Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Dvs6PgRUOFtroIS1eZ8YjEOibd8.roa
File: Dvs6PgRUOFtroIS1eZ8YjEOibd8.roa (raw, json)
Hash identifier: LHdCFAVe3kLC+a4WHiYkzrqm7/Qm6Ys5ZERdXVUBuxo=
Subject key identifier: 0E:FB:3A:3E:04:54:38:5B:6B:A0:84:B5:79:9F:18:8C:43:A2:6D:DF
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018CC501549539199C5B4D6BA2D7D0F1131B
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Dvs6PgRUOFtroIS1eZ8YjEOibd8.roa
Signing time: Mon 01 Jan 2024 12:30:47 +0000
ROA not before: Mon 01 Jan 2024 12:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210625
IP address blocks: 2a10:2ec0::/29 maxlen: 36
2a0c:ab07:2000::/36 maxlen: 36
2a0c:ab07:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 09 Apr 2024 14:14:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:54:95:39:19:9c:5b:4d:6b:a2:d7:d0:f1:13:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jan 1 12:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0efb3a3e0454385b6ba084b5799f188c43a26ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2d:66:ae:ad:7f:e2:3d:09:ca:67:f6:55:e5:
53:96:a7:33:fb:77:f2:01:93:7d:79:c9:39:2c:24:
a8:e4:72:22:f7:64:fe:3e:df:1d:c7:20:31:60:e2:
23:ab:ec:ee:f8:73:d9:b5:e9:55:46:cb:1b:93:05:
24:ab:f3:b5:6a:5c:b7:40:f1:d9:5f:76:e8:09:6a:
ff:eb:a9:a2:c1:98:e5:22:63:fb:08:b0:7b:2c:d0:
44:4d:35:06:ce:57:98:33:3f:09:e1:37:2c:56:af:
26:b3:e0:13:87:b2:bc:7b:0c:bb:ad:4f:a8:f9:08:
70:51:ef:da:c1:94:72:1d:16:1d:f2:43:e9:d5:7a:
c9:3c:76:62:73:5e:cd:2a:5b:c4:4e:75:66:c2:89:
c0:f7:0e:a2:eb:e1:c9:c1:3d:16:b2:5e:79:15:28:
88:a8:57:82:b5:85:7f:73:9f:00:2f:af:0e:f7:74:
46:56:74:80:c7:9c:f7:9e:01:c3:a6:92:e9:85:e7:
a4:17:7c:dd:96:ce:ad:a1:68:61:a9:9b:05:1b:3a:
26:62:01:7a:1b:dc:aa:29:06:10:16:ff:c9:8e:ef:
b8:66:8b:0f:d9:5a:e4:51:74:da:6f:5e:7c:ef:ec:
e6:63:96:70:dc:61:dc:20:ca:0b:42:d9:1b:c8:71:
ac:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:FB:3A:3E:04:54:38:5B:6B:A0:84:B5:79:9F:18:8C:43:A2:6D:DF
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/Dvs6PgRUOFtroIS1eZ8YjEOibd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:ab07:2000::/36
2a0c:ab07:8000::/36
2a10:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
85:38:76:79:63:1d:27:a7:ee:a7:cb:46:d7:7d:8a:3e:9b:aa:
4b:7f:db:51:2f:28:72:2b:c6:f6:44:98:c8:69:cd:39:ca:64:
cb:b1:d8:75:5b:51:7d:b0:e1:ed:83:dd:a7:a4:c2:92:d3:32:
74:ae:11:05:de:2d:85:07:ea:9f:80:09:39:39:b7:d0:5c:00:
4c:26:e8:65:6c:12:38:4c:fb:96:dd:19:07:e9:03:e3:36:bc:
a3:2d:48:59:76:86:8a:da:e0:84:66:c5:1b:ac:9d:b4:04:89:
54:64:e2:8e:7e:57:2c:af:a2:82:66:ba:0c:05:78:91:97:91:
c1:4f:58:a7:2a:9a:b0:c4:f4:7e:b6:69:8b:1a:a4:64:56:7e:
05:74:4c:ea:ff:c2:78:cc:f5:8c:4c:15:15:38:84:c9:c0:9c:
f2:13:c4:8d:a4:b4:78:c2:b1:6d:34:66:46:78:f9:79:e5:2b:
c2:c5:ba:1b:f5:64:23:b5:e8:fe:9a:53:f2:2b:96:b4:98:d7:
b6:53:c1:22:33:06:1c:ba:f1:7b:46:07:90:97:ff:e1:99:52:
62:99:e4:e5:47:7d:58:19:36:ea:f6:62:f9:eb:2b:35:e7:f3:
64:e2:ed:70:0e:c4:28:2a:40:4f:be:53:a0:97:90:e0:e3:1d:
8d:8b:77:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFAVSVORmcW01rotfQ8RMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQwMTAxMTIzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWZiM2EzZTA0NTQzODViNmJhMDg0YjU3OTlmMTg4YzQzYTI2ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC1mrq1/4j0Jymf2VeVTlqcz+3fy
AZN9eck5LCSo5HIi92T+Pt8dxyAxYOIjq+zu+HPZtelVRssbkwUkq/O1aly3QPHZ
X3boCWr/66miwZjlImP7CLB7LNBETTUGzleYMz8J4TcsVq8ms+ATh7K8ewy7rU+o
+QhwUe/awZRyHRYd8kPp1XrJPHZic17NKlvETnVmwonA9w6i6+HJwT0Wsl55FSiI
qFeCtYV/c58AL68O93RGVnSAx5z3ngHDppLpheekF3zdls6toWhhqZsFGzomYgF6
G9yqKQYQFv/Jju+4ZosP2VrkUXTab1587+zmY5Zw3GHcIMoLQtkbyHGsEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA77Oj4EVDhba6CEtXmfGIxDom3fMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvRHZzNlBnUlVPRnRyb0lTMWVaOFlqRU9pYmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwYEKgyrByAD
BgQqDKsHgAMFAyoQLsAwDQYJKoZIhvcNAQELBQADggEBAIU4dnljHSen7qfLRtd9
ij6bqkt/21EvKHIrxvZEmMhpzTnKZMux2HVbUX2w4e2D3aekwpLTMnSuEQXeLYUH
6p+ACTk5t9BcAEwm6GVsEjhM+5bdGQfpA+M2vKMtSFl2hora4IRmxRusnbQEiVRk
4o5+VyyvooJmugwFeJGXkcFPWKcqmrDE9H62aYsapGRWfgV0TOr/wnjM9YxMFRU4
hMnAnPITxI2ktHjCsW00ZkZ4+XnlK8LFuhv1ZCO16P6aU/IrlrSY17ZTwSIzBhy6
8XtGB5CX/+GZUmKZ5OVHfVgZNur2YvnrKzXn82Ti7XAOxCgqQE++U6CXkODjHY2L
d2U=
-----END CERTIFICATE-----
Generated at Tue Apr 9 18:16:47 2024 by rpki-client on console-ams.rpki-client.org