Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/DVNNjKaVyA3n086ONdWL9xrA_Ag.roa
File: DVNNjKaVyA3n086ONdWL9xrA_Ag.roa (raw, json)
Hash identifier: QWQdY6HwYW/2i+5APHmV6XV2MQxeyZbBgPDWsi2ajZk=
Subject key identifier: 0D:53:4D:8C:A6:95:C8:0D:E7:D3:CE:8E:35:D5:8B:F7:1A:C0:FC:08
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01923F6DBAC3E86F69FFDCC7BBA64AC8B8D8
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/DVNNjKaVyA3n086ONdWL9xrA_Ag.roa
Signing time: Sun 29 Sep 2024 20:16:48 +0000
ROA not before: Sun 29 Sep 2024 20:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2a05:9a40::/29 maxlen: 29
2a13:b9c0::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a14:1100::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 22 Oct 2024 05:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:3f:6d:ba:c3:e8:6f:69:ff:dc:c7:bb:a6:4a:c8:b8:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Sep 29 20:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d534d8ca695c80de7d3ce8e35d58bf71ac0fc08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d2:7b:43:da:07:80:5e:93:e8:32:4e:8f:f6:
77:b4:8e:80:88:d6:32:c8:fa:3e:0e:40:66:93:92:
7a:ab:63:8a:73:fa:41:3b:67:42:9d:3b:2a:eb:d5:
2e:26:01:d9:cf:56:80:9d:57:a1:a0:a0:0a:9d:ef:
b4:53:e9:3c:b1:00:46:11:51:b4:c6:e1:f8:cc:32:
31:c9:4d:85:d2:cb:f3:a5:a3:49:ff:0b:d7:2c:67:
64:0f:1b:d9:4c:40:62:f4:f1:de:25:b1:10:72:1a:
7e:c3:3d:4d:6c:ea:54:a8:02:18:28:8d:9e:0f:52:
52:ab:f4:93:dc:4d:cf:6e:7f:cb:51:a4:5c:8d:68:
85:a9:53:fe:d8:eb:d4:04:cc:28:1f:8a:ee:a1:82:
06:27:9d:52:fc:33:34:bc:59:48:97:18:3e:f1:df:
dd:a4:a4:c7:90:71:05:f5:bc:c5:6b:92:88:b9:9e:
dd:38:3e:01:89:e3:a7:c3:7b:21:4b:95:2f:39:94:
df:d0:63:5a:dd:9b:cd:f4:9f:50:70:c7:11:4d:7e:
7d:fb:06:8d:24:6c:dc:34:51:8e:b9:fd:90:96:a1:
bf:b9:56:56:06:be:34:52:80:28:36:bc:9e:7b:76:
fd:c5:5b:13:cc:95:65:e6:95:7d:6a:ea:e3:2b:07:
9f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:53:4D:8C:A6:95:C8:0D:E7:D3:CE:8E:35:D5:8B:F7:1A:C0:FC:08
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/DVNNjKaVyA3n086ONdWL9xrA_Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a13:b9c0::/29
2a13:bb40::/29
2a14:1100::/29
Signature Algorithm: sha256WithRSAEncryption
15:41:c8:c9:d1:cf:66:ad:0b:64:c8:84:90:69:18:8b:74:4b:
af:29:b6:9c:cf:85:42:92:28:b9:73:6d:96:3c:a9:50:ab:7d:
f4:3d:de:50:52:bb:b3:70:d0:e8:f9:1b:be:8d:42:1d:36:6e:
d0:b8:1d:12:d9:2b:a9:45:cf:b5:8f:30:e3:0f:de:15:8e:92:
ed:3e:d8:54:b6:86:cd:d5:a1:8e:ec:fe:be:e7:1d:20:94:ab:
fa:89:eb:9e:ea:7b:0d:65:d3:b0:ca:c0:41:45:1c:f4:b6:7f:
fe:ab:76:6e:9d:ba:e9:91:e3:31:3e:5e:a3:3a:29:8b:1f:93:
b5:82:ae:c1:91:2a:dd:20:c1:b9:a8:6c:cd:02:e3:f9:b3:82:
ae:f1:b0:a7:05:4c:8f:f0:f4:13:8f:26:e8:f6:79:ee:f8:c2:
87:7a:34:ba:d9:b5:24:76:2d:7e:d7:bc:8b:95:d4:25:1a:60:
db:20:cc:32:62:88:2e:db:fb:cb:0c:3e:95:26:94:bb:29:51:
12:f6:4d:9b:cf:74:64:5e:ec:01:5e:4b:eb:f2:b8:9a:c1:ed:
42:d7:78:5e:a9:bc:55:9c:5f:6a:fb:9d:74:9a:0d:26:3c:95:
d2:98:1c:e7:76:1f:6f:26:c3:c0:26:6c:b0:69:66:90:d7:e5:
39:f2:f3:ed
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZI/bbrD6G9p/9zHu6ZKyLjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwOTI5MjAxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDUzNGQ4Y2E2OTVjODBkZTdkM2NlOGUzNWQ1OGJmNzFhYzBmYzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNJ7Q9oHgF6T6DJOj/Z3tI6AiNYy
yPo+DkBmk5J6q2OKc/pBO2dCnTsq69UuJgHZz1aAnVehoKAKne+0U+k8sQBGEVG0
xuH4zDIxyU2F0svzpaNJ/wvXLGdkDxvZTEBi9PHeJbEQchp+wz1NbOpUqAIYKI2e
D1JSq/ST3E3Pbn/LUaRcjWiFqVP+2OvUBMwoH4ruoYIGJ51S/DM0vFlIlxg+8d/d
pKTHkHEF9bzFa5KIuZ7dOD4BieOnw3shS5UvOZTf0GNa3ZvN9J9QcMcRTX59+waN
JGzcNFGOuf2QlqG/uVZWBr40UoAoNryee3b9xVsTzJVl5pV9aurjKwefyQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFA1TTYymlcgN59POjjXVi/cawPwIMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvRFZOTmpLYVZ5QTNuMDg2T05kV0w5eHJBX0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgWaQAMF
AyoTucADBQMqE7tAAwUDKhQRADANBgkqhkiG9w0BAQsFAAOCAQEAFUHIydHPZq0L
ZMiEkGkYi3RLrym2nM+FQpIouXNtljypUKt99D3eUFK7s3DQ6Pkbvo1CHTZu0Lgd
EtkrqUXPtY8w4w/eFY6S7T7YVLaGzdWhjuz+vucdIJSr+onrnup7DWXTsMrAQUUc
9LZ//qt2bp266ZHjMT5eozopix+TtYKuwZEq3SDBuahszQLj+bOCrvGwpwVMj/D0
E48m6PZ57vjCh3o0utm1JHYtfte8i5XUJRpg2yDMMmKILtv7yww+lSaUuylREvZN
m890ZF7sAV5L6/K4msHtQtd4Xqm8VZxfavuddJoNJjyV0pgc53YfbybDwCZssGlm
kNflOfLz7Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:41 2025 by rpki-client