Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/iXd5toBVtsOl3EHCQL8k9PaiVFA.roa
File: iXd5toBVtsOl3EHCQL8k9PaiVFA.roa (raw, json)
Hash identifier: VsV4O93IFYM4iuWmUBn+14FWXeZdVTvOEszhUcG6B1Y=
Subject key identifier: 89:77:79:B6:80:55:B6:C3:A5:DC:41:C2:40:BF:24:F4:F6:A2:54:50
Certificate issuer: /CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Certificate serial: 018CC801265DF50E521C8DB3EE0791C6C176
Authority key identifier: 30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/iXd5toBVtsOl3EHCQL8k9PaiVFA.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a13:141:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Sep 2024 17:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:26:5d:f5:0e:52:1c:8d:b3:ee:07:91:c6:c1:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30d58e40c6d91f3729e57e3344d308b5992fe46e
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=897779b68055b6c3a5dc41c240bf24f4f6a25450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b4:82:9d:0b:40:c2:d0:fe:0e:e4:79:92:56:
b6:13:db:64:b4:f4:c5:8d:82:74:7b:a9:e7:ff:c2:
d0:7b:77:75:8d:df:bf:23:fc:cf:74:79:be:2b:8a:
94:5e:a6:4b:8e:98:e6:f8:e3:70:5a:90:16:dd:7d:
3a:86:02:12:0a:5f:61:d7:2e:a0:e7:05:07:a4:b9:
7a:8c:28:12:08:59:7e:08:69:96:2a:ab:5e:eb:21:
02:37:b4:ee:c2:72:87:eb:da:78:47:c0:64:b2:b9:
c4:5c:99:c3:f1:c3:fe:fa:94:0e:55:88:a8:30:92:
a5:37:24:80:72:ec:fb:cc:97:95:f1:74:fa:58:25:
48:67:0f:6d:b9:e3:16:53:f9:96:22:a8:d0:97:fe:
c5:ba:00:d8:de:44:fe:d0:3a:e4:68:e9:bd:7f:7a:
9f:7a:cc:c5:00:99:d5:b9:e8:32:b5:2c:c3:0b:85:
54:62:7c:1d:08:db:83:42:60:98:2d:4b:75:00:fb:
cc:dc:a8:6f:2c:69:4a:75:f2:81:36:26:a9:34:93:
52:11:a4:3d:4b:64:f3:5b:1f:40:57:90:41:13:34:
6a:dd:69:a7:04:47:cc:2f:d4:58:92:b3:d8:88:70:
bd:8f:89:85:18:ec:52:99:d1:cb:68:d3:de:69:8a:
a7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:77:79:B6:80:55:B6:C3:A5:DC:41:C2:40:BF:24:F4:F6:A2:54:50
X509v3 Authority Key Identifier:
keyid:30:D5:8E:40:C6:D9:1F:37:29:E5:7E:33:44:D3:08:B5:99:2F:E4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MNWOQMbZHzcp5X4zRNMItZkv5G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/iXd5toBVtsOl3EHCQL8k9PaiVFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/625a30-3a6b-4661-840a-f82b70d8a0a7/1/MNWOQMbZHzcp5X4zRNMItZkv5G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:141:3::/48
Signature Algorithm: sha256WithRSAEncryption
5b:ea:af:e6:c8:6d:25:68:e9:a6:42:db:a6:93:d7:52:8e:70:
de:f3:0b:a7:7d:a0:d4:93:1c:35:93:db:f8:13:21:9c:7c:a0:
b7:0c:de:c2:ee:95:1c:a8:82:ea:e6:c0:47:44:4d:80:5f:c8:
6d:d0:9a:af:17:10:4d:a7:07:08:a9:e9:62:8f:81:6f:89:08:
f0:0e:c5:7c:27:4b:86:cd:66:b5:4a:78:3f:89:b3:65:4e:83:
5a:4a:3b:4d:98:54:57:95:55:88:8b:71:2e:20:1f:5d:88:37:
bd:2b:db:c6:52:4c:13:e5:54:3d:f1:77:c8:64:5f:40:70:aa:
75:b0:53:dd:c8:a0:a0:eb:38:42:03:14:e3:a6:38:e8:7e:54:
7b:61:81:f1:ff:6b:66:2f:dd:45:f2:8c:b0:d7:68:b9:d7:5b:
3a:70:c9:10:a0:16:1c:65:3d:79:e8:9d:db:1c:27:f6:d1:fa:
75:b7:d2:37:4b:ed:57:d7:ea:a5:86:85:af:96:03:43:82:d6:
8f:e8:71:75:78:f6:7d:c7:3e:71:9f:e7:2f:5f:78:3c:06:46:
df:c4:17:78:42:09:ba:f8:9b:23:9c:a6:55:f3:d3:33:d2:00:
84:c7:53:f7:18:d6:67:0f:27:5d:0b:4a:e1:5a:0e:50:4e:b0:
be:80:31:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIASZd9Q5SHI2z7geRxsF2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwZDU4ZTQwYzZkOTFmMzcyOWU1N2UzMzQ0ZDMwOGI1OTky
ZmU0NmUwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc3NzliNjgwNTViNmMzYTVkYzQxYzI0MGJmMjRmNGY2YTI1NDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrSCnQtAwtD+DuR5kla2E9tktPTF
jYJ0e6nn/8LQe3d1jd+/I/zPdHm+K4qUXqZLjpjm+ONwWpAW3X06hgISCl9h1y6g
5wUHpLl6jCgSCFl+CGmWKqte6yECN7TuwnKH69p4R8BksrnEXJnD8cP++pQOVYio
MJKlNySAcuz7zJeV8XT6WCVIZw9tueMWU/mWIqjQl/7FugDY3kT+0DrkaOm9f3qf
eszFAJnVuegytSzDC4VUYnwdCNuDQmCYLUt1APvM3KhvLGlKdfKBNiapNJNSEaQ9
S2TzWx9AV5BBEzRq3WmnBEfML9RYkrPYiHC9j4mFGOxSmdHLaNPeaYqneQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIl3ebaAVbbDpdxBwkC/JPT2olRQMB8GA1UdIwQY
MBaAFDDVjkDG2R83KeV+M0TTCLWZL+RuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEt
ZjgyYjcwZDhhMGE3LzEvaVhkNXRvQlZ0c09sM0VIQ1FMOGs5UGFpVkZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82MjVhMzAtM2E2Yi00NjYxLTg0MGEtZjgyYjcwZDhhMGE3
LzEvTU5XT1FNYlpIemNwNVg0elJOTUl0Wmt2NUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhMBQQAD
MA0GCSqGSIb3DQEBCwUAA4IBAQBb6q/myG0laOmmQtumk9dSjnDe8wunfaDUkxw1
k9v4EyGcfKC3DN7C7pUcqILq5sBHRE2AX8ht0JqvFxBNpwcIqelij4FviQjwDsV8
J0uGzWa1Sng/ibNlToNaSjtNmFRXlVWIi3EuIB9diDe9K9vGUkwT5VQ98XfIZF9A
cKp1sFPdyKCg6zhCAxTjpjjoflR7YYHx/2tmL91F8oyw12i511s6cMkQoBYcZT15
6J3bHCf20fp1t9I3S+1X1+qlhoWvlgNDgtaP6HF1ePZ9xz5xn+cvX3g8BkbfxBd4
Qgm6+JsjnKZV89Mz0gCEx1P3GNZnDyddC0rhWg5QTrC+gDEH
-----END CERTIFICATE-----
Generated at Wed Sep 4 19:21:40 2024 by rpki-client on console-fra.rpki-client.org