Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/mz1DZioTkked3ss43WdjRBZlE5w.roa
File: mz1DZioTkked3ss43WdjRBZlE5w.roa (raw, json)
Hash identifier: A7Sfu31ry5nEKLoJbr/oSE6319d3HK9Qa1IpZWCFnPw=
Subject key identifier: 9B:3D:43:66:2A:13:92:47:9D:DE:CB:38:DD:67:63:44:16:65:13:9C
Certificate issuer: /CN=8fb620a4838ef6e21bcc26ad351262d7566eb275
Certificate serial: 0194B1FE63AAFD679CEAC2E15AD75EA19A8D
Authority key identifier: 8F:B6:20:A4:83:8E:F6:E2:1B:CC:26:AD:35:12:62:D7:56:6E:B2:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/mz1DZioTkked3ss43WdjRBZlE5w.roa
Signing time: Wed 29 Jan 2025 12:17:06 +0000
ROA not before: Wed 29 Jan 2025 12:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15614
IP address blocks: 2a01:510::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 30 Jan 2025 08:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:fe:63:aa:fd:67:9c:ea:c2:e1:5a:d7:5e:a1:9a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fb620a4838ef6e21bcc26ad351262d7566eb275
Validity
Not Before: Jan 29 12:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b3d43662a1392479ddecb38dd6763441665139c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:59:bb:e3:26:61:8d:e5:05:65:fc:32:b7:c0:
5f:5c:6c:00:74:15:8f:2c:e3:c6:09:3f:ef:55:2b:
8f:ce:f5:51:0e:e1:fc:37:cf:cf:8f:62:bb:86:03:
1b:eb:9e:98:8f:cc:1d:35:28:77:c0:d6:c4:e9:64:
65:29:8b:be:b5:43:1e:a9:0f:0c:3d:e4:3c:15:d3:
bd:40:7a:37:35:94:80:88:75:2a:f7:74:2f:74:b7:
86:5f:5e:28:5e:21:f6:e1:b1:37:ff:61:34:a7:fe:
b9:e7:eb:57:dd:47:73:e1:6e:8b:67:67:63:48:8c:
53:78:33:84:ac:44:c4:3f:ff:91:ff:15:cb:f9:62:
6b:5a:41:ef:0e:0a:b5:ba:ed:3f:39:e2:71:5a:08:
e8:ba:c8:24:41:05:02:fc:d0:0d:39:19:a1:34:68:
5c:fd:d4:0b:f6:48:33:6a:36:21:7b:97:ea:99:fc:
5c:23:37:0c:41:7e:b3:2e:4a:d6:26:6d:a8:3b:d0:
6f:60:15:3b:b7:02:94:05:4c:b4:68:e3:7f:5d:2f:
9e:16:69:5a:42:4e:2e:71:08:50:b6:1f:eb:b8:c3:
6d:98:07:3c:65:c3:45:5a:8f:e8:17:31:62:45:b3:
fd:21:49:3f:41:f7:0f:04:db:f5:d4:79:be:3f:89:
96:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:3D:43:66:2A:13:92:47:9D:DE:CB:38:DD:67:63:44:16:65:13:9C
X509v3 Authority Key Identifier:
keyid:8F:B6:20:A4:83:8E:F6:E2:1B:CC:26:AD:35:12:62:D7:56:6E:B2:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7YgpIOO9uIbzCatNRJi11ZusnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/mz1DZioTkked3ss43WdjRBZlE5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ec3512-71ba-441e-bfe1-da7d45b732fa/1/j7YgpIOO9uIbzCatNRJi11ZusnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:510::/32
Signature Algorithm: sha256WithRSAEncryption
3c:6f:5b:8c:4f:db:bd:04:fd:bd:0f:df:16:83:c8:cf:97:b9:
25:bb:67:8c:1e:cc:60:bc:fa:c8:e9:41:7a:2a:ff:ab:a6:4f:
9f:de:a4:dc:1b:c9:c9:82:91:3b:97:1a:b6:f7:92:a8:82:2f:
ae:00:f6:5c:28:a5:b8:98:cb:91:ce:76:08:ea:59:93:d2:e5:
eb:64:65:25:b2:bf:48:02:4a:12:47:ae:70:c1:44:fc:04:1c:
db:3a:61:4f:ff:9f:a6:6e:11:70:68:3f:1f:35:7f:cc:ee:16:
34:b3:ee:78:b7:83:9f:a5:0a:e3:6c:3c:cc:fc:81:ec:32:62:
87:d1:f9:00:c6:51:b8:24:52:a3:67:28:1f:a3:58:8b:c6:89:
ed:4d:94:f3:25:a3:e0:84:dd:65:84:d5:b6:3f:a2:c7:ce:ff:
db:d2:a9:62:6e:b0:13:5b:96:38:b7:f5:4c:62:4a:a5:a2:2e:
4d:a1:a9:9c:0e:f8:f2:c9:b9:3f:ff:c5:57:c3:b2:9f:7b:87:
ea:04:bd:06:80:ff:a3:1e:6e:c7:b2:d6:00:78:a9:52:3d:1d:
83:fe:0c:25:a2:93:ad:ef:93:a8:ad:5d:dd:8a:0a:77:ca:0d:
50:df:0d:82:19:1b:ad:21:ef:c4:32:53:5a:2b:63:a3:53:09:
c1:28:c6:47
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZSx/mOq/Wec6sLhWtdeoZqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYjYyMGE0ODM4ZWY2ZTIxYmNjMjZhZDM1MTI2MmQ3NTY2
ZWIyNzUwHhcNMjUwMTI5MTIxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjNkNDM2NjJhMTM5MjQ3OWRkZWNiMzhkZDY3NjM0NDE2NjUxMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Vm74yZhjeUFZfwyt8BfXGwAdBWP
LOPGCT/vVSuPzvVRDuH8N8/Pj2K7hgMb656Yj8wdNSh3wNbE6WRlKYu+tUMeqQ8M
PeQ8FdO9QHo3NZSAiHUq93QvdLeGX14oXiH24bE3/2E0p/655+tX3Udz4W6LZ2dj
SIxTeDOErETEP/+R/xXL+WJrWkHvDgq1uu0/OeJxWgjousgkQQUC/NANORmhNGhc
/dQL9kgzajYhe5fqmfxcIzcMQX6zLkrWJm2oO9BvYBU7twKUBUy0aON/XS+eFmla
Qk4ucQhQth/ruMNtmAc8ZcNFWo/oFzFiRbP9IUk/QfcPBNv11Hm+P4mWFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJs9Q2YqE5JHnd7LON1nY0QWZROcMB8GA1UdIwQY
MBaAFI+2IKSDjvbiG8wmrTUSYtdWbrJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajdZZ3BJT085dUliekNhdE5SSmkxMVp1c25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lYzM1MTItNzFiYS00NDFlLWJmZTEt
ZGE3ZDQ1YjczMmZhLzEvbXoxRFppb1Rra2VkM3NzNDNXZGpSQlpsRTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lYzM1MTItNzFiYS00NDFlLWJmZTEtZGE3ZDQ1YjczMmZh
LzEvajdZZ3BJT085dUliekNhdE5SSmkxMVp1c25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEFEDAN
BgkqhkiG9w0BAQsFAAOCAQEAPG9bjE/bvQT9vQ/fFoPIz5e5JbtnjB7MYLz6yOlB
eir/q6ZPn96k3BvJyYKRO5catveSqIIvrgD2XCiluJjLkc52COpZk9Ll62RlJbK/
SAJKEkeucMFE/AQc2zphT/+fpm4RcGg/HzV/zO4WNLPueLeDn6UK42w8zPyB7DJi
h9H5AMZRuCRSo2coH6NYi8aJ7U2U8yWj4ITdZYTVtj+ix87/29KpYm6wE1uWOLf1
TGJKpaIuTaGpnA748sm5P//FV8Oyn3uH6gS9BoD/ox5ux7LWAHipUj0dg/4MJaKT
re+TqK1d3YoKd8oNUN8NghkbrSHvxDJTWitjo1MJwSjGRw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:46:32 2025 by rpki-client