Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/6ab93e-8563-4606-b19e-8c003c4a5456/1/lw3fUcf19kD1WQlWeWItzju6ii4.roa
File: lw3fUcf19kD1WQlWeWItzju6ii4.roa (raw, json)
Hash identifier: aVvT5nAqHRA9cKsoNQwgpE1zzdwhoV79z4Fon2kQhTI=
Subject key identifier: 97:0D:DF:51:C7:F5:F6:40:F5:59:09:56:79:62:2D:CE:3B:BA:8A:2E
Certificate issuer: /CN=2389341e10e6b021fa847f555e5603def85d2c2b
Certificate serial: 0193F2797011D9F4634234331D6963F3F646
Authority key identifier: 23:89:34:1E:10:E6:B0:21:FA:84:7F:55:5E:56:03:DE:F8:5D:2C:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I4k0HhDmsCH6hH9VXlYD3vhdLCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/6ab93e-8563-4606-b19e-8c003c4a5456/1/lw3fUcf19kD1WQlWeWItzju6ii4.roa
Signing time: Mon 23 Dec 2024 07:44:25 +0000
ROA not before: Mon 23 Dec 2024 07:44:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 2a13:ae00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 23 Dec 2024 10:41:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f2:79:70:11:d9:f4:63:42:34:33:1d:69:63:f3:f6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2389341e10e6b021fa847f555e5603def85d2c2b
Validity
Not Before: Dec 23 07:44:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=970ddf51c7f5f640f559095679622dce3bba8a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:24:1f:2a:5c:93:b0:de:cd:cc:cf:fa:bf:40:
d4:bf:7c:40:77:b3:46:86:f8:1f:e0:59:7a:96:b2:
d2:d1:e5:a4:b2:ef:30:b4:64:d6:70:d2:a2:52:78:
cb:6c:3d:59:e4:37:70:48:c0:e0:43:da:c5:49:51:
91:59:b9:3f:75:dc:ae:f6:2a:74:3a:0f:14:b9:45:
ad:09:60:ac:19:b8:aa:36:8f:5b:dd:24:1b:4a:34:
6a:ea:f6:27:48:df:9c:31:77:ef:a1:c3:fa:3f:b9:
13:ed:d5:d2:31:4b:3b:29:87:18:3d:a8:d9:ef:a8:
8f:a7:52:44:a3:19:15:26:a2:b6:ac:04:97:d7:b9:
0c:8a:3c:11:46:7b:fd:a9:4a:30:1a:5a:6a:5d:cd:
d6:c4:73:a7:51:1e:4e:2b:f3:c9:2a:a5:a3:c1:23:
a8:a7:bc:77:49:6c:09:c2:e1:0e:64:0b:a6:81:62:
9e:5c:dd:01:f8:a0:ce:45:3a:3d:24:d3:1f:aa:fd:
a2:ea:0e:c1:d1:dc:ca:87:f2:e4:9d:0b:bf:1c:b1:
c3:09:3a:a5:01:2a:31:34:1a:4d:03:cb:6b:11:e4:
6b:ac:77:79:da:fa:79:65:29:da:08:ff:8f:53:5d:
8f:0b:f5:97:89:f4:b5:62:f5:eb:e5:39:7a:87:2b:
2f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0D:DF:51:C7:F5:F6:40:F5:59:09:56:79:62:2D:CE:3B:BA:8A:2E
X509v3 Authority Key Identifier:
keyid:23:89:34:1E:10:E6:B0:21:FA:84:7F:55:5E:56:03:DE:F8:5D:2C:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I4k0HhDmsCH6hH9VXlYD3vhdLCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/6ab93e-8563-4606-b19e-8c003c4a5456/1/lw3fUcf19kD1WQlWeWItzju6ii4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/6ab93e-8563-4606-b19e-8c003c4a5456/1/I4k0HhDmsCH6hH9VXlYD3vhdLCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:ae00::/29
Signature Algorithm: sha256WithRSAEncryption
5a:68:0c:c3:39:c0:6a:6d:13:5c:e3:89:58:3b:72:68:f1:0c:
22:65:f9:00:0d:85:b7:70:f1:ee:bf:98:a7:6d:18:66:65:96:
98:ec:8a:15:db:da:ef:30:eb:f2:90:b8:bb:e7:84:54:1a:53:
7b:b7:50:14:f0:90:3d:ec:61:54:41:d0:55:ad:a2:b1:b3:dd:
02:66:17:ff:de:c2:67:55:12:6a:d6:ff:6f:9b:e8:bc:03:96:
c2:25:8c:31:1f:c1:ba:91:09:52:64:e9:2b:dd:a2:6b:9f:59:
df:6e:39:c2:9c:75:a1:59:d4:05:92:07:b6:98:b9:e1:27:21:
cb:5b:0c:36:95:ed:f3:8d:f8:fe:66:69:53:25:0c:a3:e8:92:
71:ed:93:cd:60:e0:c6:4d:bd:64:f8:cb:ff:24:7e:a2:25:95:
16:c7:2d:16:25:c9:26:b6:f4:58:55:8b:dd:42:4b:c1:6b:6f:
6e:75:1a:71:e2:9c:75:d0:6a:9c:44:c6:81:55:8d:11:fe:28:
d8:44:79:0e:58:f1:5f:46:98:1f:66:c5:16:61:18:33:0d:c3:
cf:8f:b6:bf:d6:51:8c:c6:fa:c9:d4:33:f5:62:cf:61:bc:c9:
cd:97:69:69:91:8e:42:77:5f:01:7c:44:a2:2e:47:54:3e:a6:
85:2f:ad:97
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPyeXAR2fRjQjQzHWlj8/ZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzODkzNDFlMTBlNmIwMjFmYTg0N2Y1NTVlNTYwM2RlZjg1
ZDJjMmIwHhcNMjQxMjIzMDc0NDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzBkZGY1MWM3ZjVmNjQwZjU1OTA5NTY3OTYyMmRjZTNiYmE4YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiQfKlyTsN7NzM/6v0DUv3xAd7NG
hvgf4Fl6lrLS0eWksu8wtGTWcNKiUnjLbD1Z5DdwSMDgQ9rFSVGRWbk/ddyu9ip0
Og8UuUWtCWCsGbiqNo9b3SQbSjRq6vYnSN+cMXfvocP6P7kT7dXSMUs7KYcYPajZ
76iPp1JEoxkVJqK2rASX17kMijwRRnv9qUowGlpqXc3WxHOnUR5OK/PJKqWjwSOo
p7x3SWwJwuEOZAumgWKeXN0B+KDORTo9JNMfqv2i6g7B0dzKh/LknQu/HLHDCTql
ASoxNBpNA8trEeRrrHd52vp5ZSnaCP+PU12PC/WXifS1YvXr5Tl6hysvUwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJcN31HH9fZA9VkJVnliLc47uoouMB8GA1UdIwQY
MBaAFCOJNB4Q5rAh+oR/VV5WA974XSwrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTRrMEhoRG1zQ0g2aEg5VlhsWUQzdmhkTENzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC82YWI5M2UtODU2My00NjA2LWIxOWUt
OGMwMDNjNGE1NDU2LzEvbHczZlVjZjE5a0QxV1FsV2VXSXR6anU2aWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC82YWI5M2UtODU2My00NjA2LWIxOWUtOGMwMDNjNGE1NDU2
LzEvSTRrMEhoRG1zQ0g2aEg5VlhsWUQzdmhkTENzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOuADAN
BgkqhkiG9w0BAQsFAAOCAQEAWmgMwznAam0TXOOJWDtyaPEMImX5AA2Ft3Dx7r+Y
p20YZmWWmOyKFdva7zDr8pC4u+eEVBpTe7dQFPCQPexhVEHQVa2isbPdAmYX/97C
Z1USatb/b5vovAOWwiWMMR/BupEJUmTpK92ia59Z3245wpx1oVnUBZIHtpi54Sch
y1sMNpXt8434/mZpUyUMo+iSce2TzWDgxk29ZPjL/yR+oiWVFsctFiXJJrb0WFWL
3UJLwWtvbnUaceKcddBqnETGgVWNEf4o2ER5DljxX0aYH2bFFmEYMw3Dz4+2v9ZR
jMb6ydQz9WLPYbzJzZdpaZGOQndfAXxEoi5HVD6mhS+tlw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:11:59 2025 by rpki-client