Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/DRfFL3E49PlKiTZJ_j-L0M_Himc.roa
File: DRfFL3E49PlKiTZJ_j-L0M_Himc.roa (raw, json)
Hash identifier: 82O3Hx5GEO0L/kw+EVZTz12bKsMpvl09nnu9Q43CP8Q=
Subject key identifier: 0D:17:C5:2F:71:38:F4:F9:4A:89:36:49:FE:3F:8B:D0:CF:C7:8A:67
Certificate issuer: /CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Certificate serial: 01949DDB0E2E7E7EF3EDEBD94D86F205D4FC
Authority key identifier: EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/DRfFL3E49PlKiTZJ_j-L0M_Himc.roa
Signing time: Sat 25 Jan 2025 14:26:06 +0000
ROA not before: Sat 25 Jan 2025 14:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213579
IP address blocks: 2a14:47c0:e000::/40 maxlen: 40
2a14:47c0:e000::/48 maxlen: 48
2a14:47c0:e001::/48 maxlen: 48
2a14:47c0:e002::/48 maxlen: 48
2a14:47c0:e0ff::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 30 Jan 2025 22:47:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9d:db:0e:2e:7e:7e:f3:ed:eb:d9:4d:86:f2:05:d4:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef55459645979c413d0bc6f7454f0d36e40e99f9
Validity
Not Before: Jan 25 14:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d17c52f7138f4f94a893649fe3f8bd0cfc78a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:82:8d:fc:fa:d5:e8:dc:29:44:a1:70:28:e9:
7c:86:d5:d7:5a:9f:b4:d2:2f:28:59:ec:c3:6d:d7:
73:f2:76:15:58:93:e8:7f:69:f8:0f:4d:9f:73:af:
a3:7e:d6:db:7b:c0:5f:9b:81:ab:3c:ca:b3:cc:67:
c2:6b:58:b0:7d:ac:fe:eb:7a:c7:20:1b:c0:d4:d1:
e1:de:f7:ef:f3:31:ff:fc:5d:83:ba:7b:e7:e9:82:
42:1c:47:d8:ec:5f:21:76:e2:b9:00:bc:12:53:31:
52:79:50:a4:d7:f4:7e:4b:33:aa:34:e3:55:19:ad:
44:c9:5f:c7:99:07:27:5f:36:29:b9:92:5b:31:54:
96:14:8b:bd:a9:07:95:0c:13:2a:a6:31:c1:d1:e1:
94:40:00:90:6d:fa:1d:11:64:af:c3:68:38:26:7c:
f5:96:76:3f:19:65:7d:cf:89:93:b1:f5:36:e0:ae:
6f:e9:a9:91:4d:3f:8e:12:09:e2:08:06:13:5c:94:
d4:1c:20:2c:9c:9e:c0:93:1a:6b:66:a6:87:c2:f8:
90:47:87:34:b5:b0:33:94:91:3a:9f:3d:53:89:3d:
09:27:05:66:92:93:8e:3f:1d:5b:ba:e8:78:6a:c5:
d4:ff:ab:e8:99:2c:a5:36:52:55:17:49:ae:94:6f:
a1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:17:C5:2F:71:38:F4:F9:4A:89:36:49:FE:3F:8B:D0:CF:C7:8A:67
X509v3 Authority Key Identifier:
keyid:EF:55:45:96:45:97:9C:41:3D:0B:C6:F7:45:4F:0D:36:E4:0E:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71VFlkWXnEE9C8b3RU8NNuQOmfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/DRfFL3E49PlKiTZJ_j-L0M_Himc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/0512df-7d0c-463b-8724-82531e9c7804/1/71VFlkWXnEE9C8b3RU8NNuQOmfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:47c0:e000::/40
Signature Algorithm: sha256WithRSAEncryption
10:6c:95:0d:2d:3a:cb:60:c3:95:96:01:e0:eb:ff:90:fe:53:
60:60:7e:a8:10:84:a6:93:a2:1b:9e:98:af:26:d8:06:c0:44:
ff:cf:60:17:80:57:67:00:6e:47:8f:8a:fb:9e:32:3f:1a:00:
e5:2a:b6:fb:30:6b:7b:2d:23:a9:bb:af:8d:9b:52:c8:bd:85:
42:80:bf:d1:9e:07:8b:dd:9b:54:15:85:34:e5:4c:95:16:e3:
f4:21:a0:9d:74:d3:64:c5:15:6c:b2:d3:84:4b:34:49:ca:da:
49:c5:c3:1a:1c:25:e6:00:0c:85:40:a0:e5:18:37:3c:d5:42:
76:57:94:12:c9:9c:d3:85:e4:b8:d5:55:1c:cf:ab:29:17:6a:
8c:fd:85:2b:23:14:40:73:76:12:cf:ed:21:9a:98:16:fe:bf:
88:5d:59:ba:1f:98:cb:1d:74:bd:33:f3:55:57:d1:9e:80:55:
b2:7a:b5:f7:42:80:ef:93:5b:9c:da:19:2f:62:86:11:55:57:
ef:b6:36:a5:07:27:61:bb:ba:9d:5e:53:e9:b3:b6:72:87:83:
d9:48:a8:cf:6e:8a:0a:94:5b:bc:e2:c0:9a:b1:a5:61:81:47:
c5:4a:4f:82:1b:39:8c:07:2c:e8:c9:92:06:b4:7c:da:2d:00:
df:64:56:b2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZSd2w4ufn7z7evZTYbyBdT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTU0NTk2NDU5NzljNDEzZDBiYzZmNzQ1NGYwZDM2ZTQw
ZTk5ZjkwHhcNMjUwMTI1MTQyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE3YzUyZjcxMzhmNGY5NGE4OTM2NDlmZTNmOGJkMGNmYzc4YTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoKN/PrV6NwpRKFwKOl8htXXWp+0
0i8oWezDbddz8nYVWJPof2n4D02fc6+jftbbe8Bfm4GrPMqzzGfCa1iwfaz+63rH
IBvA1NHh3vfv8zH//F2Dunvn6YJCHEfY7F8hduK5ALwSUzFSeVCk1/R+SzOqNONV
Ga1EyV/HmQcnXzYpuZJbMVSWFIu9qQeVDBMqpjHB0eGUQACQbfodEWSvw2g4Jnz1
lnY/GWV9z4mTsfU24K5v6amRTT+OEgniCAYTXJTUHCAsnJ7AkxprZqaHwviQR4c0
tbAzlJE6nz1TiT0JJwVmkpOOPx1buuh4asXU/6vomSylNlJVF0mulG+hoQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFA0XxS9xOPT5Sok2Sf4/i9DPx4pnMB8GA1UdIwQY
MBaAFO9VRZZFl5xBPQvG90VPDTbkDpn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQt
ODI1MzFlOWM3ODA0LzEvRFJmRkwzRTQ5UGxLaVRaSl9qLUwwTV9IaW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wNTEyZGYtN2QwYy00NjNiLTg3MjQtODI1MzFlOWM3ODA0
LzEvNzFWRmxrV1huRUU5QzhiM1JVOE5OdVFPbWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhRHwOAw
DQYJKoZIhvcNAQELBQADggEBABBslQ0tOstgw5WWAeDr/5D+U2BgfqgQhKaTohue
mK8m2AbARP/PYBeAV2cAbkePivueMj8aAOUqtvswa3stI6m7r42bUsi9hUKAv9Ge
B4vdm1QVhTTlTJUW4/QhoJ1002TFFWyy04RLNEnK2knFwxocJeYADIVAoOUYNzzV
QnZXlBLJnNOF5LjVVRzPqykXaoz9hSsjFEBzdhLP7SGamBb+v4hdWbofmMsddL0z
81VX0Z6AVbJ6tfdCgO+TW5zaGS9ihhFVV++2NqUHJ2G7up1eU+mztnKHg9lIqM9u
igqUW7ziwJqxpWGBR8VKT4IbOYwHLOjJkga0fNotAN9kVrI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:38:41 2025 by rpki-client