Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/Sr5DuFuoIl_QvDgzOXhVWBNJJFo.roa
File: Sr5DuFuoIl_QvDgzOXhVWBNJJFo.roa (raw, json)
Hash identifier: fvA6wrQc7iaukX3OW/R3GjJkZ9hSi2xYbPGSq6+UvKk=
Subject key identifier: 4A:BE:43:B8:5B:A8:22:5F:D0:BC:38:33:39:78:55:58:13:49:24:5A
Certificate issuer: /CN=dd010938d9ef72158fc98bd45de71b0b1a9ff729
Certificate serial: 018CC64B04F504948ACA85DCF0D385CB6147
Authority key identifier: DD:01:09:38:D9:EF:72:15:8F:C9:8B:D4:5D:E7:1B:0B:1A:9F:F7:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/Sr5DuFuoIl_QvDgzOXhVWBNJJFo.roa
Signing time: Mon 01 Jan 2024 18:30:54 +0000
ROA not before: Mon 01 Jan 2024 18:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a13:7c40:1::/48 maxlen: 48
2a13:7c40:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Feb 2024 12:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:04:f5:04:94:8a:ca:85:dc:f0:d3:85:cb:61:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd010938d9ef72158fc98bd45de71b0b1a9ff729
Validity
Not Before: Jan 1 18:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4abe43b85ba8225fd0bc3833397855581349245a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ea:d8:d2:77:87:3b:58:eb:5a:85:7d:33:fb:
31:2e:5e:62:f6:84:39:49:96:bc:33:88:e9:d5:85:
d8:35:a2:d5:70:f1:d2:03:54:0b:df:48:89:63:f4:
03:9c:8d:e5:54:ed:3f:12:e8:f8:09:ca:25:ab:26:
74:55:8b:70:8a:fa:41:5b:84:d6:bc:bf:a4:05:9f:
60:df:d6:67:d1:b3:18:43:24:c3:7e:1b:bf:ff:7e:
4c:88:09:09:85:fe:59:84:de:79:a3:6f:25:3a:4c:
b3:a1:2a:1d:3f:60:5c:13:4f:62:42:74:0e:0d:b0:
d7:5d:07:a0:87:b3:4f:43:4f:81:cd:d2:e0:88:9c:
c3:c5:d8:6e:9e:29:6e:50:d7:cc:99:18:0f:bf:77:
5b:02:3a:b2:1a:1e:d5:f6:6b:58:d0:30:9d:80:54:
96:78:55:aa:c1:8c:47:6d:26:48:dc:45:3b:cb:57:
ea:c7:6b:0a:11:75:22:cd:97:00:48:89:ee:dd:03:
95:3c:fe:4e:3b:f4:ac:11:fe:4b:8f:bf:c2:e0:d1:
22:ec:86:66:9f:b4:cf:0d:7f:6c:5b:78:30:72:9e:
b3:7b:ec:0c:0f:f9:1b:ad:14:da:2c:7f:38:87:d8:
6c:22:00:36:00:97:eb:b2:6c:2e:77:83:3f:52:93:
6d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:BE:43:B8:5B:A8:22:5F:D0:BC:38:33:39:78:55:58:13:49:24:5A
X509v3 Authority Key Identifier:
keyid:DD:01:09:38:D9:EF:72:15:8F:C9:8B:D4:5D:E7:1B:0B:1A:9F:F7:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QEJONnvchWPyYvUXecbCxqf9yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/Sr5DuFuoIl_QvDgzOXhVWBNJJFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c3f419-a596-46be-8aff-ceff546c933e/1/3QEJONnvchWPyYvUXecbCxqf9yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7c40:1::-2a13:7c40:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2f:d6:fe:ba:d2:11:ba:c3:a8:22:29:87:f1:2e:58:6e:af:de:
5e:96:d5:73:bc:2f:1c:c1:61:73:f9:3f:58:7a:09:16:51:3b:
ec:11:82:4f:da:d3:57:46:2e:96:b8:a9:31:0e:5e:d6:81:99:
1b:ae:1b:d7:e0:29:e6:cb:e8:1a:f8:61:6f:0c:81:be:47:12:
1b:04:d9:2b:2f:9c:91:8b:18:49:39:38:2b:b2:b7:b8:94:5f:
98:f0:bf:c2:8a:44:f9:37:7c:2a:21:41:47:50:13:58:00:bb:
26:7d:34:54:f4:fa:22:27:8e:2a:b7:88:f8:73:58:54:36:31:
85:94:62:2e:a8:82:07:ea:ba:26:f2:20:a7:7f:a7:b5:99:cc:
dc:58:40:7d:1e:1c:84:7e:96:18:04:e8:58:9d:f7:50:99:8c:
8a:bb:3e:c3:21:61:5c:0a:91:c3:a8:fb:19:87:c5:03:cc:8b:
c0:45:ee:95:0d:ae:99:a9:32:66:8b:12:44:53:91:40:a4:bf:
07:d9:65:0b:9e:b8:7e:99:ac:33:f1:66:ad:34:29:20:56:3c:
2b:16:a6:b0:13:22:6d:8e:1a:95:85:f0:55:2c:54:c0:57:3f:
33:9f:17:ef:ce:a3:13:08:8c:7e:42:da:15:70:40:70:67:bf:
d8:0a:78:65
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGSwT1BJSKyoXc8NOFy2FHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMDEwOTM4ZDllZjcyMTU4ZmM5OGJkNDVkZTcxYjBiMWE5
ZmY3MjkwHhcNMjQwMTAxMTgzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWJlNDNiODViYTgyMjVmZDBiYzM4MzMzOTc4NTU1ODEzNDkyNDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+rY0neHO1jrWoV9M/sxLl5i9oQ5
SZa8M4jp1YXYNaLVcPHSA1QL30iJY/QDnI3lVO0/Euj4CcolqyZ0VYtwivpBW4TW
vL+kBZ9g39Zn0bMYQyTDfhu//35MiAkJhf5ZhN55o28lOkyzoSodP2BcE09iQnQO
DbDXXQegh7NPQ0+BzdLgiJzDxdhuniluUNfMmRgPv3dbAjqyGh7V9mtY0DCdgFSW
eFWqwYxHbSZI3EU7y1fqx2sKEXUizZcASInu3QOVPP5OO/SsEf5Lj7/C4NEi7IZm
n7TPDX9sW3gwcp6ze+wMD/kbrRTaLH84h9hsIgA2AJfrsmwud4M/UpNtAwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEq+Q7hbqCJf0Lw4Mzl4VVgTSSRaMB8GA1UdIwQY
MBaAFN0BCTjZ73IVj8mL1F3nGwsan/cpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1FFSk9ObnZjaFdQeVl2VVhlY2JDeHFmOXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jM2Y0MTktYTU5Ni00NmJlLThhZmYt
Y2VmZjU0NmM5MzNlLzEvU3I1RHVGdW9JbF9RdkRnek9YaFZXQk5KSkZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jM2Y0MTktYTU5Ni00NmJlLThhZmYtY2VmZjU0NmM5MzNl
LzEvM1FFSk9ObnZjaFdQeVl2VVhlY2JDeHFmOXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAqE3xA
AAEDBwAqE3xAAAIwDQYJKoZIhvcNAQELBQADggEBAC/W/rrSEbrDqCIph/EuWG6v
3l6W1XO8LxzBYXP5P1h6CRZRO+wRgk/a01dGLpa4qTEOXtaBmRuuG9fgKebL6Br4
YW8Mgb5HEhsE2SsvnJGLGEk5OCuyt7iUX5jwv8KKRPk3fCohQUdQE1gAuyZ9NFT0
+iInjiq3iPhzWFQ2MYWUYi6oggfquibyIKd/p7WZzNxYQH0eHIR+lhgE6Fid91CZ
jIq7PsMhYVwKkcOo+xmHxQPMi8BF7pUNrpmpMmaLEkRTkUCkvwfZZQueuH6ZrDPx
Zq00KSBWPCsWprATIm2OGpWF8FUsVMBXPzOfF+/OoxMIjH5C2hVwQHBnv9gKeGU=
-----END CERTIFICATE-----
Generated at Fri Feb 23 16:25:33 2024 by rpki-client on console-fra.rpki-client.org