Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/c9e02c-ad51-4314-90fc-4a7cc75e3e6f/1/DTZEw1jX7B29mdCIUG0LJTFpus0.roa
File: DTZEw1jX7B29mdCIUG0LJTFpus0.roa (raw, json)
Hash identifier: a/3mi267IrO9AMeqjJQDqhD8zBQoyOkW5lVmh4PMt9k=
Subject key identifier: 0D:36:44:C3:58:D7:EC:1D:BD:99:D0:88:50:6D:0B:25:31:69:BA:CD
Certificate issuer: /CN=d7f66a41bca687b2758cfc7bb1c5f4b3469ed870
Certificate serial: 018CC795788D27860F70B5232B46CFD3CE38
Authority key identifier: D7:F6:6A:41:BC:A6:87:B2:75:8C:FC:7B:B1:C5:F4:B3:46:9E:D8:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_ZqQbymh7J1jPx7scX0s0ae2HA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/c9e02c-ad51-4314-90fc-4a7cc75e3e6f/1/DTZEw1jX7B29mdCIUG0LJTFpus0.roa
Signing time: Tue 02 Jan 2024 00:31:50 +0000
ROA not before: Tue 02 Jan 2024 00:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213013
IP address blocks: 149.3.169.0/24 maxlen: 24
2a10:a800::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:78:8d:27:86:0f:70:b5:23:2b:46:cf:d3:ce:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7f66a41bca687b2758cfc7bb1c5f4b3469ed870
Validity
Not Before: Jan 2 00:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d3644c358d7ec1dbd99d088506d0b253169bacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7d:8c:8e:a8:67:e4:d2:64:ba:2d:eb:66:09:
10:2b:6b:c4:0c:8b:b0:ed:32:2a:78:38:a2:03:c7:
8d:ef:1b:3e:7b:21:c7:62:65:11:40:d1:4c:3a:88:
31:5f:61:02:f2:82:c4:12:ea:42:d3:c9:c7:cf:78:
8d:85:a2:58:a4:0c:ac:0c:c4:14:c9:e1:51:22:5e:
bc:06:c7:00:8b:ad:2f:6a:23:f0:02:eb:e0:4b:cd:
17:dc:71:4e:6f:1b:da:0e:7b:48:f0:09:b1:24:0d:
36:fc:eb:18:80:34:20:9b:7e:7f:41:33:db:ce:aa:
91:e8:2e:51:d2:d0:8b:ca:16:39:71:e1:a4:34:a9:
e7:c2:92:3a:37:0e:c6:d1:48:c0:b7:3a:98:f8:61:
85:ed:96:47:49:fa:e9:26:4b:55:d6:23:ea:96:af:
e6:a2:2a:87:4c:12:a1:9a:b9:e7:a3:3d:75:fc:61:
62:12:14:b8:d7:87:9d:27:36:17:a9:ae:e2:3a:8f:
0c:51:3f:a5:e4:be:fe:d6:7e:6a:b9:44:7f:da:ef:
41:25:41:78:81:18:e4:3d:96:5f:06:38:94:ad:4f:
b3:af:ed:c8:75:1f:60:2c:50:52:ce:cf:4b:9c:54:
ef:87:44:d6:42:bf:c0:e0:ba:e5:d8:66:b2:8d:b7:
94:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:36:44:C3:58:D7:EC:1D:BD:99:D0:88:50:6D:0B:25:31:69:BA:CD
X509v3 Authority Key Identifier:
keyid:D7:F6:6A:41:BC:A6:87:B2:75:8C:FC:7B:B1:C5:F4:B3:46:9E:D8:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_ZqQbymh7J1jPx7scX0s0ae2HA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/c9e02c-ad51-4314-90fc-4a7cc75e3e6f/1/DTZEw1jX7B29mdCIUG0LJTFpus0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/c9e02c-ad51-4314-90fc-4a7cc75e3e6f/1/1_ZqQbymh7J1jPx7scX0s0ae2HA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.3.169.0/24
IPv6:
2a10:a800::/30
Signature Algorithm: sha256WithRSAEncryption
80:9e:30:c7:d3:af:cb:1a:c4:89:b3:c8:f2:f7:21:7a:70:cb:
47:2b:aa:ca:d6:46:25:d3:70:6c:aa:b0:f3:b6:6b:91:2e:8e:
09:65:ba:4e:57:07:67:43:dc:0e:95:82:a3:81:49:7b:72:d0:
36:76:ef:6a:2d:2a:b4:ef:e5:b1:7c:4e:1f:24:39:12:3b:9b:
ec:14:93:c6:d6:20:00:9a:c0:b5:5c:29:4a:85:bd:e4:f1:a5:
b2:25:7f:2d:3b:bd:17:d6:9e:c1:bd:04:8b:84:cc:f8:75:7e:
a9:a3:2b:bd:32:50:64:61:59:f9:2f:6b:e4:87:e2:78:f1:25:
77:fb:37:a5:dd:35:43:80:67:98:b1:3d:f0:0a:f5:19:35:46:
ec:65:b6:af:32:53:61:4a:60:7a:27:7c:ba:6f:dc:ba:4e:8c:
52:a1:fb:85:48:a7:b9:64:e6:de:80:22:61:80:87:f7:9a:44:
e1:68:ac:d8:82:70:3d:52:97:ef:e9:65:58:22:68:d2:89:46:
21:03:44:ac:b9:31:fc:f2:ab:6d:a2:09:2c:86:cd:88:f4:9e:
a0:29:bd:e1:15:a5:74:66:03:56:59:23:d9:bf:88:aa:0a:27:
31:51:ef:4b:ec:74:ce:ca:fb:b5:38:94:78:ae:c8:e8:63:7c:
64:74:c1:f2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlXiNJ4YPcLUjK0bP0844MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZjY2YTQxYmNhNjg3YjI3NThjZmM3YmIxYzVmNGIzNDY5
ZWQ4NzAwHhcNMjQwMTAyMDAzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDM2NDRjMzU4ZDdlYzFkYmQ5OWQwODg1MDZkMGIyNTMxNjliYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl32Mjqhn5NJkui3rZgkQK2vEDIuw
7TIqeDiiA8eN7xs+eyHHYmURQNFMOogxX2EC8oLEEupC08nHz3iNhaJYpAysDMQU
yeFRIl68BscAi60vaiPwAuvgS80X3HFObxvaDntI8AmxJA02/OsYgDQgm35/QTPb
zqqR6C5R0tCLyhY5ceGkNKnnwpI6Nw7G0UjAtzqY+GGF7ZZHSfrpJktV1iPqlq/m
oiqHTBKhmrnnoz11/GFiEhS414edJzYXqa7iOo8MUT+l5L7+1n5quUR/2u9BJUF4
gRjkPZZfBjiUrU+zr+3IdR9gLFBSzs9LnFTvh0TWQr/A4Lrl2GayjbeU6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA02RMNY1+wdvZnQiFBtCyUxabrNMB8GA1UdIwQY
MBaAFNf2akG8poeydYz8e7HF9LNGnthwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9acVFieW1oN0oxalB4N3NjWDBzMGFlMkhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9jOWUwMmMtYWQ1MS00MzE0LTkwZmMt
NGE3Y2M3NWUzZTZmLzEvRFRaRXcxalg3QjI5bWRDSVVHMExKVEZwdXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9jOWUwMmMtYWQ1MS00MzE0LTkwZmMtNGE3Y2M3NWUzZTZm
LzEvMV9acVFieW1oN0oxalB4N3NjWDBzMGFlMkhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAlQOpMA0E
AgACMAcDBQIqEKgAMA0GCSqGSIb3DQEBCwUAA4IBAQCAnjDH06/LGsSJs8jy9yF6
cMtHK6rK1kYl03BsqrDztmuRLo4JZbpOVwdnQ9wOlYKjgUl7ctA2du9qLSq07+Wx
fE4fJDkSO5vsFJPG1iAAmsC1XClKhb3k8aWyJX8tO70X1p7BvQSLhMz4dX6poyu9
MlBkYVn5L2vkh+J48SV3+zel3TVDgGeYsT3wCvUZNUbsZbavMlNhSmB6J3y6b9y6
ToxSofuFSKe5ZObegCJhgIf3mkThaKzYgnA9Upfv6WVYImjSiUYhA0SsuTH88qtt
ogkshs2I9J6gKb3hFaV0ZgNWWSPZv4iqCicxUe9L7HTOyvu1OJR4rsjoY3xkdMHy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:56 2025 by rpki-client