Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Dl7gRogCn0oblJs4fccezRIbKb0.roa
File: Dl7gRogCn0oblJs4fccezRIbKb0.roa (raw, json)
Hash identifier: NP7bBlWGFRXBzXfOO4uQv6WHB31Xy2VoeF8W+Or9B6A=
Subject key identifier: 0E:5E:E0:46:88:02:9F:4A:1B:94:9B:38:7D:C7:1E:CD:12:1B:29:BD
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019280A5A50DB287E87B94F2C1408B40CA04
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Dl7gRogCn0oblJs4fccezRIbKb0.roa
Signing time: Sat 12 Oct 2024 12:13:12 +0000
ROA not before: Sat 12 Oct 2024 12:13:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a10:4104::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:80:a5:a5:0d:b2:87:e8:7b:94:f2:c1:40:8b:40:ca:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Oct 12 12:13:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e5ee04688029f4a1b949b387dc71ecd121b29bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1f:6b:f5:14:64:cc:8a:23:33:db:dd:f1:9a:
ce:0a:5c:4e:87:7b:50:1d:a0:a6:44:c6:26:46:3d:
fb:86:b2:3f:c0:88:20:c9:9d:d4:ec:a3:e6:66:1f:
22:85:6e:ee:19:d3:d3:45:84:c4:c4:ed:7d:45:cf:
ca:67:ae:50:8a:aa:18:88:8d:14:79:70:6e:a6:ba:
84:49:58:c9:b2:b2:d6:d6:53:f6:5f:86:76:4a:75:
66:94:61:93:d7:c2:f6:de:2c:0d:f5:ef:9d:b2:51:
78:75:67:e0:88:3d:65:b8:c6:13:a1:6d:d3:98:59:
38:e1:1c:70:34:f5:d9:ed:d6:18:a7:c3:c5:de:61:
ea:3f:9a:a1:cd:d0:12:72:1b:27:83:c4:bf:e0:9e:
61:91:aa:c1:ca:dc:32:c9:be:28:28:b4:50:78:5b:
12:22:57:e3:65:04:24:76:46:2f:3b:f9:ae:e1:ca:
48:06:c4:db:ab:74:03:fb:4e:d6:46:d3:df:d5:1c:
a3:4e:15:66:8d:3c:f8:59:ce:85:08:de:d3:2a:20:
99:8c:dc:d1:c2:db:a4:34:32:dc:ab:16:ab:3c:03:
7f:f5:f2:c4:9e:31:be:aa:dc:4d:44:9a:a5:0b:38:
da:b7:98:c9:f7:57:11:cb:b2:6d:23:6d:7e:98:d0:
1e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:5E:E0:46:88:02:9F:4A:1B:94:9B:38:7D:C7:1E:CD:12:1B:29:BD
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Dl7gRogCn0oblJs4fccezRIbKb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4104::/32
Signature Algorithm: sha256WithRSAEncryption
0f:61:1b:b7:cd:f3:13:4e:52:d1:6c:da:78:6e:fe:4c:cc:b3:
5a:69:9b:d1:db:58:4a:72:36:17:9c:96:31:4f:ad:aa:6f:37:
cc:78:8f:69:26:e9:01:e7:96:0c:6e:7e:9e:2f:48:6f:0b:34:
d4:6e:41:6d:df:59:4b:10:3f:2e:0a:69:8e:c6:82:c1:e0:87:
d2:5e:2d:4d:76:5f:d7:b5:ef:71:7a:a4:99:d0:73:cd:c9:59:
f6:80:16:5d:66:a2:a4:c5:6b:63:c4:50:bc:fe:32:eb:3d:2b:
9d:a0:6e:4d:bf:17:8e:5a:02:c0:b3:62:c6:8f:ad:f1:a4:9c:
c1:0c:32:58:b5:6c:c4:ba:d7:83:83:54:2c:4b:23:f5:0c:3b:
c7:3e:fd:53:ce:67:39:91:b5:bf:63:76:8f:b3:f7:c0:e0:96:
b6:39:52:f1:04:64:ed:46:46:5f:41:04:f8:3b:be:1e:bd:27:
5f:2f:84:d9:8d:99:0f:f8:67:8c:49:86:7e:42:e0:1c:bf:23:
99:16:0a:c1:80:f4:42:c6:81:93:01:ec:39:f4:9b:c5:5c:a8:
75:6c:97:f5:47:5c:72:5a:6d:e1:bd:5c:4b:f5:18:e9:d6:55:
4a:20:b1:82:60:da:31:44:5f:1d:45:94:a4:a7:82:26:d6:f5:
a8:24:96:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZKApaUNsofoe5TywUCLQMoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMDEyMTIxMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTVlZTA0Njg4MDI5ZjRhMWI5NDliMzg3ZGM3MWVjZDEyMWIyOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx9r9RRkzIojM9vd8ZrOClxOh3tQ
HaCmRMYmRj37hrI/wIggyZ3U7KPmZh8ihW7uGdPTRYTExO19Rc/KZ65QiqoYiI0U
eXBuprqESVjJsrLW1lP2X4Z2SnVmlGGT18L23iwN9e+dslF4dWfgiD1luMYToW3T
mFk44RxwNPXZ7dYYp8PF3mHqP5qhzdASchsng8S/4J5hkarBytwyyb4oKLRQeFsS
IlfjZQQkdkYvO/mu4cpIBsTbq3QD+07WRtPf1RyjThVmjTz4Wc6FCN7TKiCZjNzR
wtukNDLcqxarPAN/9fLEnjG+qtxNRJqlCzjat5jJ91cRy7JtI21+mNAeXwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA5e4EaIAp9KG5SbOH3HHs0SGym9MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRGw3Z1JvZ0NuMG9ibEpzNGZjY2V6UkliS2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhBBBDAN
BgkqhkiG9w0BAQsFAAOCAQEAD2Ebt83zE05S0WzaeG7+TMyzWmmb0dtYSnI2F5yW
MU+tqm83zHiPaSbpAeeWDG5+ni9Ibws01G5Bbd9ZSxA/LgppjsaCweCH0l4tTXZf
17XvcXqkmdBzzclZ9oAWXWaipMVrY8RQvP4y6z0rnaBuTb8XjloCwLNixo+t8aSc
wQwyWLVsxLrXg4NULEsj9Qw7xz79U85nOZG1v2N2j7P3wOCWtjlS8QRk7UZGX0EE
+Du+Hr0nXy+E2Y2ZD/hnjEmGfkLgHL8jmRYKwYD0QsaBkwHsOfSbxVyodWyX9Udc
clpt4b1cS/UY6dZVSiCxgmDaMURfHUWUpKeCJtb1qCSW3A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:38 2025 by rpki-client