Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/dDdDa2a5fPaHu5RYypB8mdDPftg.roa
File: dDdDa2a5fPaHu5RYypB8mdDPftg.roa (raw, json)
Hash identifier: adV5GN5A1N0M02wKiQBVqDa1dlRZ+lNLLgocfTYhoUw=
Subject key identifier: 74:37:43:6B:66:B9:7C:F6:87:BB:94:58:CA:90:7C:99:D0:CF:7E:D8
Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Certificate serial: 018F103DFBE0DCF1C533FE28CCFACB6BA4CC
Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/dDdDa2a5fPaHu5RYypB8mdDPftg.roa
Signing time: Wed 24 Apr 2024 13:14:08 +0000
ROA not before: Wed 24 Apr 2024 13:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200216
IP address blocks: 2a13:d3c0::/29 maxlen: 29
2a13:dec0::/29 maxlen: 29
2a14:1300::/29 maxlen: 29
2a14:1500::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 14 May 2024 19:57:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:3d:fb:e0:dc:f1:c5:33:fe:28:cc:fa:cb:6b:a4:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Validity
Not Before: Apr 24 13:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7437436b66b97cf687bb9458ca907c99d0cf7ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5c:e3:6e:a5:b3:0e:aa:e9:4d:cb:f1:64:11:
e2:e2:6a:2b:2a:d6:01:60:cd:cb:9d:63:33:6e:b8:
e9:0a:06:17:e2:d4:21:36:6c:e6:2c:99:fe:bb:d7:
27:5b:16:ec:40:fd:cc:82:40:58:da:95:e3:66:29:
b2:2b:e2:69:18:b0:23:3d:1d:8e:a2:b1:96:e3:91:
d0:f5:28:f6:4f:dd:e2:5a:8f:a1:c2:9a:d7:55:ef:
b1:90:0e:ec:61:e4:5c:5b:46:5a:82:33:0d:9f:9e:
1a:30:12:b5:ec:ec:13:3f:f1:19:97:de:4a:07:e2:
3d:cd:3c:6f:36:77:97:f2:e3:f1:60:b9:dd:51:bc:
30:48:34:96:17:d5:39:64:66:fa:5b:dd:a1:62:91:
dc:aa:2e:f9:d9:98:23:63:80:c5:47:3e:72:09:f4:
7c:fb:f1:8f:7b:2f:8f:42:e6:b0:8d:d1:39:81:ef:
73:31:57:7e:3b:d1:68:2f:c8:63:a5:1e:d8:dd:8b:
7b:22:93:58:27:79:b6:20:d5:d8:92:40:0d:7e:f7:
8d:0d:63:67:bc:5c:4b:c6:4a:c0:ce:8e:c0:cb:76:
cb:17:d4:ad:7e:8b:30:43:f6:62:ab:ba:dc:be:8d:
dd:8d:7a:84:3b:6c:eb:02:be:c9:b5:ba:f6:09:ad:
4a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:37:43:6B:66:B9:7C:F6:87:BB:94:58:CA:90:7C:99:D0:CF:7E:D8
X509v3 Authority Key Identifier:
keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/dDdDa2a5fPaHu5RYypB8mdDPftg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d3c0::/29
2a13:dec0::/29
2a14:1300::/29
2a14:1500::/29
Signature Algorithm: sha256WithRSAEncryption
39:f0:a6:c6:aa:c3:86:b8:b6:98:bc:0b:8c:7e:c3:5e:ff:f4:
6b:ff:42:80:73:a4:92:0e:33:ea:36:b6:33:5b:c8:0d:04:9b:
53:82:99:65:83:b9:4f:27:6e:3c:c4:3e:7b:c5:bd:e4:9e:14:
10:c8:22:40:47:99:ac:59:0c:75:d9:35:80:a1:dc:0b:74:51:
a0:b2:69:25:c7:ea:29:05:cf:44:83:f6:ee:cf:b5:bd:d0:26:
08:b7:52:4d:9e:7f:46:eb:a0:42:1b:ae:5a:ba:8c:44:0c:b2:
cc:28:a1:7c:64:a5:2d:94:03:92:bc:4e:a9:cc:3f:25:0c:b5:
dc:fb:e7:53:16:c2:2f:4f:05:28:90:f6:e8:78:dc:e5:b6:7d:
03:b2:e8:dc:55:84:06:bf:33:15:80:bf:0b:66:8a:e7:6e:57:
d7:98:95:44:5b:b0:0c:eb:61:0d:0a:44:33:6c:4f:76:1f:3d:
56:54:c2:1e:51:b4:05:95:0b:89:bd:c4:45:89:86:a1:a8:9e:
5c:1c:a6:92:a4:b0:48:df:91:a4:93:30:83:1a:58:c9:ce:c7:
b7:0f:22:6b:33:49:68:d9:e2:5a:1e:77:39:64:f6:b0:f8:0b:
98:fa:c1:b4:da:b2:76:ce:9e:0d:11:59:e2:f3:23:2a:5e:81:
56:f8:04:15
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY8QPfvg3PHFM/4ozPrLa6TMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm
YmUwOTkwHhcNMjQwNDI0MTMxNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDM3NDM2YjY2Yjk3Y2Y2ODdiYjk0NThjYTkwN2M5OWQwY2Y3ZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlzjbqWzDqrpTcvxZBHi4morKtYB
YM3LnWMzbrjpCgYX4tQhNmzmLJn+u9cnWxbsQP3MgkBY2pXjZimyK+JpGLAjPR2O
orGW45HQ9Sj2T93iWo+hwprXVe+xkA7sYeRcW0ZagjMNn54aMBK17OwTP/EZl95K
B+I9zTxvNneX8uPxYLndUbwwSDSWF9U5ZGb6W92hYpHcqi752ZgjY4DFRz5yCfR8
+/GPey+PQuawjdE5ge9zMVd+O9FoL8hjpR7Y3Yt7IpNYJ3m2INXYkkANfveNDWNn
vFxLxkrAzo7Ay3bLF9StfoswQ/Ziq7rcvo3djXqEO2zrAr7Jtbr2Ca1KdQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHQ3Q2tmuXz2h7uUWMqQfJnQz37YMB8GA1UdIwQY
MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt
M2FhMjIyN2JhZGZlLzEvZERkRGEyYTVmUGFIdTVSWXlwQjhtZERQZnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl
LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhPTwAMF
AyoT3sADBQMqFBMAAwUDKhQVADANBgkqhkiG9w0BAQsFAAOCAQEAOfCmxqrDhri2
mLwLjH7DXv/0a/9CgHOkkg4z6ja2M1vIDQSbU4KZZYO5TyduPMQ+e8W95J4UEMgi
QEeZrFkMddk1gKHcC3RRoLJpJcfqKQXPRIP27s+1vdAmCLdSTZ5/RuugQhuuWrqM
RAyyzCihfGSlLZQDkrxOqcw/JQy13PvnUxbCL08FKJD26Hjc5bZ9A7Lo3FWEBr8z
FYC/C2aK525X15iVRFuwDOthDQpEM2xPdh89VlTCHlG0BZULib3ERYmGoaieXBym
kqSwSN+RpJMwgxpYyc7Htw8iazNJaNniWh53OWT2sPgLmPrBtNqyds6eDRFZ4vMj
Kl6BVvgEFQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:13:44 2025 by rpki-client