Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/DmdHie94hYSGZlHwgdH0Zr6T6dg.roa
File: DmdHie94hYSGZlHwgdH0Zr6T6dg.roa (raw, json)
Hash identifier: F1b9FRaIqjtlyMfDl7S2/BaFgM8n6J5JVzyu7xig+Zs=
Subject key identifier: 0E:67:47:89:EF:78:85:84:86:66:51:F0:81:D1:F4:66:BE:93:E9:D8
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019404642359BE764A8B132F1DD0E90CB955
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/DmdHie94hYSGZlHwgdH0Zr6T6dg.roa
Signing time: Thu 26 Dec 2024 19:14:19 +0000
ROA not before: Thu 26 Dec 2024 19:14:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2a0b:b480::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:53:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:04:64:23:59:be:76:4a:8b:13:2f:1d:d0:e9:0c:b9:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Dec 26 19:14:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e674789ef788584866651f081d1f466be93e9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1f:9b:4f:6d:e7:cd:2a:1e:dc:25:6f:c0:d4:
e5:aa:50:ed:b4:3f:3f:8c:e1:1a:d6:5c:a2:a8:10:
9e:4d:b0:a0:18:81:f5:7e:b2:f6:d4:fe:1f:68:f0:
50:5e:e3:46:2f:66:74:d0:92:22:1b:a5:95:20:f0:
b4:11:cf:cd:90:01:59:21:ed:e2:cf:80:28:df:5a:
99:98:da:6b:d1:3d:64:3a:3a:6f:15:51:aa:42:6c:
a2:7b:b4:09:55:67:71:10:3f:af:96:78:16:87:a4:
b9:f0:ba:13:32:34:ee:cc:aa:52:31:bb:f5:8b:96:
3d:95:a3:f1:0e:1e:3d:bd:d5:5c:2e:c9:9f:06:35:
67:39:ec:67:35:bf:6f:48:11:41:ca:78:07:31:9c:
20:f0:78:a2:54:5c:43:00:9b:c4:ff:46:a9:c0:75:
09:7f:cd:fa:a6:10:f1:6d:9c:34:04:a4:24:02:29:
99:39:e4:4a:20:13:01:e9:fa:63:27:9f:22:02:98:
a5:fc:4a:09:b3:72:62:7d:28:c3:c2:a1:44:5e:86:
b1:83:36:e4:27:ac:21:39:b6:48:b8:e4:60:19:9b:
dd:3d:12:2c:26:e8:e2:80:71:d0:fd:82:21:1a:80:
6c:0b:52:08:88:c5:2f:f2:89:8c:1a:ad:c7:9e:8d:
54:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:67:47:89:EF:78:85:84:86:66:51:F0:81:D1:F4:66:BE:93:E9:D8
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/DmdHie94hYSGZlHwgdH0Zr6T6dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b480::/29
Signature Algorithm: sha256WithRSAEncryption
2e:1b:a2:5b:f2:01:f8:71:df:26:f1:8c:46:ff:48:b6:a3:3e:
70:a9:1a:bc:20:c2:fd:29:9e:21:89:73:e0:17:bc:6c:02:b7:
58:ae:7f:de:18:f9:b4:47:92:25:eb:a8:13:62:59:05:10:7f:
0d:88:1c:f5:11:31:6f:c3:37:37:cf:bd:93:97:2e:75:a5:22:
6b:ff:70:d8:59:97:65:99:b9:ef:b2:58:9d:22:ad:9c:e9:08:
e2:8c:13:f9:d1:a6:de:2e:f9:1f:84:bc:36:04:9a:01:a3:c5:
16:f4:95:9e:c3:6b:d2:11:4e:c9:8c:6d:6c:6e:fd:8f:69:47:
23:d5:77:7d:23:f5:9d:77:bf:3d:69:6b:10:d2:22:fa:9b:2c:
5f:60:71:fa:7e:99:98:80:a4:9b:25:95:bc:ad:c8:68:c4:7d:
e5:ea:01:14:3a:60:c2:24:7c:ed:1f:d0:c7:2f:91:6d:8c:98:
b8:a1:29:46:15:d7:e1:ee:70:ba:98:b6:b5:ee:23:2b:15:3f:
2b:6c:32:c1:ed:9d:ca:ca:2c:80:6a:9f:32:be:df:76:8e:9e:
a9:2a:bb:70:da:42:22:ab:a7:0d:c6:e4:a2:8c:bf:0b:2c:d8:
58:57:8d:3d:58:ef:c9:0c:e2:ab:ae:73:a0:7c:03:51:2f:2d:
66:e0:b3:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQEZCNZvnZKixMvHdDpDLlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjQxMjI2MTkxNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTY3NDc4OWVmNzg4NTg0ODY2NjUxZjA4MWQxZjQ2NmJlOTNlOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB+bT23nzSoe3CVvwNTlqlDttD8/
jOEa1lyiqBCeTbCgGIH1frL21P4faPBQXuNGL2Z00JIiG6WVIPC0Ec/NkAFZIe3i
z4Ao31qZmNpr0T1kOjpvFVGqQmyie7QJVWdxED+vlngWh6S58LoTMjTuzKpSMbv1
i5Y9laPxDh49vdVcLsmfBjVnOexnNb9vSBFByngHMZwg8HiiVFxDAJvE/0apwHUJ
f836phDxbZw0BKQkAimZOeRKIBMB6fpjJ58iApil/EoJs3JifSjDwqFEXoaxgzbk
J6whObZIuORgGZvdPRIsJujigHHQ/YIhGoBsC1IIiMUv8omMGq3Hno1UKQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA5nR4nveIWEhmZR8IHR9Ga+k+nYMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvRG1kSGllOTRoWVNHWmxId2dkSDBacjZUNmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgu0gDAN
BgkqhkiG9w0BAQsFAAOCAQEALhuiW/IB+HHfJvGMRv9ItqM+cKkavCDC/SmeIYlz
4Be8bAK3WK5/3hj5tEeSJeuoE2JZBRB/DYgc9RExb8M3N8+9k5cudaUia/9w2FmX
ZZm577JYnSKtnOkI4owT+dGm3i75H4S8NgSaAaPFFvSVnsNr0hFOyYxtbG79j2lH
I9V3fSP1nXe/PWlrENIi+pssX2Bx+n6ZmICkmyWVvK3IaMR95eoBFDpgwiR87R/Q
xy+RbYyYuKEpRhXX4e5wupi2te4jKxU/K2wywe2dysosgGqfMr7fdo6eqSq7cNpC
IqunDcbkooy/CyzYWFeNPVjvyQziq65zoHwDUS8tZuCzMQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:02:14 2025 by rpki-client