Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/dhv_gGXUg3pozXCVsLrvWIVrND4.roa
File: dhv_gGXUg3pozXCVsLrvWIVrND4.roa (raw, json)
Hash identifier: q3NvraPqRsnmbAv+1k0UzphbJGT4Wye7KlycOEJFHeU=
Subject key identifier: 76:1B:FF:80:65:D4:83:7A:68:CD:70:95:B0:BA:EF:58:85:6B:34:3E
Certificate issuer: /CN=3a839936aeeff288678e772633020fa259bd9cf2
Certificate serial: 018D2914E4BAAD6548C963EE47C58E398EA6
Authority key identifier: 3A:83:99:36:AE:EF:F2:88:67:8E:77:26:33:02:0F:A2:59:BD:9C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/dhv_gGXUg3pozXCVsLrvWIVrND4.roa
Signing time: Sat 20 Jan 2024 22:54:11 +0000
ROA not before: Sat 20 Jan 2024 22:54:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215769
IP address blocks: 2a12:ff04:7000::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:29:14:e4:ba:ad:65:48:c9:63:ee:47:c5:8e:39:8e:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a839936aeeff288678e772633020fa259bd9cf2
Validity
Not Before: Jan 20 22:54:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=761bff8065d4837a68cd7095b0baef58856b343e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c2:31:1e:7e:43:82:cd:f3:f3:21:98:88:9e:
2f:43:6c:42:99:ba:a6:86:ab:9f:be:15:90:e0:f2:
88:e3:ed:9b:dc:b7:15:0f:3b:18:f2:d8:52:b4:2a:
56:84:0a:c3:60:94:cc:f5:da:fe:8c:3c:b3:0c:05:
eb:4c:3d:bf:9d:75:6c:75:08:c7:d5:eb:9a:f6:40:
1c:4a:0c:de:22:4b:16:d8:16:9c:01:90:8d:51:02:
ee:bb:05:6f:8a:a5:75:cb:1d:b4:52:8a:d3:10:b4:
24:2c:c2:a2:46:67:cb:1b:88:38:78:e2:be:b1:19:
01:9a:76:23:db:c2:5b:be:bf:97:8f:84:d0:b7:6e:
ed:a5:07:c6:6e:14:5d:a6:1d:1e:58:63:4e:58:ec:
e5:38:53:31:2b:38:a3:6b:ce:02:d2:45:b4:f1:42:
d0:32:a8:5d:ff:3e:96:80:e8:c1:6c:8d:80:2e:9e:
41:46:e9:ea:b1:2b:e9:ab:37:12:f7:72:2e:75:e8:
e8:59:7e:b7:a8:9c:8d:6d:d6:8b:23:2c:9e:aa:d0:
f2:8f:be:be:7b:bf:e1:95:d5:53:eb:42:57:11:b1:
a5:81:f5:32:05:0b:cd:46:0f:5a:b9:f5:94:80:15:
ae:f4:9c:c9:b2:11:19:a0:d2:e0:e8:68:08:1d:5a:
0d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1B:FF:80:65:D4:83:7A:68:CD:70:95:B0:BA:EF:58:85:6B:34:3E
X509v3 Authority Key Identifier:
keyid:3A:83:99:36:AE:EF:F2:88:67:8E:77:26:33:02:0F:A2:59:BD:9C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoOZNq7v8ohnjncmMwIPolm9nPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/dhv_gGXUg3pozXCVsLrvWIVrND4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/5c6745-768e-4d61-b604-835f4e37283c/1/OoOZNq7v8ohnjncmMwIPolm9nPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:ff04:7000::/44
Signature Algorithm: sha256WithRSAEncryption
5b:29:0f:92:9c:57:a3:66:9b:9b:82:b6:aa:3b:17:ee:eb:cb:
2e:69:ef:ec:9c:e6:a9:a8:88:30:ae:33:9d:d2:15:ab:f4:f2:
63:1f:77:0c:16:48:dd:5a:5a:a0:9f:08:88:52:b7:53:e6:22:
14:8b:97:fd:4e:9b:8c:29:4b:44:77:38:8c:bb:08:95:aa:21:
35:6f:79:a4:53:9f:df:3f:ed:ee:c5:a8:83:38:57:43:36:63:
94:ff:67:ec:12:fb:14:e8:d1:66:1b:a8:54:84:9d:64:9b:44:
d3:cd:38:a4:58:89:49:08:10:8a:89:5b:a4:be:87:3f:ef:17:
fe:3f:02:f5:b7:1f:0d:a4:63:34:63:d9:3b:4d:4f:87:62:d7:
03:83:db:ef:0d:2b:b1:ee:db:50:67:18:33:d6:3f:3d:e2:43:
c6:fc:3a:99:1f:ca:4e:e1:52:22:10:ed:a1:a8:49:6f:00:87:
17:b0:22:57:67:88:4c:14:03:b0:a0:d1:6c:3e:fa:9d:c6:a9:
97:8a:cb:28:dd:b1:2f:95:b6:cb:de:89:f6:58:65:22:3f:f9:
82:13:62:c8:18:d4:03:d2:f4:ce:55:a0:ce:59:c6:65:3c:ed:
1c:40:a3:f8:1a:75:7a:bb:9e:4d:bb:69:88:d6:8f:c8:ab:a0:
35:38:c5:52
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY0pFOS6rWVIyWPuR8WOOY6mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhODM5OTM2YWVlZmYyODg2NzhlNzcyNjMzMDIwZmEyNTli
ZDljZjIwHhcNMjQwMTIwMjI1NDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjFiZmY4MDY1ZDQ4MzdhNjhjZDcwOTViMGJhZWY1ODg1NmIzNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8IxHn5Dgs3z8yGYiJ4vQ2xCmbqm
hqufvhWQ4PKI4+2b3LcVDzsY8thStCpWhArDYJTM9dr+jDyzDAXrTD2/nXVsdQjH
1eua9kAcSgzeIksW2BacAZCNUQLuuwVviqV1yx20UorTELQkLMKiRmfLG4g4eOK+
sRkBmnYj28Jbvr+Xj4TQt27tpQfGbhRdph0eWGNOWOzlOFMxKzija84C0kW08ULQ
Mqhd/z6WgOjBbI2ALp5BRunqsSvpqzcS93IudejoWX63qJyNbdaLIyyeqtDyj76+
e7/hldVT60JXEbGlgfUyBQvNRg9aufWUgBWu9JzJshEZoNLg6GgIHVoNUQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHYb/4Bl1IN6aM1wlbC671iFazQ+MB8GA1UdIwQY
MBaAFDqDmTau7/KIZ453JjMCD6JZvZzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81YzY3NDUtNzY4ZS00ZDYxLWI2MDQt
ODM1ZjRlMzcyODNjLzEvZGh2X2dHWFVnM3BvelhDVnNMcnZXSVZyTkQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81YzY3NDUtNzY4ZS00ZDYxLWI2MDQtODM1ZjRlMzcyODNj
LzEvT29PWk5xN3Y4b2huam5jbU13SVBvbG05blBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhL/BHAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbKQ+SnFejZpubgraqOxfu68suae/snOapqIgw
rjOd0hWr9PJjH3cMFkjdWlqgnwiIUrdT5iIUi5f9TpuMKUtEdziMuwiVqiE1b3mk
U5/fP+3uxaiDOFdDNmOU/2fsEvsU6NFmG6hUhJ1km0TTzTikWIlJCBCKiVukvoc/
7xf+PwL1tx8NpGM0Y9k7TU+HYtcDg9vvDSux7ttQZxgz1j894kPG/DqZH8pO4VIi
EO2hqElvAIcXsCJXZ4hMFAOwoNFsPvqdxqmXisso3bEvlbbL3on2WGUiP/mCE2LI
GNQD0vTOVaDOWcZlPO0cQKP4GnV6u55Nu2mI1o/Iq6A1OMVS
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:48:50 2025 by rpki-client