Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/7a7dc1-e168-4d47-b46d-40ea80892f03/1/7Zrsg21aWNZ9eG9rN4B1_vbCitE.roa
File: 7Zrsg21aWNZ9eG9rN4B1_vbCitE.roa (raw, json)
Hash identifier: JLwOvAxcWMdijQgqjrDzAl48tsR+w7oCrX8Q5fsvAqM=
Subject key identifier: ED:9A:EC:83:6D:5A:58:D6:7D:78:6F:6B:37:80:75:FE:F6:C2:8A:D1
Certificate issuer: /CN=59d36a21e9b368d748bab8c77bebdde2c227c6c3
Certificate serial: 01909362F5A9EA3129503FC0C2F2C0CCF1AE
Authority key identifier: 59:D3:6A:21:E9:B3:68:D7:48:BA:B8:C7:7B:EB:DD:E2:C2:27:C6:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WdNqIemzaNdIurjHe-vd4sInxsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/7a7dc1-e168-4d47-b46d-40ea80892f03/1/7Zrsg21aWNZ9eG9rN4B1_vbCitE.roa
Signing time: Mon 08 Jul 2024 17:27:34 +0000
ROA not before: Mon 08 Jul 2024 17:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15096
IP address blocks: 204.99.132.0/24 maxlen: 24
2a07:e480:200::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:93:62:f5:a9:ea:31:29:50:3f:c0:c2:f2:c0:cc:f1:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59d36a21e9b368d748bab8c77bebdde2c227c6c3
Validity
Not Before: Jul 8 17:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed9aec836d5a58d67d786f6b378075fef6c28ad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b4:bc:72:ff:6e:de:6f:60:97:3f:0d:e0:42:
f3:22:30:14:32:89:fd:d2:ea:58:7f:5e:1d:e1:39:
ec:0a:71:f6:26:cc:14:05:69:48:5e:ff:6d:e0:54:
28:81:96:d2:38:22:42:f1:b2:d6:85:a0:b2:d4:79:
5a:66:00:6b:ee:5d:73:5e:a9:10:e5:c3:00:8e:ba:
4e:e1:e1:21:ee:ac:05:e5:78:2a:fd:04:7a:3d:83:
96:be:01:c5:13:50:9d:01:ac:df:45:66:9d:d8:8a:
89:f0:13:53:4a:07:57:bc:93:0e:0b:f2:db:b6:dd:
85:bb:a1:f9:2b:1b:08:ee:0e:12:23:f2:5d:68:57:
26:90:07:59:3f:f2:fa:bf:29:ab:5e:36:16:02:fc:
f8:42:37:69:ad:20:53:6c:4b:49:fe:f7:13:1c:43:
68:c4:8b:0a:9c:0b:70:6d:be:66:94:c4:95:a3:0c:
3c:19:da:e9:42:db:e3:2a:a9:85:68:9f:8a:f6:b7:
18:27:6d:fb:f5:75:5f:b9:aa:06:9d:fb:c5:c4:04:
63:a7:71:93:85:a4:47:e2:e9:27:c6:59:d0:2f:76:
67:bb:d8:e0:0b:da:4a:36:98:72:9d:48:10:52:cf:
9c:1b:ae:3c:96:44:3a:c6:4e:f2:5a:45:73:d0:21:
f5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9A:EC:83:6D:5A:58:D6:7D:78:6F:6B:37:80:75:FE:F6:C2:8A:D1
X509v3 Authority Key Identifier:
keyid:59:D3:6A:21:E9:B3:68:D7:48:BA:B8:C7:7B:EB:DD:E2:C2:27:C6:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WdNqIemzaNdIurjHe-vd4sInxsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/7a7dc1-e168-4d47-b46d-40ea80892f03/1/7Zrsg21aWNZ9eG9rN4B1_vbCitE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/7a7dc1-e168-4d47-b46d-40ea80892f03/1/WdNqIemzaNdIurjHe-vd4sInxsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.99.132.0/24
IPv6:
2a07:e480:200::/48
Signature Algorithm: sha256WithRSAEncryption
64:72:1a:ec:5f:8e:03:1e:f1:e0:79:4e:65:14:4b:68:e2:43:
3d:8c:06:df:b4:b4:94:85:be:c4:21:06:12:90:94:ad:a0:c4:
fe:d0:3e:ca:5f:23:6b:33:87:94:83:ae:e7:45:97:b1:b8:63:
c6:04:69:a2:df:6f:89:64:5e:d7:ba:d6:32:d6:67:6d:be:4c:
ac:1e:8c:02:ab:85:79:ee:ce:79:64:f6:16:82:38:a5:d9:7d:
1b:f4:08:4a:a7:94:12:91:b6:30:6f:7e:52:4c:08:19:8d:aa:
9c:d0:4f:fe:57:4f:6b:be:5d:e4:c8:f4:fb:ba:d7:fc:2a:42:
84:9f:60:2e:4b:8d:42:15:c7:05:c9:60:8c:8e:47:55:b0:11:
6d:33:bc:2f:f2:1f:28:32:33:eb:22:76:c5:2a:9b:60:13:f2:
72:aa:ab:72:74:85:12:97:b5:03:e2:ff:a2:ae:f0:e2:23:ca:
21:ec:98:ce:d1:b9:63:4a:1d:ad:b1:2d:ef:1c:37:27:80:fe:
b7:9d:9a:e7:1b:f2:5e:64:3c:72:48:55:d9:ba:95:7f:db:15:
a1:4e:5c:a7:1d:58:c0:12:54:4e:dc:ca:e1:a2:9f:35:80:37:
99:21:71:e4:1a:31:18:35:aa:41:c7:8a:a5:f8:26:26:43:d2:
07:ae:3e:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCTYvWp6jEpUD/AwvLAzPGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZDM2YTIxZTliMzY4ZDc0OGJhYjhjNzdiZWJkZGUyYzIy
N2M2YzMwHhcNMjQwNzA4MTcyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDlhZWM4MzZkNWE1OGQ2N2Q3ODZmNmIzNzgwNzVmZWY2YzI4YWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLS8cv9u3m9glz8N4ELzIjAUMon9
0upYf14d4TnsCnH2JswUBWlIXv9t4FQogZbSOCJC8bLWhaCy1HlaZgBr7l1zXqkQ
5cMAjrpO4eEh7qwF5Xgq/QR6PYOWvgHFE1CdAazfRWad2IqJ8BNTSgdXvJMOC/Lb
tt2Fu6H5KxsI7g4SI/JdaFcmkAdZP/L6vymrXjYWAvz4QjdprSBTbEtJ/vcTHENo
xIsKnAtwbb5mlMSVoww8GdrpQtvjKqmFaJ+K9rcYJ2379XVfuaoGnfvFxARjp3GT
haRH4uknxlnQL3Znu9jgC9pKNphynUgQUs+cG648lkQ6xk7yWkVz0CH1iQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO2a7INtWljWfXhvazeAdf72worRMB8GA1UdIwQY
MBaAFFnTaiHps2jXSLq4x3vr3eLCJ8bDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2ROcUllbXphTmRJdXJqSGUtdmQ0c0lueHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS83YTdkYzEtZTE2OC00ZDQ3LWI0NmQt
NDBlYTgwODkyZjAzLzEvN1pyc2cyMWFXTlo5ZUc5ck40QjFfdmJDaXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS83YTdkYzEtZTE2OC00ZDQ3LWI0NmQtNDBlYTgwODkyZjAz
LzEvV2ROcUllbXphTmRJdXJqSGUtdmQ0c0lueHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAzGOEMA8E
AgACMAkDBwAqB+SAAgAwDQYJKoZIhvcNAQELBQADggEBAGRyGuxfjgMe8eB5TmUU
S2jiQz2MBt+0tJSFvsQhBhKQlK2gxP7QPspfI2szh5SDrudFl7G4Y8YEaaLfb4lk
Xte61jLWZ22+TKwejAKrhXnuznlk9haCOKXZfRv0CEqnlBKRtjBvflJMCBmNqpzQ
T/5XT2u+XeTI9Pu61/wqQoSfYC5LjUIVxwXJYIyOR1WwEW0zvC/yHygyM+sidsUq
m2AT8nKqq3J0hRKXtQPi/6Ku8OIjyiHsmM7RuWNKHa2xLe8cNyeA/redmucb8l5k
PHJIVdm6lX/bFaFOXKcdWMASVE7cyuGinzWAN5khceQaMRg1qkHHiqX4JiZD0geu
PnI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:33 2025 by rpki-client