Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/9521e1-7610-4d43-8683-51be2f9608bc/1/1--J-aDX9EtDyy-hA2ZDvy6M_XsI.roa
File: 1--J-aDX9EtDyy-hA2ZDvy6M_XsI.roa (raw, json)
Hash identifier: IVDaHXJhmYU9iV7/nuRkpyQQ+Gn1pHtZmJgw3VTYaWQ=
Subject key identifier: FB:E2:7E:68:35:FD:12:D0:F2:CB:E8:40:D9:90:EF:CB:A3:3F:5E:C2
Certificate issuer: /CN=dbc7840920d1c709ff299aed3682c23fb432767d
Certificate serial: 018CC5013DD7AE8F889CD5CADA98DFDC2434
Authority key identifier: DB:C7:84:09:20:D1:C7:09:FF:29:9A:ED:36:82:C2:3F:B4:32:76:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28eECSDRxwn_KZrtNoLCP7Qydn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/9521e1-7610-4d43-8683-51be2f9608bc/1/1--J-aDX9EtDyy-hA2ZDvy6M_XsI.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209588
IP address blocks: 141.98.82.0/24 maxlen: 24
141.98.83.0/24 maxlen: 24
2a10:9107:f000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3d:d7:ae:8f:88:9c:d5:ca:da:98:df:dc:24:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc7840920d1c709ff299aed3682c23fb432767d
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbe27e6835fd12d0f2cbe840d990efcba33f5ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c0:78:83:e7:03:05:06:bf:5e:ee:90:b4:82:
79:e1:00:8e:15:a3:e2:7a:89:9f:c4:c8:0b:63:32:
75:9c:af:c6:95:8e:d0:52:50:70:8c:c2:27:af:b7:
4c:84:ab:6b:91:25:89:80:31:d0:57:52:7e:e7:03:
43:9f:b7:d7:2b:66:90:f2:ef:e4:68:b0:7d:57:b0:
02:a3:0b:6b:22:bc:8f:51:ca:cd:75:5b:03:62:6a:
0f:dd:a4:fb:53:ea:b8:81:38:4a:1d:e3:79:4d:43:
f2:e7:e6:8c:5f:4e:e7:f6:78:ca:a7:a8:23:a2:bf:
5d:0c:36:9b:3b:d8:e9:ca:19:be:b4:e4:0a:e2:80:
99:5e:b5:59:50:af:55:a9:54:97:58:71:4a:10:e4:
74:9b:20:ad:62:91:7b:27:26:f7:ed:f4:6f:5f:13:
7a:9f:62:d2:ec:6b:37:e9:39:c4:77:2a:40:2c:31:
84:6f:3a:85:8a:e5:8d:a7:49:f0:65:05:b9:13:70:
67:68:15:f2:ff:cc:38:12:dc:81:82:84:cc:3f:11:
9a:c1:09:30:a4:0c:69:5c:a8:c6:6d:1a:2e:5d:6c:
a9:c6:9f:5f:d0:3a:17:75:f0:1d:aa:24:56:03:1c:
ae:c2:50:28:9e:d6:fb:b9:55:87:5b:4a:85:c1:4d:
b4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E2:7E:68:35:FD:12:D0:F2:CB:E8:40:D9:90:EF:CB:A3:3F:5E:C2
X509v3 Authority Key Identifier:
keyid:DB:C7:84:09:20:D1:C7:09:FF:29:9A:ED:36:82:C2:3F:B4:32:76:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28eECSDRxwn_KZrtNoLCP7Qydn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/9521e1-7610-4d43-8683-51be2f9608bc/1/1--J-aDX9EtDyy-hA2ZDvy6M_XsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/9521e1-7610-4d43-8683-51be2f9608bc/1/28eECSDRxwn_KZrtNoLCP7Qydn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.82.0/23
IPv6:
2a10:9107:f000::/36
Signature Algorithm: sha256WithRSAEncryption
3a:5d:f5:e5:f2:18:63:e5:27:24:71:98:2e:48:63:c6:44:72:
3c:53:e1:69:fd:16:05:de:75:df:e5:f0:bc:6f:34:b6:81:57:
87:c8:6a:43:b7:61:78:23:56:42:f1:fb:0c:35:33:d3:1b:71:
43:bd:6f:01:76:4e:43:0e:09:30:00:14:fe:57:75:e4:9b:00:
0c:dc:55:04:42:59:65:11:82:34:94:b2:f8:33:b1:5f:ef:95:
ed:24:cb:c9:7a:5e:f5:61:a8:06:90:4f:c2:5a:94:60:9b:1b:
e1:ce:89:9e:4d:d6:d4:7e:54:07:97:0a:fd:06:74:22:79:3e:
d7:bc:5e:df:fb:d1:89:97:08:c6:e3:7e:7a:b4:5a:d1:fd:d3:
2a:89:37:7b:1f:f3:51:34:79:f6:8d:95:25:2b:c4:bf:18:4e:
75:cf:41:16:96:9f:0d:49:25:70:6d:ee:99:8c:48:36:e1:97:
07:0a:b3:b3:e4:58:b4:b6:65:39:03:a7:98:7d:35:e0:bd:ab:
2f:5d:cf:cf:75:77:2e:37:13:2e:e1:7a:78:ab:d4:8d:c9:8e:
c8:51:5f:90:a6:b3:39:16:4c:2d:24:65:b1:43:d4:c0:17:59:
2b:44:47:0f:02:62:7b:05:e0:a7:6c:e9:47:59:3b:42:6a:fd:
26:b0:ec:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFAT3Xro+InNXK2pjf3CQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzc4NDA5MjBkMWM3MDlmZjI5OWFlZDM2ODJjMjNmYjQz
Mjc2N2QwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmUyN2U2ODM1ZmQxMmQwZjJjYmU4NDBkOTkwZWZjYmEzM2Y1ZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMB4g+cDBQa/Xu6QtIJ54QCOFaPi
eomfxMgLYzJ1nK/GlY7QUlBwjMInr7dMhKtrkSWJgDHQV1J+5wNDn7fXK2aQ8u/k
aLB9V7ACowtrIryPUcrNdVsDYmoP3aT7U+q4gThKHeN5TUPy5+aMX07n9njKp6gj
or9dDDabO9jpyhm+tOQK4oCZXrVZUK9VqVSXWHFKEOR0myCtYpF7Jyb37fRvXxN6
n2LS7Gs36TnEdypALDGEbzqFiuWNp0nwZQW5E3BnaBXy/8w4EtyBgoTMPxGawQkw
pAxpXKjGbRouXWypxp9f0DoXdfAdqiRWAxyuwlAontb7uVWHW0qFwU20OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPvifmg1/RLQ8svoQNmQ78ujP17CMB8GA1UdIwQY
MBaAFNvHhAkg0ccJ/yma7TaCwj+0MnZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhlRUNTRFJ4d25fS1pydE5vTENQN1F5ZG4wLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC85NTIxZTEtNzYxMC00ZDQzLTg2ODMt
NTFiZTJmOTYwOGJjLzEvMS0tSi1hRFg5RXREeXktaEEyWkR2eTZNX1hzSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTQvOTUyMWUxLTc2MTAtNGQ0My04NjgzLTUxYmUyZjk2MDhi
Yy8xLzI4ZUVDU0RSeHduX0tacnROb0xDUDdReWRuMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAvBggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAY1iUjAO
BAIAAjAIAwYEKhCRB/AwDQYJKoZIhvcNAQELBQADggEBADpd9eXyGGPlJyRxmC5I
Y8ZEcjxT4Wn9FgXedd/l8LxvNLaBV4fIakO3YXgjVkLx+ww1M9MbcUO9bwF2TkMO
CTAAFP5XdeSbAAzcVQRCWWURgjSUsvgzsV/vle0ky8l6XvVhqAaQT8JalGCbG+HO
iZ5N1tR+VAeXCv0GdCJ5Pte8Xt/70YmXCMbjfnq0WtH90yqJN3sf81E0efaNlSUr
xL8YTnXPQRaWnw1JJXBt7pmMSDbhlwcKs7PkWLS2ZTkDp5h9NeC9qy9dz891dy43
Ey7henir1I3JjshRX5CmszkWTC0kZbFD1MAXWStERw8CYnsF4Kds6UdZO0Jq/Saw
7Ko=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:00 2025 by rpki-client