Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/DdVYVcyn7BxPwaAbJbRnlSkrQk4.roa
File: DdVYVcyn7BxPwaAbJbRnlSkrQk4.roa (raw, json)
Hash identifier: 3bmYd8TN2VG7+FSzNFp1vLVUDULC501it8uBBxhGTCk=
Subject key identifier: 0D:D5:58:55:CC:A7:EC:1C:4F:C1:A0:1B:25:B4:67:95:29:2B:42:4E
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 0193D6FBBE934301A16F46D407CA4F1CFB86
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/DdVYVcyn7BxPwaAbJbRnlSkrQk4.roa
Signing time: Tue 17 Dec 2024 23:37:22 +0000
ROA not before: Tue 17 Dec 2024 23:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213702
IP address blocks: 2a01:ecc0:80::/42 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d6:fb:be:93:43:01:a1:6f:46:d4:07:ca:4f:1c:fb:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Dec 17 23:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dd55855cca7ec1c4fc1a01b25b46795292b424e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:24:fb:11:ea:1d:46:a9:73:48:d7:dc:6b:71:
45:48:e8:3e:1b:06:77:d7:e1:e4:31:7e:0c:bd:13:
83:45:ae:3e:11:c1:a9:f7:7b:ff:6e:61:f4:d5:4f:
34:4d:d2:e2:33:d0:83:7f:a4:5a:b6:b6:29:d0:9b:
54:c0:3e:76:55:00:5e:1c:04:ff:69:26:f5:b5:3e:
43:79:29:f9:9e:27:27:66:ce:26:c7:fa:b0:fc:98:
7e:90:94:00:1e:f2:a8:cf:81:59:69:b6:51:91:09:
f3:9a:eb:2c:57:33:91:73:49:8d:c4:d8:8c:d5:e9:
28:05:8c:8a:56:2c:0e:91:a6:e0:67:55:33:09:1b:
60:83:95:d5:6a:33:21:61:77:94:19:8d:8a:63:25:
79:79:28:94:ca:ac:95:e7:0d:8a:85:75:a8:8b:a3:
5f:0a:8b:8f:91:f8:d7:f2:0b:b2:c8:02:bc:ad:b3:
31:19:2b:df:d3:0d:32:da:a7:7d:86:83:72:d0:69:
2e:0a:25:39:2b:95:a4:34:31:24:04:d1:9d:af:c9:
10:ad:7a:7a:cc:d2:be:52:a5:63:6e:56:69:af:76:
a0:da:92:f0:48:54:b1:dd:3a:11:c5:61:74:c0:21:
75:43:e2:ef:22:cf:1c:bd:ab:33:84:75:60:27:99:
5f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D5:58:55:CC:A7:EC:1C:4F:C1:A0:1B:25:B4:67:95:29:2B:42:4E
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/DdVYVcyn7BxPwaAbJbRnlSkrQk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:80::/42
Signature Algorithm: sha256WithRSAEncryption
6c:6b:02:eb:ae:b2:a8:ad:a7:a2:82:d2:b2:a7:ac:83:21:2d:
2e:76:1e:bf:32:51:69:99:bd:67:24:ed:0c:8f:c2:8b:dc:a6:
17:31:ea:f5:b6:32:93:0d:69:ec:14:97:17:97:88:d1:a4:be:
a1:b2:68:8c:f6:a7:03:6d:f6:d4:7a:90:05:8f:60:95:bc:8e:
b4:a1:7b:69:14:09:ab:32:41:35:75:64:de:b8:76:31:f9:ec:
c3:be:22:36:c4:94:6e:c6:cb:85:a9:20:33:be:59:ee:c0:71:
42:50:8f:0a:8e:fe:2a:70:8e:e7:4e:fa:cd:eb:be:fd:3e:93:
9f:2d:7c:dd:82:ca:f3:01:71:ac:18:94:c0:b0:b8:8f:6a:f3:
99:71:42:35:7c:3f:27:21:5d:65:75:a0:a6:40:ae:a4:2e:38:
2a:a4:a6:e6:df:cf:b4:09:ef:17:e6:11:29:a8:23:86:d6:ac:
31:04:f4:8e:0a:39:2d:9a:b6:49:52:c0:3c:a7:4b:6a:15:ef:
77:d9:79:b9:da:18:a8:16:61:37:6d:d1:0d:50:1b:f1:80:f2:
e9:c1:d3:68:bd:07:c1:cd:60:cc:ac:d0:28:29:f4:c6:c1:21:
fe:92:9c:3a:22:8d:cb:3c:4f:e1:de:90:c9:52:ed:0d:c6:61:
38:be:d7:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZPW+76TQwGhb0bUB8pPHPuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjQxMjE3MjMzNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ1NTg1NWNjYTdlYzFjNGZjMWEwMWIyNWI0Njc5NTI5MmI0MjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyT7EeodRqlzSNfca3FFSOg+GwZ3
1+HkMX4MvRODRa4+EcGp93v/bmH01U80TdLiM9CDf6RatrYp0JtUwD52VQBeHAT/
aSb1tT5DeSn5nicnZs4mx/qw/Jh+kJQAHvKoz4FZabZRkQnzmussVzORc0mNxNiM
1ekoBYyKViwOkabgZ1UzCRtgg5XVajMhYXeUGY2KYyV5eSiUyqyV5w2KhXWoi6Nf
CouPkfjX8guyyAK8rbMxGSvf0w0y2qd9hoNy0GkuCiU5K5WkNDEkBNGdr8kQrXp6
zNK+UqVjblZpr3ag2pLwSFSx3ToRxWF0wCF1Q+LvIs8cvaszhHVgJ5lf4wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFA3VWFXMp+wcT8GgGyW0Z5UpK0JOMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvRGRWWVZjeW43QnhQd2FBYkpiUm5sU2tyUWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKgHswACA
MA0GCSqGSIb3DQEBCwUAA4IBAQBsawLrrrKoraeigtKyp6yDIS0udh6/MlFpmb1n
JO0Mj8KL3KYXMer1tjKTDWnsFJcXl4jRpL6hsmiM9qcDbfbUepAFj2CVvI60oXtp
FAmrMkE1dWTeuHYx+ezDviI2xJRuxsuFqSAzvlnuwHFCUI8Kjv4qcI7nTvrN6779
PpOfLXzdgsrzAXGsGJTAsLiPavOZcUI1fD8nIV1ldaCmQK6kLjgqpKbm38+0Ce8X
5hEpqCOG1qwxBPSOCjktmrZJUsA8p0tqFe932Xm52hioFmE3bdENUBvxgPLpwdNo
vQfBzWDMrNAoKfTGwSH+kpw6Io3LPE/h3pDJUu0NxmE4vtd9
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:14:12 2025 by rpki-client