Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Dyq659W_ejmZw8dT8-t-K4L3oIc.roa
File: Dyq659W_ejmZw8dT8-t-K4L3oIc.roa (raw, json)
Hash identifier: iYauAEoAeLlY2lzbaTQ6RNM5Y+sYgPbgFNmyNTpiOrg=
Subject key identifier: 0F:2A:BA:E7:D5:BF:7A:39:99:C3:C7:53:F3:EB:7E:2B:82:F7:A0:87
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01924C941FAEA210F0D23DC5EA27F8B85CF7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Dyq659W_ejmZw8dT8-t-K4L3oIc.roa
Signing time: Wed 02 Oct 2024 09:33:48 +0000
ROA not before: Wed 02 Oct 2024 09:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a0a:2d02::/32 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a12:ecc2::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 03 Oct 2024 11:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4c:94:1f:ae:a2:10:f0:d2:3d:c5:ea:27:f8:b8:5c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 2 09:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f2abae7d5bf7a3999c3c753f3eb7e2b82f7a087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:1f:1b:a8:09:5c:5e:8f:45:1e:0f:f3:a2:41:
6a:9b:f4:21:fb:90:fd:0c:a6:d7:a6:2d:99:e0:45:
63:a5:fd:26:50:76:5c:68:30:6d:af:bf:02:c2:ef:
9c:84:f9:1b:09:b0:74:a5:4f:67:6d:04:ab:df:00:
cd:1a:08:fd:ee:01:cc:9c:d8:0b:a4:af:b7:02:1d:
da:37:99:46:00:3d:e0:ad:be:53:71:88:bd:c3:dc:
7c:d3:26:9e:7f:1d:ef:97:27:9a:9c:0b:77:3e:19:
a4:e1:1d:ca:3b:5a:e6:7a:3c:ed:09:2e:87:6e:d3:
cb:09:48:94:c7:a3:68:70:73:b3:33:75:14:e7:20:
9f:53:a2:ee:85:eb:c4:0e:ab:46:22:9c:78:ef:f5:
34:3f:8b:1d:8a:b0:3f:6b:be:09:fd:86:ae:d8:cb:
4d:2e:8f:91:e9:6b:5a:ce:11:fc:4a:9f:b7:a4:fa:
71:46:c6:2b:85:31:43:67:11:60:e7:fa:bb:bb:1d:
04:6e:fa:7b:4a:dd:0a:45:b0:9a:e9:17:1d:96:11:
1f:95:77:42:15:f7:b6:d5:76:96:cc:1f:55:7b:7c:
67:e5:f9:7e:33:55:d0:61:75:4e:72:91:78:ff:72:
d2:a1:5f:71:7e:fa:ea:62:1e:22:f5:f8:50:42:75:
63:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:2A:BA:E7:D5:BF:7A:39:99:C3:C7:53:F3:EB:7E:2B:82:F7:A0:87
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Dyq659W_ejmZw8dT8-t-K4L3oIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d02::/32
2a0f:3d80:123::/48
2a12:ecc2::/32
Signature Algorithm: sha256WithRSAEncryption
3c:73:c8:71:94:bc:74:88:5d:3e:a5:ab:86:ee:4c:89:65:67:
0a:37:c0:fb:80:a4:34:bd:7e:f1:a8:00:05:8d:a6:39:0d:52:
6f:f5:33:b6:9c:0e:32:f4:35:1e:80:6c:29:6c:b4:b2:39:ca:
87:5e:63:ef:a8:04:c4:82:8f:6d:68:58:ee:55:0e:c0:6f:67:
44:e6:74:f4:97:28:d0:b7:3e:e6:c6:94:c8:00:bc:92:7d:70:
0a:dd:de:7d:98:1b:b7:1a:e8:a1:46:09:55:e4:ab:2c:b1:04:
32:5a:59:cd:94:ca:b6:c5:6c:1d:40:c5:62:2d:a5:52:b8:7b:
67:6d:46:f6:1d:75:37:53:11:29:6c:ab:14:22:76:b8:3e:1f:
5d:8c:54:f1:80:1a:3b:04:92:41:9a:f6:68:aa:55:a7:ea:b3:
06:02:8a:b7:7d:e0:32:0c:c9:76:ad:cb:ca:cc:77:87:d7:20:
09:92:63:45:f4:cc:82:c9:91:94:07:b4:3f:06:71:29:1b:83:
66:54:fe:2d:0e:5f:9a:94:49:ec:8d:8c:aa:58:b1:3e:fa:5c:
25:bc:36:cf:3a:ff:24:29:dc:d9:c7:91:15:6b:74:70:b4:62:
b5:d2:75:3a:2f:b1:48:48:37:c8:15:fd:e9:d1:30:bf:58:96:
71:eb:71:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJMlB+uohDw0j3F6if4uFz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDAyMDkzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjJhYmFlN2Q1YmY3YTM5OTljM2M3NTNmM2ViN2UyYjgyZjdhMDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB8bqAlcXo9FHg/zokFqm/Qh+5D9
DKbXpi2Z4EVjpf0mUHZcaDBtr78Cwu+chPkbCbB0pU9nbQSr3wDNGgj97gHMnNgL
pK+3Ah3aN5lGAD3grb5TcYi9w9x80yaefx3vlyeanAt3Phmk4R3KO1rmejztCS6H
btPLCUiUx6NocHOzM3UU5yCfU6LuhevEDqtGIpx47/U0P4sdirA/a74J/Yau2MtN
Lo+R6WtazhH8Sp+3pPpxRsYrhTFDZxFg5/q7ux0Ebvp7St0KRbCa6RcdlhEflXdC
Ffe21XaWzB9Ve3xn5fl+M1XQYXVOcpF4/3LSoV9xfvrqYh4i9fhQQnVjZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA8quufVv3o5mcPHU/PrfiuC96CHMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvRHlxNjU5V19lam1adzhkVDgtdC1LNEwzb0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAdBAIAAjAXAwUAKgotAgMH
ACoPPYABIwMFACoS7MIwDQYJKoZIhvcNAQELBQADggEBADxzyHGUvHSIXT6lq4bu
TIllZwo3wPuApDS9fvGoAAWNpjkNUm/1M7acDjL0NR6AbClstLI5yodeY++oBMSC
j21oWO5VDsBvZ0TmdPSXKNC3PubGlMgAvJJ9cArd3n2YG7ca6KFGCVXkqyyxBDJa
Wc2UyrbFbB1AxWItpVK4e2dtRvYddTdTESlsqxQidrg+H12MVPGAGjsEkkGa9miq
VafqswYCird94DIMyXaty8rMd4fXIAmSY0X0zILJkZQHtD8GcSkbg2ZU/i0OX5qU
SeyNjKpYsT76XCW8Ns86/yQp3NnHkRVrdHC0YrXSdTovsUhIN8gV/enRML9YlnHr
cQs=
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:08:40 2025 by rpki-client