Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/55UfVCt_9iB9lC8MG4ipoNmIsBU.roa
File: 55UfVCt_9iB9lC8MG4ipoNmIsBU.roa (raw, json)
Hash identifier: Xe4xpS4ZUBXRv10mnBpRZyEy0XMMOxqkOlAoTl2LRPo=
Subject key identifier: E7:95:1F:54:2B:7F:F6:20:7D:94:2F:0C:1B:88:A9:A0:D9:88:B0:15
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 018CCA99DCCD92C3694F8E3F4B090492FD82
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/55UfVCt_9iB9lC8MG4ipoNmIsBU.roa
Signing time: Tue 02 Jan 2024 14:35:30 +0000
ROA not before: Tue 02 Jan 2024 14:35:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42599
IP address blocks: 2.59.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:dc:cd:92:c3:69:4f:8e:3f:4b:09:04:92:fd:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Jan 2 14:35:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7951f542b7ff6207d942f0c1b88a9a0d988b015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:05:8f:c4:7b:23:37:17:1a:29:9d:45:ae:35:
1a:cd:57:77:02:5c:38:0a:a9:8e:f2:dd:c2:f2:c5:
8b:91:03:4e:1a:f6:84:0c:97:29:33:4f:f8:2f:8a:
da:70:d8:f1:1c:75:6c:70:d6:ef:39:e9:8e:ec:e8:
95:6f:16:23:65:87:24:fb:a4:0a:fa:85:d0:f4:40:
09:a7:32:ed:99:df:ac:44:c2:2b:5f:38:f3:a0:43:
a4:5a:00:2c:03:04:03:dd:16:63:f6:5c:33:af:ff:
b1:b5:e3:f4:45:01:6a:29:2f:74:b6:d9:c2:95:a5:
5e:81:bb:5c:c1:1d:28:70:74:b2:c0:4b:ba:ac:89:
5e:74:1d:97:60:fe:81:0e:08:6a:21:88:f8:27:b3:
a0:65:44:f9:70:05:59:3a:bc:8e:bc:78:79:c3:3b:
44:58:cf:3d:f4:96:22:57:bc:56:88:ea:11:9f:dd:
86:06:49:ea:4b:af:10:de:29:2a:d1:68:f3:48:8b:
f4:da:40:24:3d:55:6a:d4:d4:87:31:e5:77:16:58:
07:9a:bf:e5:5d:f3:fb:08:f7:a4:12:48:4e:3a:fc:
19:ed:55:d2:67:fd:42:de:af:7e:a9:16:ed:91:b6:
21:3f:c8:1a:60:ed:fc:df:58:c3:dd:75:3f:2f:3e:
c4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:95:1F:54:2B:7F:F6:20:7D:94:2F:0C:1B:88:A9:A0:D9:88:B0:15
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/55UfVCt_9iB9lC8MG4ipoNmIsBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.13.0/24
Signature Algorithm: sha256WithRSAEncryption
22:c5:d3:43:47:39:ef:72:a0:10:88:29:09:d5:a5:91:af:6f:
da:b5:f4:79:6b:d2:4f:a6:6c:72:fe:f6:c0:36:62:1c:0c:db:
45:dc:1e:6d:a7:a2:11:64:89:74:d3:0e:3c:d9:bc:f3:f9:54:
ec:66:79:bb:14:5e:aa:aa:1c:3a:5d:69:69:5f:e8:0d:5f:db:
20:7e:66:bc:dc:26:d7:ab:95:c6:45:56:d1:08:20:7d:0d:10:
30:d9:65:c7:3e:56:e6:bf:4e:8c:a6:f4:fb:73:90:0d:93:bb:
fa:b2:94:99:ba:99:17:74:82:3c:dd:a7:b4:0b:a6:4a:df:cc:
34:f2:24:5c:e3:96:93:fd:1a:3e:1e:29:05:88:21:0b:ac:e5:
5a:b9:a4:24:61:8d:c4:b8:8a:86:86:2f:10:76:5e:d8:03:f8:
9c:04:4d:0a:1b:52:e7:08:d2:74:e3:aa:f8:ce:74:0e:b1:cc:
88:bf:4f:38:b5:32:a0:f0:ad:99:3f:d8:15:c1:ef:ff:91:ab:
60:c0:84:57:c8:b0:1c:b4:cd:90:e2:e8:b9:65:8a:f3:5b:5c:
e7:07:c9:71:57:d2:f9:09:c3:16:2e:93:b6:49:30:3e:81:3d:
84:17:e5:6f:73:ff:27:98:1b:dc:c4:4a:26:a4:74:1a:85:88:
f6:38:50:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmdzNksNpT44/SwkEkv2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjQwMTAyMTQzNTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzk1MWY1NDJiN2ZmNjIwN2Q5NDJmMGMxYjg4YTlhMGQ5ODhiMDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAWPxHsjNxcaKZ1FrjUazVd3Alw4
CqmO8t3C8sWLkQNOGvaEDJcpM0/4L4racNjxHHVscNbvOemO7OiVbxYjZYck+6QK
+oXQ9EAJpzLtmd+sRMIrXzjzoEOkWgAsAwQD3RZj9lwzr/+xteP0RQFqKS90ttnC
laVegbtcwR0ocHSywEu6rIledB2XYP6BDghqIYj4J7OgZUT5cAVZOryOvHh5wztE
WM899JYiV7xWiOoRn92GBknqS68Q3ikq0WjzSIv02kAkPVVq1NSHMeV3FlgHmr/l
XfP7CPekEkhOOvwZ7VXSZ/1C3q9+qRbtkbYhP8gaYO3831jD3XU/Lz7EzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOeVH1Qrf/YgfZQvDBuIqaDZiLAVMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvNTVVZlZDdF85aUI5bEM4TUc0aXBvTm1Jc0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjsNMA0G
CSqGSIb3DQEBCwUAA4IBAQAixdNDRznvcqAQiCkJ1aWRr2/atfR5a9JPpmxy/vbA
NmIcDNtF3B5tp6IRZIl00w482bzz+VTsZnm7FF6qqhw6XWlpX+gNX9sgfma83CbX
q5XGRVbRCCB9DRAw2WXHPlbmv06MpvT7c5ANk7v6spSZupkXdII83ae0C6ZK38w0
8iRc45aT/Ro+HikFiCELrOVauaQkYY3EuIqGhi8Qdl7YA/icBE0KG1LnCNJ046r4
znQOscyIv084tTKg8K2ZP9gVwe//katgwIRXyLActM2Q4ui5ZYrzW1znB8lxV9L5
CcMWLpO2STA+gT2EF+Vvc/8nmBvcxEompHQahYj2OFAT
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:56:52 2025 by rpki-client