Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/DEXi3bgBtObnBFGD5JIN3euQydA.roa
File: DEXi3bgBtObnBFGD5JIN3euQydA.roa (raw, json)
Hash identifier: pbFR5nkmb8q045hmvXZvQDHfynYB+9IY45SKNM8JUhc=
Subject key identifier: 0C:45:E2:DD:B8:01:B4:E6:E7:04:51:83:E4:92:0D:DD:EB:90:C9:D0
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 0193CDE9F6A86A406BD6EA120E82FF06558A
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/DEXi3bgBtObnBFGD5JIN3euQydA.roa
Signing time: Mon 16 Dec 2024 05:21:22 +0000
ROA not before: Mon 16 Dec 2024 05:21:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215543
IP address blocks: 2a0f:7802:e300::/40 maxlen: 48
2a0f:7803:fb30::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cd:e9:f6:a8:6a:40:6b:d6:ea:12:0e:82:ff:06:55:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Dec 16 05:21:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c45e2ddb801b4e6e7045183e4920dddeb90c9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:35:f7:b6:8c:89:f8:4f:00:06:a4:44:cb:e7:
7e:6c:ae:ab:ef:f2:f9:ba:75:6c:38:ed:0a:20:7f:
7b:fb:5c:cf:1c:15:0d:cf:35:f9:77:24:25:62:4a:
01:f9:c5:40:3f:5c:28:ad:29:f0:dd:23:6d:2a:42:
ba:4f:59:b8:bb:25:6f:b2:89:5a:7f:ba:94:fa:88:
77:14:8a:4e:06:78:62:cd:45:d5:02:bf:0a:d6:84:
c8:02:3b:45:82:61:36:41:b6:98:bc:c7:41:fd:72:
77:e5:c8:46:3a:5f:ef:9a:19:72:d1:59:1d:4e:6c:
66:62:1b:eb:79:64:1a:a7:bf:22:d5:13:7f:e0:fa:
46:c2:9f:cb:df:b2:af:20:27:cb:b2:8c:04:ba:2b:
d7:d9:66:cc:5c:45:84:20:ad:db:d9:57:53:bc:7c:
79:05:67:e7:85:5c:c7:f3:ab:11:a5:3d:94:81:b5:
8b:78:f2:85:65:eb:2e:05:f4:fe:b4:50:f1:4a:96:
a7:f7:dc:61:22:77:1e:6e:13:c6:37:54:0c:01:85:
9d:83:6b:7f:6f:fa:c6:cf:1c:77:6a:18:af:e5:e8:
68:82:88:db:46:b7:45:07:3e:ee:3d:5e:60:46:69:
9a:7c:39:62:96:26:7b:ee:39:d9:89:d7:4b:72:22:
92:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:45:E2:DD:B8:01:B4:E6:E7:04:51:83:E4:92:0D:DD:EB:90:C9:D0
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/DEXi3bgBtObnBFGD5JIN3euQydA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7802:e300::/40
2a0f:7803:fb30::/44
Signature Algorithm: sha256WithRSAEncryption
22:4a:b9:01:76:e1:06:0d:1d:41:55:83:ef:24:32:7f:b2:76:
51:96:54:5e:b0:29:24:83:61:d9:61:ce:bd:63:9c:cd:1d:41:
59:8a:f6:fb:42:af:42:e9:62:4e:b1:d1:47:06:65:67:28:84:
48:24:97:e9:a2:5d:98:e2:8b:c1:92:5b:6a:40:3b:86:9e:a3:
9a:de:d7:b7:53:49:34:62:93:2a:0a:8f:61:9d:9a:cc:5d:b2:
6b:bb:4e:e1:51:10:0f:bf:ec:35:91:8c:59:e4:4b:9f:ad:7b:
2e:65:20:64:b6:d5:36:d3:14:a2:ed:3e:d7:65:ff:16:6e:4f:
5a:43:cd:05:6b:23:c7:a3:06:b7:9c:73:2f:4f:d5:a2:62:c3:
0e:1b:fc:7c:2b:e6:3b:61:62:81:16:63:d2:ad:ec:1b:58:16:
8a:a2:4c:bc:1b:b4:e0:6c:be:bc:d4:9e:c5:a0:17:f8:a9:83:
fd:04:67:d8:df:bb:94:bd:1c:97:c3:b7:ec:bc:c9:c8:49:d7:
83:27:4e:a6:6a:07:f9:14:42:71:ea:03:7b:fa:d4:da:92:fd:
8f:4d:d3:8c:95:bd:2f:ba:b8:d6:47:cf:f2:6d:03:d1:7e:0a:
40:46:ff:de:cf:be:b9:9b:b0:37:92:64:fd:3b:f9:f6:a2:79:
d7:2e:58:61
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZPN6faoakBr1uoSDoL/BlWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjQxMjE2MDUyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzQ1ZTJkZGI4MDFiNGU2ZTcwNDUxODNlNDkyMGRkZGViOTBjOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDX3toyJ+E8ABqREy+d+bK6r7/L5
unVsOO0KIH97+1zPHBUNzzX5dyQlYkoB+cVAP1worSnw3SNtKkK6T1m4uyVvsola
f7qU+oh3FIpOBnhizUXVAr8K1oTIAjtFgmE2QbaYvMdB/XJ35chGOl/vmhly0Vkd
TmxmYhvreWQap78i1RN/4PpGwp/L37KvICfLsowEuivX2WbMXEWEIK3b2VdTvHx5
BWfnhVzH86sRpT2UgbWLePKFZesuBfT+tFDxSpan99xhIncebhPGN1QMAYWdg2t/
b/rGzxx3ahiv5ehogojbRrdFBz7uPV5gRmmafDliliZ77jnZiddLciKS1wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFAxF4t24AbTm5wRRg+SSDd3rkMnQMB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvREVYaTNiZ0J0T2JuQkZHRDVKSU4zZXVReWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKg94AuMD
BwQqD3gD+zAwDQYJKoZIhvcNAQELBQADggEBACJKuQF24QYNHUFVg+8kMn+ydlGW
VF6wKSSDYdlhzr1jnM0dQVmK9vtCr0LpYk6x0UcGZWcohEgkl+miXZjii8GSW2pA
O4aeo5re17dTSTRikyoKj2Gdmsxdsmu7TuFREA+/7DWRjFnkS5+tey5lIGS21TbT
FKLtPtdl/xZuT1pDzQVrI8ejBreccy9P1aJiww4b/Hwr5jthYoEWY9Kt7BtYFoqi
TLwbtOBsvrzUnsWgF/ipg/0EZ9jfu5S9HJfDt+y8ychJ14MnTqZqB/kUQnHqA3v6
1NqS/Y9N04yVvS+6uNZHz/JtA9F+CkBG/97PvrmbsDeSZP07+faiedcuWGE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:16 2025 by rpki-client