Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dGQXctdzgi5lTGkbQYj7j-ED70k.roa
File: dGQXctdzgi5lTGkbQYj7j-ED70k.roa (raw, json)
Hash identifier: p8wV9BCBeoh3p5XVAKI7ZBwbJgh4G2kQj54D+o/UvEs=
Subject key identifier: 74:64:17:72:D7:73:82:2E:65:4C:69:1B:41:88:FB:8F:E1:03:EF:49
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01955F8EF7CD1F7FF2D6D25E7FFBC81C0CD2
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dGQXctdzgi5lTGkbQYj7j-ED70k.roa
Signing time: Tue 04 Mar 2025 05:09:19 +0000
ROA not before: Tue 04 Mar 2025 05:09:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 92.62.253.0/24 maxlen: 24
92.62.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Mar 2025 04:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5f:8e:f7:cd:1f:7f:f2:d6:d2:5e:7f:fb:c8:1c:0c:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 4 05:09:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74641772d773822e654c691b4188fb8fe103ef49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6f:6d:ba:da:90:6a:c1:78:44:e2:52:ae:88:
b1:70:59:6d:c6:62:48:20:33:8c:b5:50:ab:e4:95:
f1:ba:a3:86:46:b1:51:7a:a1:7d:95:74:f9:b6:01:
6c:bb:87:6e:b3:25:5e:eb:fb:c6:84:65:fc:a4:49:
6d:17:9d:66:9c:82:73:81:94:02:6f:67:f4:99:3e:
bf:c1:99:e8:bc:fe:b9:a0:ca:e6:ca:39:1b:ba:84:
04:7d:51:22:3e:ba:99:89:e6:da:fc:72:26:42:dd:
50:bb:6e:fd:53:8d:98:fe:56:31:6f:e2:f6:ef:fe:
04:a3:91:44:1d:19:23:2b:f0:4b:01:be:6b:75:74:
dd:ba:a0:3d:8f:ff:bf:03:ba:7e:bc:fc:42:a0:5b:
2f:68:79:3d:55:b6:6b:bf:f2:46:29:e0:26:dc:fe:
73:bd:a8:75:dd:c3:ce:e0:6b:81:b3:3b:f2:6b:06:
db:58:b7:c1:4f:d1:65:4e:a2:92:32:16:5c:ac:c2:
74:b1:02:f4:5a:49:d9:9a:59:1c:95:79:ec:da:45:
f8:26:c1:18:62:98:5d:f7:47:b8:70:96:63:a2:a7:
bb:b1:a1:f9:68:46:57:06:03:9e:86:f8:80:57:2d:
78:ca:c6:24:2a:5c:89:fb:19:81:2f:39:17:5b:39:
42:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:64:17:72:D7:73:82:2E:65:4C:69:1B:41:88:FB:8F:E1:03:EF:49
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/dGQXctdzgi5lTGkbQYj7j-ED70k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.253.0/24
92.62.255.0/24
Signature Algorithm: sha256WithRSAEncryption
88:15:24:1c:78:65:44:19:40:6a:bb:c4:27:e0:91:cf:c2:b9:
70:06:84:bc:64:04:4a:72:5e:e9:c5:6e:46:85:9a:4d:23:37:
f4:80:73:e8:75:e5:d4:f4:7c:ef:bd:e6:5f:41:82:4f:3c:a8:
29:de:c7:9c:e7:fd:12:f2:41:cd:18:0a:09:e2:18:f9:8d:3a:
4c:30:e1:40:fa:89:44:90:fe:7d:f4:b1:81:99:78:b4:56:eb:
e3:4e:14:97:d0:8c:f3:00:23:48:10:4c:de:33:49:e5:cb:49:
69:91:7e:8b:66:f9:0f:e8:21:2c:e3:01:69:fa:68:91:98:7e:
ea:df:d6:d0:a9:c0:90:44:d8:b0:9a:56:cb:9c:8f:2a:1c:a5:
2b:eb:4e:35:bd:9e:98:11:35:6f:4f:32:ce:b0:c3:1b:09:19:
8c:c4:37:53:d9:77:38:81:d8:67:bb:2c:bb:38:63:4a:95:84:
19:92:c8:4e:55:e9:e6:be:eb:9a:05:ed:a6:ab:3b:c2:d6:af:
a9:44:72:b2:26:da:d5:55:46:ed:72:a3:0d:d5:a5:eb:29:d8:
c7:22:25:84:9f:5f:e7:39:b2:87:61:70:36:1d:c0:8b:19:f6:
90:26:7f:e8:42:74:25:0e:d2:a7:02:7b:60:2d:0c:5c:5b:25:
a4:43:27:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVfjvfNH3/y1tJef/vIHAzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzA0MDUwOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDY0MTc3MmQ3NzM4MjJlNjU0YzY5MWI0MTg4ZmI4ZmUxMDNlZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1G9tutqQasF4ROJSroixcFltxmJI
IDOMtVCr5JXxuqOGRrFReqF9lXT5tgFsu4dusyVe6/vGhGX8pEltF51mnIJzgZQC
b2f0mT6/wZnovP65oMrmyjkbuoQEfVEiPrqZieba/HImQt1Qu279U42Y/lYxb+L2
7/4Eo5FEHRkjK/BLAb5rdXTduqA9j/+/A7p+vPxCoFsvaHk9VbZrv/JGKeAm3P5z
vah13cPO4GuBszvyawbbWLfBT9FlTqKSMhZcrMJ0sQL0WknZmlkclXns2kX4JsEY
Yphd90e4cJZjoqe7saH5aEZXBgOehviAVy14ysYkKlyJ+xmBLzkXWzlCEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHRkF3LXc4IuZUxpG0GI+4/hA+9JMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvZEdRWGN0ZHpnaTVsVEdrYlFZajdqLUVENzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXD79AwQA
XD7/MA0GCSqGSIb3DQEBCwUAA4IBAQCIFSQceGVEGUBqu8Qn4JHPwrlwBoS8ZARK
cl7pxW5GhZpNIzf0gHPodeXU9HzvveZfQYJPPKgp3sec5/0S8kHNGAoJ4hj5jTpM
MOFA+olEkP599LGBmXi0VuvjThSX0IzzACNIEEzeM0nly0lpkX6LZvkP6CEs4wFp
+miRmH7q39bQqcCQRNiwmlbLnI8qHKUr6041vZ6YETVvTzLOsMMbCRmMxDdT2Xc4
gdhnuyy7OGNKlYQZkshOVenmvuuaBe2mqzvC1q+pRHKyJtrVVUbtcqMN1aXrKdjH
IiWEn1/nObKHYXA2HcCLGfaQJn/oQnQlDtKnAntgLQxcWyWkQyd0
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:51:32 2025 by rpki-client