Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/D-dpgxzf5gL59Xhiq3vHxfYPd60.roa
File: D-dpgxzf5gL59Xhiq3vHxfYPd60.roa (raw, json)
Hash identifier: u8m+d7HBK6ZhWj61M4XgQmt01cgSNyDskYp7tZ8caHs=
Subject key identifier: 0F:E7:69:83:1C:DF:E6:02:F9:F5:78:62:AB:7B:C7:C5:F6:0F:77:AD
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0191B25F1AA56900424E4E2304DC2B1A672D
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/D-dpgxzf5gL59Xhiq3vHxfYPd60.roa
Signing time: Mon 02 Sep 2024 10:54:22 +0000
ROA not before: Mon 02 Sep 2024 10:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3175
IP address blocks: 2a04:a5c0::/29 maxlen: 29
2a0e:c380::/29 maxlen: 29
2a11:4b41::/32 maxlen: 32
2a11:4b43::/32 maxlen: 32
2a13:3c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 02 Sep 2024 10:57:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:5f:1a:a5:69:00:42:4e:4e:23:04:dc:2b:1a:67:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 2 10:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fe769831cdfe602f9f57862ab7bc7c5f60f77ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9c:33:3f:85:f2:85:55:f1:24:26:8e:47:fc:
e2:27:4c:c5:71:d1:02:ac:db:be:3b:dc:b2:fb:11:
d7:32:ec:d2:cd:e8:43:98:bb:52:43:dd:38:3e:1d:
9f:c5:c7:6e:f0:de:3e:38:4b:6d:d7:ca:2e:1e:34:
06:f2:ae:07:94:2f:cd:80:1a:9d:ef:08:a2:0d:02:
55:d4:cb:d0:07:30:58:15:59:6a:d8:68:c2:87:2a:
00:30:24:5c:f9:1a:c6:8d:0b:c9:ea:07:29:1b:80:
af:1e:ab:ba:9f:51:91:4a:63:21:2f:44:9b:f8:da:
46:f2:b1:36:3d:c9:b6:01:91:58:b7:99:6a:f6:c4:
b9:64:94:85:fb:c2:54:e6:f9:e4:c8:95:a3:b2:d1:
5d:4b:2a:16:ca:b3:67:d8:20:90:ee:d6:e8:9f:8e:
ba:2c:2e:4c:bf:e0:d5:ec:da:96:2a:ce:13:2c:23:
30:92:75:79:72:d7:08:34:6b:90:41:86:14:e6:b4:
6e:41:45:0e:53:14:50:ce:9e:8d:38:bc:ae:25:da:
07:2e:fb:87:f1:96:53:b8:44:58:62:69:50:a8:3e:
39:0c:81:46:6e:2a:c0:78:5e:e4:7f:99:58:c8:c9:
51:f7:64:9d:47:e8:b8:75:9e:b8:ea:94:b7:de:af:
d1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:E7:69:83:1C:DF:E6:02:F9:F5:78:62:AB:7B:C7:C5:F6:0F:77:AD
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/D-dpgxzf5gL59Xhiq3vHxfYPd60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:a5c0::/29
2a0e:c380::/29
2a11:4b41::/32
2a11:4b43::/32
2a13:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
17:80:57:43:2a:98:a4:18:c5:d3:95:cb:0d:79:40:2e:82:08:
b5:4a:be:e9:53:91:a9:02:26:b0:4a:05:18:e8:62:f2:a1:99:
c9:38:2c:81:56:ab:53:ac:37:be:01:95:fc:08:60:aa:ce:09:
42:fd:5d:a6:d2:3d:4a:b3:07:14:70:d4:ba:c7:e4:db:e5:71:
f2:3c:42:9b:84:90:0c:02:0b:af:ec:20:92:bc:71:91:5f:46:
00:46:26:97:11:e8:60:0b:05:09:fd:21:d1:57:1f:dc:72:b8:
d4:14:45:30:46:0e:b0:5b:bf:63:81:f1:2a:f9:73:be:ea:2c:
27:ac:6e:7f:63:08:7b:4f:e6:10:9f:55:6c:e4:1e:2d:a3:0a:
0c:31:74:41:41:a8:9f:9a:53:94:cb:e0:a1:3a:0e:22:f5:d7:
c4:74:9e:93:7e:75:7d:98:c0:aa:3d:27:51:70:eb:66:46:e7:
1b:aa:41:5a:81:24:3f:9f:b1:0e:c6:6d:4e:1e:00:9e:bd:3f:
0f:ae:a7:ce:f0:04:cd:05:67:bb:d0:fd:71:9b:05:e8:45:85:
ec:03:64:7e:7e:ab:72:18:7e:53:f3:09:70:ff:d5:48:36:89:
28:6d:2d:4c:5d:07:11:04:8f:38:11:75:6b:6b:0c:9f:f8:22:
ec:3d:38:bc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZGyXxqlaQBCTk4jBNwrGmctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwOTAyMTA1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmU3Njk4MzFjZGZlNjAyZjlmNTc4NjJhYjdiYzdjNWY2MGY3N2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJwzP4XyhVXxJCaOR/ziJ0zFcdEC
rNu+O9yy+xHXMuzSzehDmLtSQ904Ph2fxcdu8N4+OEtt18ouHjQG8q4HlC/NgBqd
7wiiDQJV1MvQBzBYFVlq2GjChyoAMCRc+RrGjQvJ6gcpG4CvHqu6n1GRSmMhL0Sb
+NpG8rE2Pcm2AZFYt5lq9sS5ZJSF+8JU5vnkyJWjstFdSyoWyrNn2CCQ7tbon466
LC5Mv+DV7NqWKs4TLCMwknV5ctcINGuQQYYU5rRuQUUOUxRQzp6NOLyuJdoHLvuH
8ZZTuERYYmlQqD45DIFGbirAeF7kf5lYyMlR92SdR+i4dZ646pS33q/RDQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFA/naYMc3+YC+fV4Yqt7x8X2D3etMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvRC1kcGd4emY1Z0w1OVhoaXEzdkh4ZllQZDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgSlwAMF
AyoOw4ADBQAqEUtBAwUAKhFLQwMFAyoTPIAwDQYJKoZIhvcNAQELBQADggEBABeA
V0MqmKQYxdOVyw15QC6CCLVKvulTkakCJrBKBRjoYvKhmck4LIFWq1OsN74BlfwI
YKrOCUL9XabSPUqzBxRw1LrH5NvlcfI8QpuEkAwCC6/sIJK8cZFfRgBGJpcR6GAL
BQn9IdFXH9xyuNQURTBGDrBbv2OB8Sr5c77qLCesbn9jCHtP5hCfVWzkHi2jCgwx
dEFBqJ+aU5TL4KE6DiL118R0npN+dX2YwKo9J1Fw62ZG5xuqQVqBJD+fsQ7GbU4e
AJ69Pw+up87wBM0FZ7vQ/XGbBehFhewDZH5+q3IYflPzCXD/1Ug2iShtLUxdBxEE
jzgRdWtrDJ/4Iuw9OLw=
-----END CERTIFICATE-----
Generated at Thu May 8 09:42:36 2025 by rpki-client