A5:E8
Certificate issuer: /CN=107807c2518915138f555123605c0133dfdbb4fa
Certificate serial: 018CC5DC296921B61A32996F8CBB2E941324
Authority key identifier: 10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/ivdNzlndtMrdYSfd0Di5N9TVpeg.roa
Signing time: Mon 01 Jan 2024 16:29:49 +0000
ROA not before: Mon 01 Jan 2024 16:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35280
IP address blocks: 132.71.0.0/16 maxlen: 16
132.70.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:29:69:21:b6:1a:32:99:6f:8c:bb:2e:94:13:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107807c2518915138f555123605c0133dfdbb4fa
Validity
Not Before: Jan 1 16:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8af74dce59ddb4cadd6127ddd038b937d4d5a5e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:79:3c:9f:2a:89:cc:44:ac:79:bc:f0:75:e8:
2e:8a:a8:fd:35:d2:ef:05:d8:7c:2b:63:cf:c9:12:
0c:44:40:d8:1f:48:ab:99:18:0e:e1:e2:7a:bd:08:
57:4b:5d:9a:9c:ca:34:3f:9e:61:f5:ee:fa:4b:35:
ee:75:6c:87:5a:26:ab:b3:59:10:c5:6a:fb:2d:ca:
eb:5f:0e:6b:e8:41:b4:5f:67:d7:16:44:e2:40:99:
3b:6e:5f:75:a1:ad:ae:60:55:51:f3:95:0f:e0:5e:
ee:b0:b2:ee:7a:45:d2:0a:fd:ca:03:2d:d0:31:68:
26:d6:97:b7:61:20:b4:ef:ea:5f:45:dd:22:ac:2e:
73:ab:08:08:7d:26:c5:e8:d0:9e:75:85:9c:d9:05:
07:38:dd:e8:eb:7d:7e:60:e1:a7:4a:ab:c7:6d:c3:
cf:4a:71:a7:16:f3:7f:c5:09:c7:b0:95:02:5c:b2:
80:51:11:84:d5:81:4a:f3:fc:ec:b4:f9:d3:51:38:
52:84:96:56:a0:cb:c7:4d:40:2c:5a:af:6e:45:56:
32:8b:b5:10:47:45:3b:a1:4a:85:6e:a6:32:b7:12:
4c:78:3e:58:54:ae:46:db:e0:f4:90:c4:f9:5f:34:
69:03:06:3a:c6:f5:41:6f:2a:fc:36:4e:80:05:10:
3a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F7:4D:CE:59:DD:B4:CA:DD:61:27:DD:D0:38:B9:37:D4:D5:A5:E8
X509v3 Authority Key Identifier:
keyid:10:78:07:C2:51:89:15:13:8F:55:51:23:60:5C:01:33:DF:DB:B4:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHgHwlGJFROPVVEjYFwBM9_btPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/ivdNzlndtMrdYSfd0Di5N9TVpeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/2860a4-3b94-4274-a3a2-f9ac15e66386/1/EHgHwlGJFROPVVEjYFwBM9_btPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.70.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9c:8c:f5:cf:86:b6:98:64:ca:59:c7:43:1e:96:43:10:72:27:
b9:76:f5:94:5a:46:28:3a:d9:da:43:9e:c0:60:28:c7:9b:60:
e9:78:20:b6:38:74:1b:8c:d0:28:79:fc:fa:ae:be:16:91:40:
bb:bb:83:92:21:77:d9:ae:fd:c2:0e:d0:1c:f1:40:0b:96:9a:
30:a5:5b:0c:ab:12:7f:c6:ca:25:55:ea:bd:83:98:32:53:50:
31:dd:17:72:fc:2c:2a:9f:c9:94:e4:e7:37:d9:29:40:65:50:
3d:5f:e4:08:db:2a:b4:9f:a4:ed:b0:de:88:dc:8b:76:f9:ea:
46:59:28:69:fd:75:59:3c:59:f7:8e:92:9e:80:d5:bf:bc:6a:
0b:97:0c:14:33:93:0e:49:36:f6:7d:f0:14:ec:d8:b1:ba:b3:
ca:7f:39:39:b3:aa:5e:45:df:1f:05:a0:ed:28:e2:92:42:7e:
7d:18:aa:87:63:1b:61:88:aa:84:98:70:d5:86:fe:cf:a4:77:
09:a2:46:81:cd:73:31:37:73:0b:18:36:e5:86:c0:d6:ec:6c:
60:af:13:33:21:a7:8b:39:fa:c4:29:42:91:14:af:9f:99:87:
21:f9:78:36:b7:25:6f:40:6c:75:34:02:d9:44:cb:c6:3a:8f:
c7:91:0d:6b
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzF3ClpIbYaMplvjLsulBMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzgwN2MyNTE4OTE1MTM4ZjU1NTEyMzYwNWMwMTMzZGZk
YmI0ZmEwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWY3NGRjZTU5ZGRiNGNhZGQ2MTI3ZGRkMDM4YjkzN2Q0ZDVhNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHk8nyqJzESsebzwdeguiqj9NdLv
Bdh8K2PPyRIMREDYH0irmRgO4eJ6vQhXS12anMo0P55h9e76SzXudWyHWiars1kQ
xWr7LcrrXw5r6EG0X2fXFkTiQJk7bl91oa2uYFVR85UP4F7usLLuekXSCv3KAy3Q
MWgm1pe3YSC07+pfRd0irC5zqwgIfSbF6NCedYWc2QUHON3o631+YOGnSqvHbcPP
SnGnFvN/xQnHsJUCXLKAURGE1YFK8/zstPnTUThShJZWoMvHTUAsWq9uRVYyi7UQ
R0U7oUqFbqYytxJMeD5YVK5G2+D0kMT5XzRpAwY6xvVBbyr8Nk6ABRA6WwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIr3Tc5Z3bTK3WEn3dA4uTfU1aXoMB8GA1UdIwQY
MBaAFBB4B8JRiRUTj1VRI2BcATPf27T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTIt
ZjlhYzE1ZTY2Mzg2LzEvaXZkTnpsbmR0TXJkWVNmZDBEaTVOOVRWcGVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8yODYwYTQtM2I5NC00Mjc0LWEzYTItZjlhYzE1ZTY2Mzg2
LzEvRUhnSHdsR0pGUk9QVlZFallGd0JNOV9idFBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEYwDQYJ
KoZIhvcNAQELBQADggEBAJyM9c+GtphkylnHQx6WQxByJ7l29ZRaRig62dpDnsBg
KMebYOl4ILY4dBuM0Ch5/PquvhaRQLu7g5Ihd9mu/cIO0BzxQAuWmjClWwyrEn/G
yiVV6r2DmDJTUDHdF3L8LCqfyZTk5zfZKUBlUD1f5AjbKrSfpO2w3ojci3b56kZZ
KGn9dVk8WfeOkp6A1b+8aguXDBQzkw5JNvZ98BTs2LG6s8p/OTmzql5F3x8FoO0o
4pJCfn0YqodjG2GIqoSYcNWG/s+kdwmiRoHNczE3cwsYNuWGwNbsbGCvEzMhp4s5
+sQpQpEUr5+ZhyH5eDa3JW9AbHU0AtlEy8Y6j8eRDWs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:49:25 2025 by rpki-client