Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Dv_rghRptArXhvPjMimj7Fd1SdE.roa
File: Dv_rghRptArXhvPjMimj7Fd1SdE.roa (raw, json)
Hash identifier: TiKYiRtccTkMmWHAos1k/rxf9ZmNxI62RfgUPlUiXCA=
Subject key identifier: 0E:FF:EB:82:14:69:B4:0A:D7:86:F3:E3:32:29:A3:EC:57:75:49:D1
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018FA5506D56594CC1C3A43EB2EE7337DDA4
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Dv_rghRptArXhvPjMimj7Fd1SdE.roa
Signing time: Thu 23 May 2024 11:57:42 +0000
ROA not before: Thu 23 May 2024 11:57:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215158
IP address blocks: 2a0d:e080::/29 maxlen: 29
2a11:c0c0::/29 maxlen: 29
2a11:d900::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 24 May 2024 12:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a5:50:6d:56:59:4c:c1:c3:a4:3e:b2:ee:73:37:dd:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: May 23 11:57:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0effeb821469b40ad786f3e33229a3ec577549d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5f:61:64:67:f4:6a:59:2e:e5:02:a9:84:16:
ea:5d:17:8d:71:a1:51:cc:88:09:79:c4:91:d5:4f:
2f:8f:7c:6f:7a:4b:62:5e:de:d5:99:06:d9:fb:dc:
6f:a8:8c:5e:6f:b6:b7:ac:c4:95:a6:b7:0c:bf:27:
0f:ad:82:9c:0b:36:8d:51:1e:59:d1:d5:f2:42:3f:
7c:cf:e7:91:24:c0:71:64:17:dd:4d:95:27:d9:2e:
93:be:98:93:21:46:3a:90:62:f2:2a:c9:41:9c:0f:
ea:31:6e:08:5b:0a:aa:84:4c:24:36:97:1a:44:3c:
35:83:bd:1a:29:c9:86:3c:1c:e8:e2:f4:ec:29:5d:
8f:5d:e0:94:f2:22:cd:7f:15:21:a4:0f:0e:6a:60:
83:11:15:69:e6:81:b0:64:79:db:13:3b:a9:04:eb:
30:21:fb:fb:2b:88:d2:cf:60:90:6f:e0:25:e5:e6:
d6:82:40:93:42:39:e3:7b:e7:33:87:3f:87:c0:08:
51:94:cd:ad:2c:3f:28:28:8a:6f:8f:07:33:d7:80:
ad:24:ea:ce:fc:2a:96:fa:4e:3e:2f:b0:a7:64:4c:
c6:13:fc:58:f8:e8:87:40:e9:1c:f0:86:00:34:35:
46:5a:7e:f0:1d:39:2d:ce:9e:da:87:75:7e:bc:3a:
2e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:FF:EB:82:14:69:B4:0A:D7:86:F3:E3:32:29:A3:EC:57:75:49:D1
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/Dv_rghRptArXhvPjMimj7Fd1SdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:e080::/29
2a11:c0c0::/29
2a11:d900::/29
Signature Algorithm: sha256WithRSAEncryption
27:3e:48:21:2f:d1:8f:fc:e4:b5:18:f3:5e:cc:b7:f5:b2:bb:
38:d0:ab:85:01:1b:4d:bb:cd:71:14:80:06:7a:8d:dd:99:4b:
03:cb:24:ce:84:af:aa:e8:a0:40:b0:d6:6c:6d:a4:35:1a:6d:
63:fa:f3:b4:c3:f9:3f:4e:ae:1b:df:b7:eb:7a:43:b7:d7:53:
36:9c:79:6d:8e:19:03:a0:56:2d:b1:66:7e:7a:b1:53:9b:8d:
b9:c6:7f:6f:4b:2d:a2:e1:5c:12:dd:d6:7c:b8:76:09:64:81:
9f:5d:e3:cb:52:94:a2:7a:cf:7d:11:47:09:bc:8f:f6:94:ff:
83:06:2b:28:79:64:56:41:7d:ed:a8:02:12:5f:99:4b:ac:43:
08:be:ef:74:4a:3c:e7:b8:90:33:07:cc:30:15:8f:a0:05:3c:
40:e7:32:04:b1:93:91:67:3f:cf:26:ab:1a:62:ff:24:59:3d:
9f:7b:a1:95:29:2b:55:22:ba:c5:19:30:69:17:43:82:ae:46:
2c:ba:66:03:70:ba:a3:17:82:17:bc:1f:2f:0a:91:a4:87:ec:
e2:14:30:aa:6a:40:88:36:1a:bc:42:6c:68:ea:1c:90:d5:23:
7d:39:a9:85:09:be:28:0f:02:f9:81:42:31:b9:9d:60:1f:54:
7e:77:ad:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+lUG1WWUzBw6Q+su5zN92kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwNTIzMTE1NzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWZmZWI4MjE0NjliNDBhZDc4NmYzZTMzMjI5YTNlYzU3NzU0OWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA119hZGf0alku5QKphBbqXReNcaFR
zIgJecSR1U8vj3xvektiXt7VmQbZ+9xvqIxeb7a3rMSVprcMvycPrYKcCzaNUR5Z
0dXyQj98z+eRJMBxZBfdTZUn2S6TvpiTIUY6kGLyKslBnA/qMW4IWwqqhEwkNpca
RDw1g70aKcmGPBzo4vTsKV2PXeCU8iLNfxUhpA8OamCDERVp5oGwZHnbEzupBOsw
Ifv7K4jSz2CQb+Al5ebWgkCTQjnje+czhz+HwAhRlM2tLD8oKIpvjwcz14CtJOrO
/CqW+k4+L7CnZEzGE/xY+OiHQOkc8IYANDVGWn7wHTktzp7ah3V+vDourQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA7/64IUabQK14bz4zIpo+xXdUnRMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvRHZfcmdoUnB0QXJYaHZQak1pbWo3RmQxU2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg3ggAMF
AyoRwMADBQMqEdkAMA0GCSqGSIb3DQEBCwUAA4IBAQAnPkghL9GP/OS1GPNezLf1
srs40KuFARtNu81xFIAGeo3dmUsDyyTOhK+q6KBAsNZsbaQ1Gm1j+vO0w/k/Tq4b
37frekO311M2nHltjhkDoFYtsWZ+erFTm425xn9vSy2i4VwS3dZ8uHYJZIGfXePL
UpSies99EUcJvI/2lP+DBisoeWRWQX3tqAISX5lLrEMIvu90SjznuJAzB8wwFY+g
BTxA5zIEsZORZz/PJqsaYv8kWT2fe6GVKStVIrrFGTBpF0OCrkYsumYDcLqjF4IX
vB8vCpGkh+ziFDCqakCINhq8Qmxo6hyQ1SN9OamFCb4oDwL5gUIxuZ1gH1R+d61q
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:40 2025 by rpki-client