Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/dfPalV_anGX3J7YlBX8ybdnhfDw.roa
File: dfPalV_anGX3J7YlBX8ybdnhfDw.roa (raw, json)
Hash identifier: IUOOxKu7NIQindq0ds08D0kkHK5I1b/RWZ4XwI5F4sY=
Subject key identifier: 75:F3:DA:95:5F:DA:9C:65:F7:27:B6:25:05:7F:32:6D:D9:E1:7C:3C
Certificate issuer: /CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Certificate serial: 019265E774E0478DC87423F6454EB08CC678
Authority key identifier: 9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/dfPalV_anGX3J7YlBX8ybdnhfDw.roa
Signing time: Mon 07 Oct 2024 07:35:20 +0000
ROA not before: Mon 07 Oct 2024 07:35:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34773
IP address blocks: 2a0a:1b80::/32 maxlen: 32
2a0a:1b81::/32 maxlen: 32
2a0a:1b82::/32 maxlen: 32
2a0a:1b83::/32 maxlen: 32
2a0a:1b84::/32 maxlen: 32
2a0a:1b85::/32 maxlen: 32
2a0a:1b86::/32 maxlen: 32
2a0a:1b87::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:65:e7:74:e0:47:8d:c8:74:23:f6:45:4e:b0:8c:c6:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1aed9913f8880af7557eef3ef02d6e0ff3fd49
Validity
Not Before: Oct 7 07:35:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75f3da955fda9c65f727b625057f326dd9e17c3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e5:5e:d3:e8:20:d0:90:87:9a:c1:d6:9d:4c:
b8:d5:23:9b:71:24:8f:6d:5e:e4:5b:cc:68:c5:cd:
0d:bd:66:5b:46:4e:61:12:3e:f7:00:75:ec:52:f4:
da:69:f4:00:a7:8a:f3:ca:ff:45:cf:9c:0c:ef:53:
7f:b9:ae:db:f6:e2:60:9d:d3:33:06:e1:f6:7b:b3:
ce:39:9e:cc:3f:ab:4d:29:e8:a6:52:0a:77:07:f0:
75:bf:1e:3a:c6:f9:ff:2b:9d:48:60:46:9f:21:dd:
1e:bd:e8:be:87:f2:e1:9e:d9:d1:71:4d:dc:6a:36:
b1:76:c9:f5:ee:78:4b:3a:53:68:fa:86:57:1e:33:
d8:18:b0:78:b9:c2:1f:d9:04:f9:31:03:7b:6b:6a:
a7:2e:2f:9a:79:6d:9d:51:12:73:03:3f:f0:5d:07:
e0:f3:8e:fd:4c:fa:ad:03:8a:87:9f:81:8e:a5:46:
b7:07:d1:82:9a:89:f2:60:82:2d:44:29:fe:ca:4f:
cd:af:9f:4c:42:f3:2e:0b:7e:ac:67:04:51:7c:d7:
40:c6:cf:6c:9a:a5:86:71:c6:d9:72:ac:e2:a2:27:
8b:1b:73:03:4f:43:32:e9:b6:5a:94:63:ee:e7:eb:
06:69:70:a6:ac:81:4e:dd:e7:5b:55:ea:88:00:a8:
8b:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F3:DA:95:5F:DA:9C:65:F7:27:B6:25:05:7F:32:6D:D9:E1:7C:3C
X509v3 Authority Key Identifier:
keyid:9C:1A:ED:99:13:F8:88:0A:F7:55:7E:EF:3E:F0:2D:6E:0F:F3:FD:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/dfPalV_anGX3J7YlBX8ybdnhfDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ff94f1-ba63-40d6-beca-5e624a3038cf/1/nBrtmRP4iAr3VX7vPvAtbg_z_Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
ac:86:40:ed:8f:4b:c4:55:fe:3a:32:21:18:7a:b2:96:47:b4:
ea:47:f6:5d:46:94:31:ca:76:10:34:5d:fd:1d:7f:75:42:e4:
e1:6c:56:17:20:04:9f:4c:d9:a0:f0:79:12:e6:46:c2:c4:67:
c8:f7:ee:fd:d7:76:53:d2:11:81:cc:dc:15:a9:01:35:12:d4:
15:08:c7:6e:2d:8e:0f:ae:bc:49:8e:a8:7d:7e:26:b1:4e:21:
c9:a8:f5:2a:18:f0:cb:0c:26:e5:95:a1:34:07:c8:fc:b1:a6:
d3:53:57:8c:63:c4:5d:e0:c7:62:a9:f5:93:0b:60:0f:06:53:
d1:2e:0f:e3:20:11:de:c7:41:5d:ff:94:8d:ea:7f:3e:02:3b:
b2:ea:55:7e:a8:76:2f:25:4a:4a:fe:d2:06:f0:04:86:46:ee:
04:85:75:cf:60:0e:52:14:e7:78:f9:71:8c:54:ae:41:52:f5:
2a:af:d2:0e:c2:43:ae:9c:a9:04:9f:0b:ca:48:71:e0:0c:a3:
c8:2d:e2:71:cf:8b:a8:b8:f8:86:0c:74:99:f5:ef:15:89:19:
ec:36:88:01:c6:a7:a9:c7:da:a8:7f:c2:e8:a7:ac:dc:86:30:
4d:8a:47:43:61:21:a1:15:83:c7:0e:65:7a:6a:61:71:6c:44:
53:b9:2f:4c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJl53TgR43IdCP2RU6wjMZ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMWFlZDk5MTNmODg4MGFmNzU1N2VlZjNlZjAyZDZlMGZm
M2ZkNDkwHhcNMjQxMDA3MDczNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWYzZGE5NTVmZGE5YzY1ZjcyN2I2MjUwNTdmMzI2ZGQ5ZTE3YzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OVe0+gg0JCHmsHWnUy41SObcSSP
bV7kW8xoxc0NvWZbRk5hEj73AHXsUvTaafQAp4rzyv9Fz5wM71N/ua7b9uJgndMz
BuH2e7POOZ7MP6tNKeimUgp3B/B1vx46xvn/K51IYEafId0evei+h/LhntnRcU3c
ajaxdsn17nhLOlNo+oZXHjPYGLB4ucIf2QT5MQN7a2qnLi+aeW2dURJzAz/wXQfg
8479TPqtA4qHn4GOpUa3B9GCmonyYIItRCn+yk/Nr59MQvMuC36sZwRRfNdAxs9s
mqWGccbZcqzioieLG3MDT0My6bZalGPu5+sGaXCmrIFO3edbVeqIAKiLOQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHXz2pVf2pxl9ye2JQV/Mm3Z4Xw8MB8GA1UdIwQY
MBaAFJwa7ZkT+IgK91V+7z7wLW4P8/1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2Et
NWU2MjRhMzAzOGNmLzEvZGZQYWxWX2FuR1gzSjdZbEJYOHliZG5oZkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mZjk0ZjEtYmE2My00MGQ2LWJlY2EtNWU2MjRhMzAzOGNm
LzEvbkJydG1SUDRpQXIzVlg3dlB2QXRiZ196X1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgobgDAN
BgkqhkiG9w0BAQsFAAOCAQEArIZA7Y9LxFX+OjIhGHqylke06kf2XUaUMcp2EDRd
/R1/dULk4WxWFyAEn0zZoPB5EuZGwsRnyPfu/dd2U9IRgczcFakBNRLUFQjHbi2O
D668SY6ofX4msU4hyaj1Khjwywwm5ZWhNAfI/LGm01NXjGPEXeDHYqn1kwtgDwZT
0S4P4yAR3sdBXf+Ujep/PgI7supVfqh2LyVKSv7SBvAEhkbuBIV1z2AOUhTnePlx
jFSuQVL1Kq/SDsJDrpypBJ8Lykhx4AyjyC3icc+LqLj4hgx0mfXvFYkZ7DaIAcan
qcfaqH/C6Kes3IYwTYpHQ2EhoRWDxw5lemphcWxEU7kvTA==
-----END CERTIFICATE-----
Generated at Mon May 12 12:43:32 2025 by rpki-client