Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hdwq79MLU-4OnSIuwYzKaMc2vYI.roa
File: hdwq79MLU-4OnSIuwYzKaMc2vYI.roa (raw, json)
Hash identifier: b4xEJTom1i7zPXSOSZm9/hHFO/eIdPjp19CO3DEUA6Y=
Subject key identifier: 85:DC:2A:EF:D3:0B:53:EE:0E:9D:22:2E:C1:8C:CA:68:C7:36:BD:82
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0193A282835C21809E6731E52B1AD9255DD6
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hdwq79MLU-4OnSIuwYzKaMc2vYI.roa
Signing time: Sat 07 Dec 2024 19:04:42 +0000
ROA not before: Sat 07 Dec 2024 19:04:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2a14:35c0::/29 maxlen: 29
2a14:5840::/29 maxlen: 29
2a14:6b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 13 Dec 2024 13:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a2:82:83:5c:21:80:9e:67:31:e5:2b:1a:d9:25:5d:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Dec 7 19:04:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85dc2aefd30b53ee0e9d222ec18cca68c736bd82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c2:2d:fc:0c:d2:10:be:86:bd:f4:f2:4b:79:
52:17:76:82:51:42:a8:ed:70:8c:27:75:e5:7f:ac:
24:de:34:c1:32:86:be:40:4b:60:3a:49:07:45:20:
cf:88:2a:e5:16:af:02:32:79:bb:f0:7d:92:cd:48:
f1:46:88:92:d5:c0:d7:20:a0:ec:63:9e:83:fb:92:
fd:fe:0b:64:a4:58:06:3f:e4:6a:02:0d:6c:88:70:
6b:b3:90:04:b7:f9:37:cd:59:b7:14:95:39:8c:c6:
1b:2e:84:ec:00:62:30:65:88:47:18:ee:5b:79:d1:
53:6c:d9:7e:71:59:68:65:a7:36:4e:c5:b0:df:47:
1e:77:e9:52:f7:1e:76:41:a9:50:52:c9:ce:de:d2:
82:26:7d:f7:3a:b8:72:ef:6c:c7:fb:de:28:ff:18:
b3:8c:19:44:36:29:73:5a:77:90:b1:3e:6a:a2:0c:
45:f6:15:38:05:34:d1:9a:8a:cf:d7:7c:05:ad:ae:
d0:29:b8:b5:e7:38:96:d7:5c:10:67:3f:fe:5a:0c:
05:0e:33:7a:bc:d3:de:f2:99:83:ef:b8:fb:27:9a:
33:61:b9:f8:5d:2c:04:7d:34:86:05:fd:72:3d:5d:
d8:a2:c9:48:8b:31:bb:1d:f2:fa:fb:d9:fc:5b:06:
3e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DC:2A:EF:D3:0B:53:EE:0E:9D:22:2E:C1:8C:CA:68:C7:36:BD:82
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/hdwq79MLU-4OnSIuwYzKaMc2vYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:35c0::/29
2a14:5840::/29
2a14:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
6f:b8:2c:01:0e:89:89:f5:40:f4:b8:8a:8e:8e:ce:1e:9a:97:
5d:5e:3e:92:a7:9b:8f:b6:78:13:a8:e5:04:79:af:3d:a0:20:
e6:24:db:e5:28:89:3c:df:82:b5:9d:d0:17:7d:b3:c8:1b:b2:
0b:be:15:87:f4:4e:cf:da:79:0d:c6:83:fe:1d:b5:67:e1:a2:
d5:38:3a:f5:13:a1:f8:e8:a5:cf:cf:59:ae:dc:e6:40:e2:c1:
0a:4c:10:8d:01:0b:9a:5c:b9:39:75:c3:bc:f9:1b:81:2a:32:
64:e2:14:44:15:87:c3:d5:0c:8f:da:a3:26:e4:5f:58:18:6f:
35:25:08:74:81:25:b8:df:fa:62:31:e5:49:db:ea:5c:dd:05:
d8:57:cd:2a:0d:f8:e8:02:74:7f:20:66:5d:1f:26:8d:1b:ec:
a4:31:32:44:86:bc:93:f9:b3:f2:36:e8:92:95:21:d0:b4:70:
6b:55:97:85:b2:88:0e:1c:80:3f:41:ed:32:93:a0:65:39:8e:
b1:da:99:88:40:6b:3e:78:b4:5f:99:42:1b:b5:6b:f2:0b:c6:
52:b7:d3:ad:65:d0:26:a4:77:50:90:62:2a:fc:b8:4b:e3:9a:
0c:76:7f:84:31:41:45:e1:dc:08:88:e7:d5:5d:74:9f:f7:79:
7a:4c:29:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOigoNcIYCeZzHlKxrZJV3WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMjA3MTkwNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRjMmFlZmQzMGI1M2VlMGU5ZDIyMmVjMThjY2E2OGM3MzZiZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsIt/AzSEL6GvfTyS3lSF3aCUUKo
7XCMJ3Xlf6wk3jTBMoa+QEtgOkkHRSDPiCrlFq8CMnm78H2SzUjxRoiS1cDXIKDs
Y56D+5L9/gtkpFgGP+RqAg1siHBrs5AEt/k3zVm3FJU5jMYbLoTsAGIwZYhHGO5b
edFTbNl+cVloZac2TsWw30ced+lS9x52QalQUsnO3tKCJn33Orhy72zH+94o/xiz
jBlENilzWneQsT5qogxF9hU4BTTRmorP13wFra7QKbi15ziW11wQZz/+WgwFDjN6
vNPe8pmD77j7J5ozYbn4XSwEfTSGBf1yPV3YoslIizG7HfL6+9n8WwY+FQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIXcKu/TC1PuDp0iLsGMymjHNr2CMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvaGR3cTc5TUxVLTRPblNJdXdZekthTWMydllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhQ1wAMF
AyoUWEADBQMqFGtAMA0GCSqGSIb3DQEBCwUAA4IBAQBvuCwBDomJ9UD0uIqOjs4e
mpddXj6Sp5uPtngTqOUEea89oCDmJNvlKIk834K1ndAXfbPIG7ILvhWH9E7P2nkN
xoP+HbVn4aLVODr1E6H46KXPz1mu3OZA4sEKTBCNAQuaXLk5dcO8+RuBKjJk4hRE
FYfD1QyP2qMm5F9YGG81JQh0gSW43/piMeVJ2+pc3QXYV80qDfjoAnR/IGZdHyaN
G+ykMTJEhryT+bPyNuiSlSHQtHBrVZeFsogOHIA/Qe0yk6BlOY6x2pmIQGs+eLRf
mUIbtWvyC8ZSt9OtZdAmpHdQkGIq/LhL45oMdn+EMUFF4dwIiOfVXXSf93l6TClD
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:24:58 2025 by rpki-client