Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/vVNAIBrswZ8ThEyGZNZSM65sW04.roa
File: vVNAIBrswZ8ThEyGZNZSM65sW04.roa (raw, json)
Hash identifier: Df60/vAfVvVr5GDnXgdGbP4XUbYieWgifrbilFReiSk=
Subject key identifier: BD:53:40:20:1A:EC:C1:9F:13:84:4C:86:64:D6:52:33:AE:6C:5B:4E
Certificate issuer: /CN=a0a647dac729f47b06369c4c9741cf943953dc59
Certificate serial: 0190A5D9D2A2EE7DCFF4E5AAD6B33F712F09
Authority key identifier: A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/vVNAIBrswZ8ThEyGZNZSM65sW04.roa
Signing time: Fri 12 Jul 2024 07:30:34 +0000
ROA not before: Fri 12 Jul 2024 07:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214640
IP address blocks: 2a13:7c81::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 17 Oct 2024 12:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a5:d9:d2:a2:ee:7d:cf:f4:e5:aa:d6:b3:3f:71:2f:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a647dac729f47b06369c4c9741cf943953dc59
Validity
Not Before: Jul 12 07:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd5340201aecc19f13844c8664d65233ae6c5b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:38:e0:2a:e6:6a:6a:58:d1:e1:d4:9e:f8:1b:
13:9f:ef:19:9e:42:0c:3c:bd:ac:99:41:9a:9e:2b:
48:40:89:ee:7d:f6:55:ee:16:01:51:c5:b0:45:bd:
a6:b0:9d:53:8b:71:7a:ae:db:26:e1:ee:8f:10:6e:
45:ec:f6:86:26:f6:20:1f:9e:29:99:a3:35:c4:9d:
7b:72:79:db:9d:68:f0:fe:7f:7a:e6:55:5a:3d:ac:
06:00:c6:6d:3c:13:da:53:db:49:21:08:24:f1:21:
88:ed:ba:54:98:37:73:9b:3d:20:b5:55:e6:c9:70:
37:43:92:8d:67:61:36:ea:9e:6e:36:61:f8:92:30:
e1:89:e9:bd:ff:59:12:d1:c5:f1:cc:ca:51:95:b4:
a1:96:d3:a1:7a:aa:06:19:b1:8c:a3:c5:9b:ad:fa:
71:19:6d:88:3f:2f:14:37:52:a1:2f:7b:fc:6b:3c:
24:78:04:16:f9:b8:2c:ea:d4:3b:9c:bb:5f:ff:4f:
6b:ae:2d:8c:63:da:be:3a:2a:5e:7c:df:8c:bf:db:
eb:aa:17:1c:59:4d:c4:7b:a5:8e:61:31:3d:2e:81:
50:cb:16:5f:92:d3:21:dd:0a:7d:7f:41:02:7b:ba:
66:e0:f8:d5:28:2f:97:75:38:b7:41:9e:03:ab:b7:
d6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:53:40:20:1A:EC:C1:9F:13:84:4C:86:64:D6:52:33:AE:6C:5B:4E
X509v3 Authority Key Identifier:
keyid:A0:A6:47:DA:C7:29:F4:7B:06:36:9C:4C:97:41:CF:94:39:53:DC:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKZH2scp9HsGNpxMl0HPlDlT3Fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/vVNAIBrswZ8ThEyGZNZSM65sW04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ba1f88-707f-41bd-b9bd-fb6983ce9dff/1/oKZH2scp9HsGNpxMl0HPlDlT3Fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7c81::/32
Signature Algorithm: sha256WithRSAEncryption
6b:a8:c6:e4:90:1b:c2:f9:66:25:2f:94:77:e1:1e:44:84:99:
08:54:9c:ea:71:0f:f1:4c:7b:c3:bc:19:be:ed:13:78:d8:4c:
7f:ef:4b:67:a0:54:0d:8b:bb:ff:b3:7a:94:77:00:84:b5:f8:
2e:2c:f8:7b:a6:af:ce:d7:e1:41:fb:b5:62:c6:1e:dd:b8:78:
37:6c:f5:3a:6a:8a:da:d6:24:f8:60:cb:3d:09:60:10:d2:70:
63:4c:f7:ba:d9:c9:09:d3:b4:65:2c:bf:1b:6e:07:3a:e4:6d:
48:8f:97:98:bf:15:43:d3:de:07:d0:1f:67:57:02:72:79:94:
3b:95:13:51:92:25:d2:29:87:13:6f:96:07:e7:cb:16:29:10:
0b:35:8e:47:5d:65:55:20:18:ce:97:7a:07:36:77:de:12:f2:
f6:8c:0f:75:44:15:bd:8b:c7:19:d6:bb:f3:7e:95:75:62:7a:
92:b6:f8:ec:78:d0:8e:60:7d:28:0d:10:95:4e:41:c3:26:cd:
a2:9f:a7:b4:24:10:45:d6:08:c0:18:60:fe:9f:a0:56:b7:5e:
58:ec:8b:30:d8:68:80:92:d4:91:44:2c:86:69:a9:90:82:f9:
7a:28:db:8b:0b:8f:77:a4:b0:f0:bb:14:e9:c3:85:3f:95:51:
63:ef:d4:81
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZCl2dKi7n3P9OWq1rM/cS8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTY0N2RhYzcyOWY0N2IwNjM2OWM0Yzk3NDFjZjk0Mzk1
M2RjNTkwHhcNMjQwNzEyMDczMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDUzNDAyMDFhZWNjMTlmMTM4NDRjODY2NGQ2NTIzM2FlNmM1YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzjgKuZqaljR4dSe+BsTn+8ZnkIM
PL2smUGanitIQInuffZV7hYBUcWwRb2msJ1Ti3F6rtsm4e6PEG5F7PaGJvYgH54p
maM1xJ17cnnbnWjw/n965lVaPawGAMZtPBPaU9tJIQgk8SGI7bpUmDdzmz0gtVXm
yXA3Q5KNZ2E26p5uNmH4kjDhiem9/1kS0cXxzMpRlbShltOheqoGGbGMo8Wbrfpx
GW2IPy8UN1KhL3v8azwkeAQW+bgs6tQ7nLtf/09rri2MY9q+OipefN+Mv9vrqhcc
WU3Ee6WOYTE9LoFQyxZfktMh3Qp9f0ECe7pm4PjVKC+XdTi3QZ4Dq7fWVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL1TQCAa7MGfE4RMhmTWUjOubFtOMB8GA1UdIwQY
MBaAFKCmR9rHKfR7BjacTJdBz5Q5U9xZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQt
ZmI2OTgzY2U5ZGZmLzEvdlZOQUlCcnN3WjhUaEV5R1pOWlNNNjVzVzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iYTFmODgtNzA3Zi00MWJkLWI5YmQtZmI2OTgzY2U5ZGZm
LzEvb0taSDJzY3A5SHNHTnB4TWwwSFBsRGxUM0ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhN8gTAN
BgkqhkiG9w0BAQsFAAOCAQEAa6jG5JAbwvlmJS+Ud+EeRISZCFSc6nEP8Ux7w7wZ
vu0TeNhMf+9LZ6BUDYu7/7N6lHcAhLX4Liz4e6avztfhQfu1YsYe3bh4N2z1OmqK
2tYk+GDLPQlgENJwY0z3utnJCdO0ZSy/G24HOuRtSI+XmL8VQ9PeB9AfZ1cCcnmU
O5UTUZIl0imHE2+WB+fLFikQCzWOR11lVSAYzpd6BzZ33hLy9owPdUQVvYvHGda7
836VdWJ6krb47HjQjmB9KA0QlU5BwybNop+ntCQQRdYIwBhg/p+gVrdeWOyLMNho
gJLUkUQshmmpkIL5eijbiwuPd6Sw8LsU6cOFP5VRY+/UgQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:07:52 2025 by rpki-client