Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/diMFzEjGn6hdeVv4ZGEbWc_NFxw.roa
File: diMFzEjGn6hdeVv4ZGEbWc_NFxw.roa (raw, json)
Hash identifier: WKrZjoOye1Ku+QEnvKGqVKP9fosfuTSuqVqddlj9L/M=
Subject key identifier: 76:23:05:CC:48:C6:9F:A8:5D:79:5B:F8:64:61:1B:59:CF:CD:17:1C
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01941179242BCFA64D02A71A247652FCE0CB
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/diMFzEjGn6hdeVv4ZGEbWc_NFxw.roa
Signing time: Sun 29 Dec 2024 08:12:19 +0000
ROA not before: Sun 29 Dec 2024 08:12:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:ac00::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:11:79:24:2b:cf:a6:4d:02:a7:1a:24:76:52:fc:e0:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Dec 29 08:12:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=762305cc48c69fa85d795bf864611b59cfcd171c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c9:fa:9e:2f:2a:69:ac:67:e5:12:08:05:5b:
68:5a:58:c7:34:7b:b8:33:2c:e2:ae:e7:f4:92:ec:
5e:b5:00:d6:c0:74:6c:b9:82:c9:fb:ad:84:c7:49:
5f:03:cd:91:e4:6d:a5:4a:86:20:cb:e8:84:c8:d7:
c9:7e:02:e5:0d:fa:10:ad:cd:64:54:83:be:62:7e:
cc:3c:83:a6:74:74:f4:05:6b:a6:b7:72:0a:bd:2e:
91:f3:3a:ae:81:0e:a8:ba:a4:be:ca:56:f1:04:b3:
e8:8e:9c:7d:e0:2b:75:de:d7:1c:d6:83:04:c1:20:
1d:01:b9:63:26:1c:d6:9d:aa:72:0f:60:d9:ab:17:
f9:65:1b:5e:3b:58:f0:ec:0b:30:2e:b4:06:ed:53:
f9:44:22:94:a8:7e:b9:5a:8c:28:76:03:3b:5f:e0:
70:aa:5e:1e:80:b2:e7:3a:e7:47:20:83:4d:ed:0d:
f6:5e:e5:65:77:4c:5d:37:88:12:35:9f:6f:1c:f7:
57:1b:6e:8a:7c:8b:5f:bf:8b:82:fe:8b:9a:86:c1:
db:b1:c3:37:14:a1:05:86:7c:c3:9b:f5:25:92:bc:
bc:61:1f:55:91:89:cc:3c:b1:5e:bb:18:5a:2a:f5:
22:1e:d0:c4:eb:2a:6d:5d:db:b4:81:d8:11:05:58:
4f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:23:05:CC:48:C6:9F:A8:5D:79:5B:F8:64:61:1B:59:CF:CD:17:1C
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/diMFzEjGn6hdeVv4ZGEbWc_NFxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:ac00::/29
2a13:c240::/29
Signature Algorithm: sha256WithRSAEncryption
db:2a:e4:9b:14:9a:96:8e:ad:4e:96:28:46:b4:67:a4:83:bb:
d3:56:91:d3:6a:04:a9:e1:40:46:b6:40:ef:55:65:8a:95:2b:
25:6e:fc:6b:ab:e2:5c:0b:04:d6:82:b4:b7:46:9f:42:38:e6:
dd:ef:5e:ac:e2:17:7b:57:ee:2c:0f:00:a2:24:79:c2:93:ce:
6d:05:78:bc:f7:27:5f:22:d7:6d:05:1a:e7:17:aa:8f:79:7f:
78:6c:b9:05:94:79:d9:d4:ee:14:6a:07:2e:d5:7b:db:b4:b9:
4d:2f:da:a3:da:9e:57:7f:67:ee:6d:a7:6c:cc:08:71:42:04:
32:ad:f1:25:d1:ec:06:45:fb:19:0d:60:b3:76:19:c2:ae:41:
8b:26:58:ab:a8:5e:92:f4:50:ea:73:af:73:ff:4b:04:23:1c:
c9:86:c0:a1:72:eb:da:7e:46:76:67:c8:5a:dc:eb:97:8d:eb:
a7:de:08:de:ab:42:3d:7c:d5:ea:2d:1c:a7:fa:04:04:1d:9a:
65:28:cc:c4:18:e1:e7:13:69:93:05:46:89:35:a5:b3:3d:0a:
64:79:5a:e9:0a:38:5f:ee:2c:12:57:f7:6d:3d:1b:fe:73:dd:
08:1a:db:7c:ac:55:f8:af:7e:55:38:e1:99:d4:78:10:00:45:
a3:15:59:e1
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQReSQrz6ZNAqcaJHZS/ODLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQxMjI5MDgxMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjIzMDVjYzQ4YzY5ZmE4NWQ3OTViZjg2NDYxMWI1OWNmY2QxNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcn6ni8qaaxn5RIIBVtoWljHNHu4
Myziruf0kuxetQDWwHRsuYLJ+62Ex0lfA82R5G2lSoYgy+iEyNfJfgLlDfoQrc1k
VIO+Yn7MPIOmdHT0BWumt3IKvS6R8zqugQ6ouqS+ylbxBLPojpx94Ct13tcc1oME
wSAdAbljJhzWnapyD2DZqxf5ZRteO1jw7AswLrQG7VP5RCKUqH65WowodgM7X+Bw
ql4egLLnOudHIINN7Q32XuVld0xdN4gSNZ9vHPdXG26KfItfv4uC/ouahsHbscM3
FKEFhnzDm/Ulkry8YR9VkYnMPLFeuxhaKvUiHtDE6yptXdu0gdgRBVhPpwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHYjBcxIxp+oXXlb+GRhG1nPzRccMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvZGlNRnpFakduNmhkZVZ2NFpHRWJXY19ORnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgusAAMF
AyoTwkAwDQYJKoZIhvcNAQELBQADggEBANsq5JsUmpaOrU6WKEa0Z6SDu9NWkdNq
BKnhQEa2QO9VZYqVKyVu/Gur4lwLBNaCtLdGn0I45t3vXqziF3tX7iwPAKIkecKT
zm0FeLz3J18i120FGucXqo95f3hsuQWUednU7hRqBy7Ve9u0uU0v2qPanld/Z+5t
p2zMCHFCBDKt8SXR7AZF+xkNYLN2GcKuQYsmWKuoXpL0UOpzr3P/SwQjHMmGwKFy
69p+RnZnyFrc65eN66feCN6rQj181eotHKf6BAQdmmUozMQY4ecTaZMFRok1pbM9
CmR5WukKOF/uLBJX9209G/5z3Qga23ysVfivflU44ZnUeBAARaMVWeE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:12:25 2025 by rpki-client