Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/DA0kHu5lmZ3I75oOpHyNKtgtB84.roa
File: DA0kHu5lmZ3I75oOpHyNKtgtB84.roa (raw, json)
Hash identifier: zAjq70WaZThcl6zn5x1b2kYqJctyb35T4j4pwEGzxHU=
Subject key identifier: 0C:0D:24:1E:EE:65:99:9D:C8:EF:9A:0E:A4:7C:8D:2A:D8:2D:07:CE
Certificate issuer: /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial: 01948889992433B6E696172704B6D6CC1D98
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/DA0kHu5lmZ3I75oOpHyNKtgtB84.roa
Signing time: Tue 21 Jan 2025 11:05:06 +0000
ROA not before: Tue 21 Jan 2025 11:05:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 176.116.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Mar 2025 21:42:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:89:99:24:33:b6:e6:96:17:27:04:b6:d6:cc:1d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Validity
Not Before: Jan 21 11:05:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c0d241eee65999dc8ef9a0ea47c8d2ad82d07ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9b:11:92:04:a5:96:f5:0c:2b:40:c6:e6:ce:
8f:f3:62:63:ce:aa:42:5f:8d:9d:eb:66:1f:9e:11:
d3:ad:d7:76:34:e9:78:ff:75:96:d6:ac:ba:de:01:
14:9b:23:aa:51:73:3b:05:d7:d4:cf:d2:8b:ca:12:
35:2f:0b:02:fb:31:fc:37:4a:6d:11:80:ae:89:b4:
e2:43:65:64:14:22:ea:a7:6c:62:ad:2e:6c:13:ae:
ad:44:be:91:b1:f6:70:24:be:a9:56:4b:58:fc:b3:
31:83:8a:d1:5c:97:2c:a0:bb:71:a9:b7:b2:ff:df:
c5:52:3a:99:81:7d:84:cb:84:a5:07:93:8f:dc:3a:
61:c1:e7:77:b9:5f:47:0d:de:5b:60:b4:f0:0c:3b:
d8:72:92:36:8a:b3:31:14:6a:27:2d:eb:a7:3b:4a:
ae:9e:68:ec:61:3b:95:d3:f1:39:2c:5b:31:c3:97:
06:bb:30:c1:96:d2:17:a5:bb:bf:63:a9:29:5c:87:
3a:ed:6a:cd:4f:9f:f6:2d:d9:37:4e:a8:48:14:da:
88:fb:95:0c:9a:3d:c9:8e:1e:10:5e:b4:15:ee:ee:
4c:83:25:b0:a4:29:6b:9e:88:55:8b:19:30:72:2c:
fb:7e:76:38:3b:9e:e3:e3:88:fa:47:97:07:6f:ea:
92:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0D:24:1E:EE:65:99:9D:C8:EF:9A:0E:A4:7C:8D:2A:D8:2D:07:CE
X509v3 Authority Key Identifier:
keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/DA0kHu5lmZ3I75oOpHyNKtgtB84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.6.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ec:d1:68:f4:d4:e2:40:23:d8:74:50:23:2f:0a:b7:ae:0b:
aa:ba:fe:6a:d4:ac:60:b4:26:01:ab:36:92:75:4f:2d:e1:dd:
27:96:1f:45:f3:0f:e4:7b:8d:23:c0:44:3e:af:13:01:6a:98:
20:d0:81:09:ef:ed:04:d9:4f:70:76:2c:e5:58:cc:65:5a:ba:
dd:4e:58:33:c1:43:f3:6d:57:86:31:aa:6d:ba:49:7a:ff:7b:
7d:7e:db:de:f2:92:4a:47:2b:d8:e5:c6:c6:d4:0a:c7:12:91:
66:83:cc:fb:e4:d6:6d:1f:d3:d1:f8:14:99:bc:ee:63:78:6f:
87:7d:50:33:2f:fd:15:67:8a:2f:71:09:65:29:fb:99:ac:c3:
2b:df:df:c8:ef:6e:4d:59:09:da:9f:91:79:93:77:23:f9:16:
fd:20:fc:12:c9:0a:56:e5:17:1b:13:7d:ac:93:cf:f6:2c:9f:
e6:d0:f2:27:15:1f:83:1f:f7:c0:28:44:67:10:a7:16:36:e2:
e4:0c:dc:8f:9a:85:c9:7f:fd:65:cb:01:21:a7:a9:c7:66:63:
2b:82:f2:93:52:7f:0a:e5:f0:29:9c:1b:05:d8:f8:be:47:7e:
a1:1d:85:d0:ae:05:9e:fa:29:7a:db:67:ef:d0:50:38:4f:f3:
16:53:6b:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSIiZkkM7bmlhcnBLbWzB2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjUwMTIxMTEwNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzBkMjQxZWVlNjU5OTlkYzhlZjlhMGVhNDdjOGQyYWQ4MmQwN2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJsRkgSllvUMK0DG5s6P82JjzqpC
X42d62YfnhHTrdd2NOl4/3WW1qy63gEUmyOqUXM7BdfUz9KLyhI1LwsC+zH8N0pt
EYCuibTiQ2VkFCLqp2xirS5sE66tRL6RsfZwJL6pVktY/LMxg4rRXJcsoLtxqbey
/9/FUjqZgX2Ey4SlB5OP3Dphwed3uV9HDd5bYLTwDDvYcpI2irMxFGonLeunO0qu
nmjsYTuV0/E5LFsxw5cGuzDBltIXpbu/Y6kpXIc67WrNT5/2Ldk3TqhIFNqI+5UM
mj3Jjh4QXrQV7u5MgyWwpClrnohVixkwciz7fnY4O57j44j6R5cHb+qS6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwNJB7uZZmdyO+aDqR8jSrYLQfOMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvREEwa0h1NWxtWjNJNzVvT3BIeU5LdGd0Qjg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHQGMA0G
CSqGSIb3DQEBCwUAA4IBAQCF7NFo9NTiQCPYdFAjLwq3rguquv5q1KxgtCYBqzaS
dU8t4d0nlh9F8w/ke40jwEQ+rxMBapgg0IEJ7+0E2U9wdizlWMxlWrrdTlgzwUPz
bVeGMaptukl6/3t9ftve8pJKRyvY5cbG1ArHEpFmg8z75NZtH9PR+BSZvO5jeG+H
fVAzL/0VZ4ovcQllKfuZrMMr39/I725NWQnan5F5k3cj+Rb9IPwSyQpW5RcbE32s
k8/2LJ/m0PInFR+DH/fAKERnEKcWNuLkDNyPmoXJf/1lywEhp6nHZmMrgvKTUn8K
5fApnBsF2Pi+R36hHYXQrgWe+il622fv0FA4T/MWU2uB
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:28:32 2025 by rpki-client