Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/JXcb4kjEwNpae3NwvDTKVdDIpgA.roa
File: JXcb4kjEwNpae3NwvDTKVdDIpgA.roa (raw, json)
Hash identifier: BYfmrl/yWxECRi0TeHrRa7Fzy4AruDSq5oUMez+NdQI=
Subject key identifier: 25:77:1B:E2:48:C4:C0:DA:5A:7B:73:70:BC:34:CA:55:D0:C8:A6:00
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 018C6CE79982C6BAB02504168C421843CC4E
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/JXcb4kjEwNpae3NwvDTKVdDIpgA.roa
Signing time: Fri 15 Dec 2023 09:56:06 +0000
ROA not before: Fri 15 Dec 2023 09:56:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201148
IP address blocks: 2a13:3f40::/29 maxlen: 29
2a13:3f40:1000::/48 maxlen: 48
2a13:3f40:1001::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:e7:99:82:c6:ba:b0:25:04:16:8c:42:18:43:cc:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Dec 15 09:56:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25771be248c4c0da5a7b7370bc34ca55d0c8a600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:5e:29:e0:8b:f2:4b:ed:d9:f4:b9:63:c6:d4:
f0:1d:9b:eb:d5:00:2f:ae:5e:fc:dc:39:64:51:b3:
9d:d9:32:e7:6e:b7:2b:7c:2d:5a:90:7c:f8:80:b5:
33:6f:96:11:94:73:bb:ab:aa:c6:98:2d:ed:56:b0:
a2:46:1b:3d:ec:6c:24:50:0b:1b:56:84:b3:2f:7a:
88:6e:e3:b3:83:13:ca:c2:f7:7f:c1:b2:d3:37:2e:
6f:0f:db:e2:3f:71:d5:34:8b:c8:ca:e1:bd:a1:11:
79:e1:18:24:f3:41:25:0a:29:6f:11:cf:ab:39:b2:
6a:62:e2:ea:7b:b5:ab:34:21:dd:e8:90:43:f1:e9:
be:6f:73:71:36:bf:d9:34:d1:87:76:3c:fa:b5:5f:
04:e9:99:8e:65:c0:34:8e:2c:79:4a:ec:0f:96:ee:
5a:77:9f:a1:5b:9c:64:da:f0:26:2a:ed:40:e0:bb:
f9:65:3a:5e:a2:3d:8f:98:8e:70:a9:2a:2c:37:c6:
88:e5:4c:ed:ee:9a:52:2e:b5:8e:c6:0d:1f:1a:49:
1d:4c:51:b6:04:f2:9a:cc:24:c9:e6:13:f9:ff:94:
77:09:50:13:90:5e:47:8e:92:44:b5:a4:73:7c:23:
17:dc:e3:81:8c:89:77:87:82:32:1c:14:33:2a:d6:
f7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:77:1B:E2:48:C4:C0:DA:5A:7B:73:70:BC:34:CA:55:D0:C8:A6:00
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/JXcb4kjEwNpae3NwvDTKVdDIpgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
75:4b:c1:2f:e9:29:30:ea:9d:1f:76:34:62:65:ae:89:7f:45:
ea:a6:9f:f0:cd:67:91:27:0c:35:93:45:7d:56:58:ba:98:ad:
23:b4:46:a1:06:83:ee:12:d0:d1:1f:88:93:21:e6:b1:6e:23:
b7:17:6f:de:ec:21:ea:fd:e6:3b:47:68:b6:e6:0f:a1:cc:9a:
21:b2:90:ec:09:fc:3c:cb:e0:04:58:09:c6:52:be:21:52:d4:
4a:ae:2c:db:d6:17:2b:9c:25:09:e9:99:c0:34:81:4d:81:3d:
1f:35:bc:e1:63:05:b1:53:99:6a:f4:1e:a1:22:3a:5b:a5:5f:
db:b0:7b:a7:2d:9c:f8:07:d3:f2:18:5a:20:a3:d6:76:b3:68:
6c:71:51:6d:c3:48:99:c2:a0:3c:f5:e1:ba:ab:4c:03:a0:8c:
47:84:8f:8d:f0:f7:68:96:31:fb:21:7a:66:8e:06:a0:31:36:
56:ee:13:52:6f:c2:c0:a0:b8:1a:30:31:24:38:7c:e7:ef:1b:
22:39:f0:95:84:11:2c:be:9a:6f:27:cf:c3:14:68:3e:fc:dc:
f9:50:4f:e6:16:90:a2:ae:50:51:32:e9:de:79:3a:52:d3:db:
a4:85:d7:b0:dc:73:8e:a9:d9:f1:03:c0:b7:7d:8a:ca:c6:fc:
c8:0f:5e:e1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYxs55mCxrqwJQQWjEIYQ8xOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjMxMjE1MDk1NjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTc3MWJlMjQ4YzRjMGRhNWE3YjczNzBiYzM0Y2E1NWQwYzhhNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyF4p4IvyS+3Z9LljxtTwHZvr1QAv
rl783DlkUbOd2TLnbrcrfC1akHz4gLUzb5YRlHO7q6rGmC3tVrCiRhs97GwkUAsb
VoSzL3qIbuOzgxPKwvd/wbLTNy5vD9viP3HVNIvIyuG9oRF54Rgk80ElCilvEc+r
ObJqYuLqe7WrNCHd6JBD8em+b3NxNr/ZNNGHdjz6tV8E6ZmOZcA0jix5SuwPlu5a
d5+hW5xk2vAmKu1A4Lv5ZTpeoj2PmI5wqSosN8aI5Uzt7ppSLrWOxg0fGkkdTFG2
BPKazCTJ5hP5/5R3CVATkF5HjpJEtaRzfCMX3OOBjIl3h4IyHBQzKtb3zQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCV3G+JIxMDaWntzcLw0ylXQyKYAMB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvSlhjYjRrakV3TnBhZTNOd3ZEVEtWZERJcGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhM/QDAN
BgkqhkiG9w0BAQsFAAOCAQEAdUvBL+kpMOqdH3Y0YmWuiX9F6qaf8M1nkScMNZNF
fVZYupitI7RGoQaD7hLQ0R+IkyHmsW4jtxdv3uwh6v3mO0dotuYPocyaIbKQ7An8
PMvgBFgJxlK+IVLUSq4s29YXK5wlCemZwDSBTYE9HzW84WMFsVOZavQeoSI6W6Vf
27B7py2c+AfT8hhaIKPWdrNobHFRbcNImcKgPPXhuqtMA6CMR4SPjfD3aJYx+yF6
Zo4GoDE2Vu4TUm/CwKC4GjAxJDh85+8bIjnwlYQRLL6abyfPwxRoPvzc+VBP5haQ
oq5QUTLp3nk6UtPbpIXXsNxzjqnZ8QPAt32Kysb8yA9e4Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:00 2024 by rpki-client on console-ams.rpki-client.org