Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DyKRFb30qjF3ulxZude4wkOboRw.roa
File: DyKRFb30qjF3ulxZude4wkOboRw.roa (raw, json)
Hash identifier: UBu5R+2uPyj/3Xd+8y0II1XdbHxxUzOow764qNup1i0=
Subject key identifier: 0F:22:91:15:BD:F4:AA:31:77:BA:5C:59:B9:D7:B8:C2:43:9B:A1:1C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01914FB26FF40B4524390E740FCFF90B6DBA
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DyKRFb30qjF3ulxZude4wkOboRw.roa
Signing time: Wed 14 Aug 2024 07:02:59 +0000
ROA not before: Wed 14 Aug 2024 07:02:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 2a09:17c0:b19a::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a0f:e6c6:bf88::/48 maxlen: 48
2a13:c700:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Aug 2024 19:08:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:b2:6f:f4:0b:45:24:39:0e:74:0f:cf:f9:0b:6d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 14 07:02:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f229115bdf4aa3177ba5c59b9d7b8c2439ba11c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:11:3e:e6:29:22:e5:54:8a:27:35:38:68:0f:
c0:27:7e:ec:fd:13:62:31:f5:ba:d0:74:e0:55:bf:
16:e6:7a:46:cd:b9:d9:8b:98:42:54:c1:80:dd:05:
cc:86:54:e7:5e:83:2b:fb:b9:07:a8:9e:42:22:36:
9c:be:5c:83:c6:09:ca:52:18:d9:d0:3a:44:33:a7:
cb:36:55:cf:47:5b:ea:33:fb:1c:5d:d4:60:da:bf:
58:bd:a3:b1:67:f2:35:b6:43:3a:51:d7:36:96:a2:
32:0b:02:ae:9f:48:f0:0f:e7:89:2e:1a:0d:ab:46:
9b:aa:04:5a:f6:b7:72:1f:b3:72:6c:ae:58:40:6b:
30:29:7d:00:cc:47:d8:8b:2a:4c:f7:e7:75:a6:28:
1c:17:f9:1e:a5:c3:bd:a8:d5:be:46:20:f3:d2:83:
ba:e6:c5:30:18:b3:06:5f:66:22:fc:3a:73:e5:63:
17:09:c6:af:0a:bb:1a:f9:b1:2f:20:48:77:fc:bb:
71:72:d2:f2:92:5d:b8:f7:8d:51:d2:16:56:f3:23:
b9:cb:44:fa:05:54:68:dd:3f:3a:44:2b:de:41:03:
56:4b:6d:c8:01:a3:5a:7c:70:32:75:78:d5:53:f0:
6e:ed:0a:5c:71:cf:41:d2:00:62:d7:54:45:71:d4:
55:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:22:91:15:BD:F4:AA:31:77:BA:5C:59:B9:D7:B8:C2:43:9B:A1:1C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DyKRFb30qjF3ulxZude4wkOboRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0:b19a::/48
2a0f:e440::/29
2a0f:e6c6:bf88::/48
2a13:c700:1::/48
Signature Algorithm: sha256WithRSAEncryption
43:e1:01:c4:70:39:93:ad:ed:78:db:f0:26:ac:20:a1:cc:18:
13:a4:68:45:68:60:9c:68:a5:4b:90:ba:b4:9e:8e:0f:ad:bc:
f7:6f:97:d9:ef:e3:5f:9f:eb:be:ce:1a:f0:48:0f:4e:6d:d8:
42:ec:e5:75:db:78:a8:b4:22:a7:8b:93:3c:06:dd:b4:63:4d:
55:ab:43:7e:6b:92:00:88:77:45:b3:67:75:3c:1f:21:e1:db:
c0:0c:ab:67:6e:e2:75:8e:a8:04:0b:3b:0e:09:46:c1:b0:49:
72:16:58:09:44:9d:b2:42:c2:65:8f:8b:01:12:db:e4:af:99:
54:bc:16:9d:ff:d4:cd:c5:55:cb:fe:77:eb:9a:fe:74:cf:87:
25:8b:4f:ca:8a:df:37:3b:1e:7d:10:87:35:3a:b2:4c:a9:6a:
34:16:17:d7:b9:47:dc:70:7a:95:bc:f4:0b:ca:f0:7b:9e:aa:
fd:3b:73:a5:80:cd:c2:b6:bb:64:fe:2a:69:e5:39:2d:74:4e:
45:df:37:f2:78:0f:1b:82:48:6c:6e:84:55:99:d5:7e:58:61:
7a:14:73:09:c9:1d:d9:66:54:d3:b6:9b:fd:db:60:85:46:5b:
b6:10:f0:98:71:ac:4b:21:c0:d8:07:36:e8:f3:b6:d3:04:ea:
38:95:d1:56
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZFPsm/0C0UkOQ50D8/5C226MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODE0MDcwMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjIyOTExNWJkZjRhYTMxNzdiYTVjNTliOWQ3YjhjMjQzOWJhMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BE+5iki5VSKJzU4aA/AJ37s/RNi
MfW60HTgVb8W5npGzbnZi5hCVMGA3QXMhlTnXoMr+7kHqJ5CIjacvlyDxgnKUhjZ
0DpEM6fLNlXPR1vqM/scXdRg2r9YvaOxZ/I1tkM6Udc2lqIyCwKun0jwD+eJLhoN
q0abqgRa9rdyH7NybK5YQGswKX0AzEfYiypM9+d1pigcF/kepcO9qNW+RiDz0oO6
5sUwGLMGX2Yi/Dpz5WMXCcavCrsa+bEvIEh3/LtxctLykl24941R0hZW8yO5y0T6
BVRo3T86RCveQQNWS23IAaNafHAydXjVU/Bu7Qpccc9B0gBi11RFcdRVIwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA8ikRW99Koxd7pcWbnXuMJDm6EcMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRHlLUkZiMzBxakYzdWx4WnVkZTR3a09ib1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwcAKgkXwLGa
AwUDKg/kQAMHACoP5sa/iAMHACoTxwAAATANBgkqhkiG9w0BAQsFAAOCAQEAQ+EB
xHA5k63teNvwJqwgocwYE6RoRWhgnGilS5C6tJ6OD62892+X2e/jX5/rvs4a8EgP
Tm3YQuzlddt4qLQip4uTPAbdtGNNVatDfmuSAIh3RbNndTwfIeHbwAyrZ27idY6o
BAs7DglGwbBJchZYCUSdskLCZY+LARLb5K+ZVLwWnf/UzcVVy/5365r+dM+HJYtP
yorfNzsefRCHNTqyTKlqNBYX17lH3HB6lbz0C8rwe56q/TtzpYDNwra7ZP4qaeU5
LXRORd838ngPG4JIbG6EVZnVflhhehRzCckd2WZU07ab/dtghUZbthDwmHGsSyHA
2Ac26PO20wTqOJXRVg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:52:44 2025 by rpki-client