Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DxNAubzwjQgqTVnY1tvWFVC2CPc.roa
File: DxNAubzwjQgqTVnY1tvWFVC2CPc.roa (raw, json)
Hash identifier: ARZ5duJ7eezg+QILX1dJZkdEvWJw+EBTMh3lg+7/bLE=
Subject key identifier: 0F:13:40:B9:BC:F0:8D:08:2A:4D:59:D8:D6:DB:D6:15:50:B6:08:F7
Certificate issuer: /CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Certificate serial: 01915607D58BC5352A954BDF2A028E47B0BE
Authority key identifier: FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DxNAubzwjQgqTVnY1tvWFVC2CPc.roa
Signing time: Thu 15 Aug 2024 12:33:59 +0000
ROA not before: Thu 15 Aug 2024 12:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43641
IP address blocks: 31.42.176.0/23 maxlen: 24
37.16.75.0/24 maxlen: 24
91.202.4.0/23 maxlen: 24
2a11:6100::/32 maxlen: 32
2a11:6101::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:56:07:d5:8b:c5:35:2a:95:4b:df:2a:02:8e:47:b0:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff7d8a79bad4f983d0c49895af50ea8a03ebc70d
Validity
Not Before: Aug 15 12:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f1340b9bcf08d082a4d59d8d6dbd61550b608f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d2:18:47:ef:c5:3e:7d:3e:5f:c4:76:ba:f8:
5e:cb:1b:1a:f2:c7:c2:f0:1e:c8:6f:09:02:bb:94:
d3:64:3f:82:c0:6f:16:b2:c1:ae:e4:c2:fe:cd:3b:
bb:f1:df:bf:69:80:bc:cd:c5:43:da:ae:6c:4b:d7:
74:37:a8:0e:95:1b:e0:b5:ae:60:ec:78:20:62:7d:
74:06:09:ca:c9:c0:13:4a:a6:c8:09:90:37:65:4a:
12:46:6e:0e:e5:37:1d:ca:67:1e:ef:40:95:33:2e:
e8:ca:1f:db:75:f5:62:14:e8:b6:9e:5a:48:3b:ff:
04:b6:28:6c:b7:6f:40:95:ba:16:80:cf:d4:af:ff:
2f:07:fc:30:05:e5:e1:51:7b:20:8c:4f:c3:05:4a:
60:21:43:24:d3:2c:7a:20:73:e7:d9:fe:61:7e:10:
f6:00:26:53:b9:e8:de:fb:2d:46:20:e6:ca:f6:c7:
a3:e0:8a:f9:cc:b0:b0:a5:2b:f7:8a:8b:e0:1d:90:
c4:c8:a3:3d:d6:a0:fc:9d:c5:c8:7c:3c:0c:fd:33:
ac:9b:25:4f:6c:d3:22:e5:84:a4:6b:4b:f4:4a:f6:
a0:68:7f:6b:e5:33:16:fc:21:8d:9f:0d:ae:59:2a:
23:f5:ab:43:71:96:06:c5:24:d2:86:7a:4d:75:8f:
6a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:13:40:B9:BC:F0:8D:08:2A:4D:59:D8:D6:DB:D6:15:50:B6:08:F7
X509v3 Authority Key Identifier:
keyid:FF:7D:8A:79:BA:D4:F9:83:D0:C4:98:95:AF:50:EA:8A:03:EB:C7:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_32KebrU-YPQxJiVr1DqigPrxw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/DxNAubzwjQgqTVnY1tvWFVC2CPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4424ef-68aa-4b70-b2cc-0873e3994d0e/1/_32KebrU-YPQxJiVr1DqigPrxw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.176.0/23
37.16.75.0/24
91.202.4.0/23
IPv6:
2a11:6100::/31
Signature Algorithm: sha256WithRSAEncryption
73:65:ed:6e:0c:7c:0f:c9:b9:3d:6b:87:52:48:39:5e:e6:84:
17:4e:9b:44:91:9a:25:d8:77:95:a1:04:4c:f3:4c:06:bd:86:
a0:76:0f:a9:ad:a6:46:a5:81:68:95:77:f8:85:a8:fc:8c:84:
03:04:77:14:cc:70:e9:81:0b:ed:49:23:46:93:ec:04:a5:c2:
55:48:56:f3:ca:51:5f:cd:1d:c2:64:06:86:9a:db:84:37:a8:
82:8b:19:43:4a:34:38:0f:77:60:55:93:b5:c1:65:4b:68:a6:
2c:35:de:48:7e:ac:86:b0:65:6f:6f:97:17:4e:fb:05:ee:96:
99:dc:9a:8e:00:c9:15:6d:bf:d7:2c:3f:05:1a:84:6d:c1:6a:
5e:7c:50:ca:99:33:ea:cc:f3:8e:cd:7a:e6:8e:f4:1f:16:d7:
56:48:83:27:1d:7c:a0:f5:68:44:bc:e6:32:95:a4:58:82:86:
b4:d8:2f:ef:bc:14:08:08:cd:98:61:18:05:93:33:41:d9:4c:
d2:a6:42:ae:4a:cf:e6:56:58:8f:c2:42:1b:8a:91:c5:a2:59:
f8:2c:70:4e:cc:85:f8:c7:0a:a0:49:33:6a:70:72:83:2c:5e:
cf:d5:5c:e1:d9:cb:ba:f9:ec:0d:34:3b:66:09:e2:b0:00:a2:
15:34:e6:a8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZFWB9WLxTUqlUvfKgKOR7C+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmN2Q4YTc5YmFkNGY5ODNkMGM0OTg5NWFmNTBlYThhMDNl
YmM3MGQwHhcNMjQwODE1MTIzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjEzNDBiOWJjZjA4ZDA4MmE0ZDU5ZDhkNmRiZDYxNTUwYjYwOGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstIYR+/FPn0+X8R2uvheyxsa8sfC
8B7IbwkCu5TTZD+CwG8WssGu5ML+zTu78d+/aYC8zcVD2q5sS9d0N6gOlRvgta5g
7HggYn10BgnKycATSqbICZA3ZUoSRm4O5Tcdymce70CVMy7oyh/bdfViFOi2nlpI
O/8Etihst29AlboWgM/Ur/8vB/wwBeXhUXsgjE/DBUpgIUMk0yx6IHPn2f5hfhD2
ACZTueje+y1GIObK9sej4Ir5zLCwpSv3iovgHZDEyKM91qD8ncXIfDwM/TOsmyVP
bNMi5YSka0v0SvagaH9r5TMW/CGNnw2uWSoj9atDcZYGxSTShnpNdY9qOQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA8TQLm88I0IKk1Z2Nbb1hVQtgj3MB8GA1UdIwQY
MBaAFP99inm61PmD0MSYla9Q6ooD68cNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2Mt
MDg3M2UzOTk0ZDBlLzEvRHhOQXViendqUWdxVFZuWTF0dldGVkMyQ1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80NDI0ZWYtNjhhYS00YjcwLWIyY2MtMDg3M2UzOTk0ZDBl
LzEvXzMyS2ViclUtWVBReEppVnIxRHFpZ1ByeHcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBHyqwAwQA
JRBLAwQBW8oEMA0EAgACMAcDBQEqEWEAMA0GCSqGSIb3DQEBCwUAA4IBAQBzZe1u
DHwPybk9a4dSSDle5oQXTptEkZol2HeVoQRM80wGvYagdg+praZGpYFolXf4haj8
jIQDBHcUzHDpgQvtSSNGk+wEpcJVSFbzylFfzR3CZAaGmtuEN6iCixlDSjQ4D3dg
VZO1wWVLaKYsNd5IfqyGsGVvb5cXTvsF7paZ3JqOAMkVbb/XLD8FGoRtwWpefFDK
mTPqzPOOzXrmjvQfFtdWSIMnHXyg9WhEvOYylaRYgoa02C/vvBQICM2YYRgFkzNB
2UzSpkKuSs/mVliPwkIbipHFoln4LHBOzIX4xwqgSTNqcHKDLF7P1Vzh2cu6+ewN
NDtmCeKwAKIVNOao
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:19:44 2025 by rpki-client