Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/DLxPpx1aak4PZsFEET4QvpzSL7U.roa
File: DLxPpx1aak4PZsFEET4QvpzSL7U.roa (raw, json)
Hash identifier: ZhYKIoD2N9M7DeQYA3jOFKfd1sNVXpSwPY1lN8zRxRY=
Subject key identifier: 0C:BC:4F:A7:1D:5A:6A:4E:0F:66:C1:44:11:3E:10:BE:9C:D2:2F:B5
Certificate issuer: /CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Certificate serial: 018CC4934A1F1287D0F4FD8071A8FCCB00B3
Authority key identifier: AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/DLxPpx1aak4PZsFEET4QvpzSL7U.roa
Signing time: Mon 01 Jan 2024 10:30:36 +0000
ROA not before: Mon 01 Jan 2024 10:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41562
IP address blocks: 2a03:2040:ff00::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:4a:1f:12:87:d0:f4:fd:80:71:a8:fc:cb:00:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afec4f4a16cc51bd51621011539ceb574ac15d02
Validity
Not Before: Jan 1 10:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cbc4fa71d5a6a4e0f66c144113e10be9cd22fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5c:52:ca:8e:63:1e:3b:dd:53:05:db:4c:06:
d4:01:6e:db:bb:fc:9c:73:ef:12:60:42:28:50:ef:
cf:91:af:f7:d6:b3:6b:6b:8a:bb:94:dd:8b:9a:c1:
d3:36:06:33:d5:c9:22:ab:c5:92:b8:e2:bf:e2:db:
ed:57:8d:64:9a:23:0b:5a:b4:51:bf:d7:0f:da:66:
8b:69:86:8a:2b:e5:be:1e:b9:9e:69:69:65:e3:55:
d7:23:26:8c:02:3f:d0:c2:7e:ce:d5:fc:cd:55:7b:
08:e2:97:8d:b3:97:6e:1a:a0:c2:3f:ce:b8:a4:a1:
22:e7:23:c0:eb:68:92:6b:d7:1f:39:03:79:1a:b8:
0e:6d:27:a1:61:fe:10:72:5d:58:7b:6e:df:6f:28:
7c:d4:fd:7c:f7:07:5f:79:0c:1a:ca:5e:5d:96:cf:
a0:96:33:d3:f0:d1:2c:33:9f:34:b7:76:d7:75:6a:
3f:98:c8:85:bd:4e:47:86:ba:84:bd:da:33:57:49:
56:84:06:14:41:e6:54:99:19:5f:c6:0a:92:ee:b5:
65:2e:50:a5:df:a6:fd:23:9a:17:11:b2:e8:b3:27:
3a:b0:66:7e:fa:38:47:dc:c0:d8:a4:f5:02:cd:56:
6a:e4:84:7f:d6:d1:72:f2:83:67:ca:80:2d:89:e7:
d3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:BC:4F:A7:1D:5A:6A:4E:0F:66:C1:44:11:3E:10:BE:9C:D2:2F:B5
X509v3 Authority Key Identifier:
keyid:AF:EC:4F:4A:16:CC:51:BD:51:62:10:11:53:9C:EB:57:4A:C1:5D:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-xPShbMUb1RYhARU5zrV0rBXQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/DLxPpx1aak4PZsFEET4QvpzSL7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9f7b6b-b29d-486e-8478-27efc13aff1e/1/r-xPShbMUb1RYhARU5zrV0rBXQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:2040:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
29:d8:e9:58:1d:15:ae:ee:8f:6c:35:3b:40:90:f8:e6:2c:28:
e7:26:08:d0:df:aa:c0:58:6e:f1:42:5d:a8:fe:aa:e1:41:e6:
b3:af:53:1b:5a:1f:cc:1a:07:fb:5d:ab:33:a4:eb:92:d2:47:
b2:28:a2:81:57:a7:22:e6:42:11:76:a8:ed:c5:fd:6c:6a:c1:
46:e9:76:80:94:10:9f:7b:9a:d5:af:76:82:bb:14:be:f4:29:
f6:b1:f6:7f:e0:05:5b:fc:21:f9:ec:21:53:d8:ee:6c:9e:af:
28:81:ad:ca:00:f6:59:f3:37:05:ac:85:62:6f:95:fc:bf:08:
d0:f5:69:a0:62:86:22:5f:c3:e1:2a:02:1d:e1:62:af:dc:b7:
d6:bf:8b:df:69:f6:e2:a3:ea:34:0e:24:7d:b1:4f:62:b7:e6:
3c:54:45:d4:ee:cf:ec:42:e9:76:38:a8:de:98:55:08:60:04:
43:90:9e:af:40:63:40:f6:b6:37:ae:1f:02:11:a4:77:c0:ac:
dc:a9:e4:da:f6:ba:c7:02:4b:58:44:b4:0a:87:b4:71:14:87:
98:ea:7a:92:0d:aa:d5:2f:a9:c8:73:fe:ee:65:4b:b8:d9:6e:
82:1e:bf:6a:f7:1c:a5:c8:3b:3f:3e:21:d2:3f:1e:38:a0:9a:
54:10:be:96
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEk0ofEofQ9P2Acaj8ywCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZWM0ZjRhMTZjYzUxYmQ1MTYyMTAxMTUzOWNlYjU3NGFj
MTVkMDIwHhcNMjQwMTAxMTAzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2JjNGZhNzFkNWE2YTRlMGY2NmMxNDQxMTNlMTBiZTljZDIyZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1xSyo5jHjvdUwXbTAbUAW7bu/yc
c+8SYEIoUO/Pka/31rNra4q7lN2LmsHTNgYz1ckiq8WSuOK/4tvtV41kmiMLWrRR
v9cP2maLaYaKK+W+HrmeaWll41XXIyaMAj/Qwn7O1fzNVXsI4peNs5duGqDCP864
pKEi5yPA62iSa9cfOQN5GrgObSehYf4Qcl1Ye27fbyh81P189wdfeQwayl5dls+g
ljPT8NEsM580t3bXdWo/mMiFvU5HhrqEvdozV0lWhAYUQeZUmRlfxgqS7rVlLlCl
36b9I5oXEbLosyc6sGZ++jhH3MDYpPUCzVZq5IR/1tFy8oNnyoAtiefTiQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFAy8T6cdWmpOD2bBRBE+EL6c0i+1MB8GA1UdIwQY
MBaAFK/sT0oWzFG9UWIQEVOc61dKwV0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0Nzgt
MjdlZmMxM2FmZjFlLzEvREx4UHB4MWFhazRQWnNGRUVUNFF2cHpTTDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZjdiNmItYjI5ZC00ODZlLTg0NzgtMjdlZmMxM2FmZjFl
LzEvci14UFNoYk1VYjFSWWhBUlU1enJWMHJCWFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgMgQP8w
DQYJKoZIhvcNAQELBQADggEBACnY6VgdFa7uj2w1O0CQ+OYsKOcmCNDfqsBYbvFC
Xaj+quFB5rOvUxtaH8waB/tdqzOk65LSR7IoooFXpyLmQhF2qO3F/WxqwUbpdoCU
EJ97mtWvdoK7FL70Kfax9n/gBVv8IfnsIVPY7myeryiBrcoA9lnzNwWshWJvlfy/
CND1aaBihiJfw+EqAh3hYq/ct9a/i99p9uKj6jQOJH2xT2K35jxURdTuz+xC6XY4
qN6YVQhgBEOQnq9AY0D2tjeuHwIRpHfArNyp5Nr2uscCS1hEtAqHtHEUh5jqepIN
qtUvqchz/u5lS7jZboIev2r3HKXIOz8+IdI/HjigmlQQvpY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:04:44 2025 by rpki-client