Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/V-WztWpNQN3v70M5nFo3CeYonfo.roa
File: V-WztWpNQN3v70M5nFo3CeYonfo.roa (raw, json)
Hash identifier: sb09Cdd8d53Y4vQ3YKix/zgsSHBlBJmxWU03hD1ua9Y=
Subject key identifier: 57:E5:B3:B5:6A:4D:40:DD:EF:EF:43:39:9C:5A:37:09:E6:28:9D:FA
Certificate issuer: /CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Certificate serial: 018CC870B410689E78A0657AD850991E37ED
Authority key identifier: CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/V-WztWpNQN3v70M5nFo3CeYonfo.roa
Signing time: Tue 02 Jan 2024 04:31:18 +0000
ROA not before: Tue 02 Jan 2024 04:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212144
IP address blocks: 2a0d:c940::/29 maxlen: 29
2a09:2fc0::/29 maxlen: 29
2a01:64e0::/32 maxlen: 32
2a06:a640::/29 maxlen: 29
2a06:da80::/29 maxlen: 29
2a0d:db00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:b4:10:68:9e:78:a0:65:7a:d8:50:99:1e:37:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccc478dd9ccd6162f82488ac6fc50c21d369f2a0
Validity
Not Before: Jan 2 04:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=57e5b3b56a4d40ddefef43399c5a3709e6289dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:54:49:70:72:c1:8f:0c:58:b5:58:ad:72:e9:
86:6a:f9:ba:ac:5a:c1:7e:2f:ad:ec:10:09:f9:21:
1c:67:13:0b:e4:42:ce:3a:01:e1:63:76:e5:4c:0a:
88:16:8d:09:3e:6a:7d:9e:d0:f0:e2:62:2e:b8:93:
4b:73:3c:33:00:de:07:a5:b8:25:cf:8e:f3:9d:0e:
5c:cc:e0:9b:18:80:83:14:21:54:8c:29:ba:2c:5a:
30:91:1d:e7:06:db:28:51:8e:35:c9:23:18:58:11:
7d:e9:72:e3:12:a2:76:b0:6e:f6:60:9a:ae:c8:25:
ee:77:43:2e:55:d9:ee:81:5c:83:38:2d:b8:aa:8a:
ea:94:9e:0b:a3:5c:5b:ee:02:88:f9:73:fe:2c:15:
dc:27:f7:a3:44:39:c6:9c:aa:d8:bf:bb:fe:d7:c3:
49:dd:c7:db:31:c3:f5:75:f4:cc:58:6f:84:a3:40:
2b:ce:a0:46:ca:31:57:c7:3a:37:76:f8:6e:43:24:
7c:22:ec:d5:23:85:87:d3:e8:92:1e:9a:cc:21:9c:
85:af:e5:c0:69:1b:29:b5:22:c1:84:5a:06:fe:52:
c7:88:44:14:9b:06:ef:aa:14:21:bc:44:e7:7c:60:
96:f1:3c:0d:c9:5d:50:1a:ad:82:d6:07:57:1d:c6:
0a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E5:B3:B5:6A:4D:40:DD:EF:EF:43:39:9C:5A:37:09:E6:28:9D:FA
X509v3 Authority Key Identifier:
keyid:CC:C4:78:DD:9C:CD:61:62:F8:24:88:AC:6F:C5:0C:21:D3:69:F2:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMR43ZzNYWL4JIisb8UMIdNp8qA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/V-WztWpNQN3v70M5nFo3CeYonfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/ee3e3f-3a45-43eb-a5de-4285998392d3/1/zMR43ZzNYWL4JIisb8UMIdNp8qA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:64e0::/32
2a06:a640::/29
2a06:da80::/29
2a09:2fc0::/29
2a0d:c940::/29
2a0d:db00::/29
Signature Algorithm: sha256WithRSAEncryption
4f:d3:c1:26:b2:ea:9b:51:fe:97:93:ec:d2:58:9b:53:5a:b1:
2a:ad:b7:73:1b:c2:a3:3f:f9:36:16:0f:40:2d:2a:c9:ca:d5:
61:bf:94:99:04:79:45:b5:31:5d:ae:60:98:62:a9:c3:08:c0:
e4:3c:36:8c:31:20:6a:d2:f1:b9:b8:0c:e7:f2:22:68:fe:8b:
0f:be:07:20:c4:00:89:3c:2e:d2:bd:f2:17:71:35:53:6e:aa:
a8:d9:72:d1:70:32:75:cd:67:4a:b3:96:20:1f:53:fb:7c:a2:
6f:df:62:c6:d1:d3:76:90:93:0d:83:80:c4:9d:da:e3:69:eb:
e7:60:6c:43:ef:f0:70:3d:60:1e:c9:15:d7:2c:02:3c:b4:b6:
e5:a1:5d:11:35:cf:14:6e:5d:b9:b7:cd:c4:e6:4b:91:a9:dc:
8f:bb:68:92:3f:d1:02:04:36:76:20:bb:b5:a5:a2:e8:f8:ba:
ad:45:77:7d:29:84:74:00:6e:90:6d:bb:6b:5e:4d:3f:0f:7e:
a5:2e:67:1c:29:44:f8:6c:33:d2:92:9d:52:27:f1:bf:eb:95:
02:17:32:44:fe:dd:87:fc:53:f1:d8:58:cc:85:a1:44:cc:e9:
76:d8:fd:06:e5:5f:c1:a7:10:5a:09:d3:77:ae:25:6b:6a:83:
11:72:62:59
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzIcLQQaJ54oGV62FCZHjftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYzQ3OGRkOWNjZDYxNjJmODI0ODhhYzZmYzUwYzIxZDM2
OWYyYTAwHhcNMjQwMTAyMDQzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2U1YjNiNTZhNGQ0MGRkZWZlZjQzMzk5YzVhMzcwOWU2Mjg5ZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVRJcHLBjwxYtVitcumGavm6rFrB
fi+t7BAJ+SEcZxML5ELOOgHhY3blTAqIFo0JPmp9ntDw4mIuuJNLczwzAN4Hpbgl
z47znQ5czOCbGICDFCFUjCm6LFowkR3nBtsoUY41ySMYWBF96XLjEqJ2sG72YJqu
yCXud0MuVdnugVyDOC24qorqlJ4Lo1xb7gKI+XP+LBXcJ/ejRDnGnKrYv7v+18NJ
3cfbMcP1dfTMWG+Eo0ArzqBGyjFXxzo3dvhuQyR8IuzVI4WH0+iSHprMIZyFr+XA
aRsptSLBhFoG/lLHiEQUmwbvqhQhvETnfGCW8TwNyV1QGq2C1gdXHcYK8QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFfls7VqTUDd7+9DOZxaNwnmKJ36MB8GA1UdIwQY
MBaAFMzEeN2czWFi+CSIrG/FDCHTafKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUt
NDI4NTk5ODM5MmQzLzEvVi1XenRXcE5RTjN2NzBNNW5GbzNDZVlvbmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lZTNlM2YtM2E0NS00M2ViLWE1ZGUtNDI4NTk5ODM5MmQz
LzEvek1SNDNaek5ZV0w0Sklpc2I4VU1JZE5wOHFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgFk4AMF
AyoGpkADBQMqBtqAAwUDKgkvwAMFAyoNyUADBQMqDdsAMA0GCSqGSIb3DQEBCwUA
A4IBAQBP08EmsuqbUf6Xk+zSWJtTWrEqrbdzG8KjP/k2Fg9ALSrJytVhv5SZBHlF
tTFdrmCYYqnDCMDkPDaMMSBq0vG5uAzn8iJo/osPvgcgxACJPC7SvfIXcTVTbqqo
2XLRcDJ1zWdKs5YgH1P7fKJv32LG0dN2kJMNg4DEndrjaevnYGxD7/BwPWAeyRXX
LAI8tLbloV0RNc8Ubl25t83E5kuRqdyPu2iSP9ECBDZ2ILu1paLo+LqtRXd9KYR0
AG6QbbtrXk0/D36lLmccKUT4bDPSkp1SJ/G/65UCFzJE/t2H/FPx2FjMhaFEzOl2
2P0G5V/BpxBaCdN3riVraoMRcmJZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:33:54 2025 by rpki-client