Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/25iSydrBaEaeMDgjLE1h-L9-7ts.roa
File: 25iSydrBaEaeMDgjLE1h-L9-7ts.roa (raw, json)
Hash identifier: daT8FlymDtmcAlAbBVeLkKrrriQYaAJbu9j4wh+/Kcc=
Subject key identifier: DB:98:92:C9:DA:C1:68:46:9E:30:38:23:2C:4D:61:F8:BF:7E:EE:DB
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018E80AADDA4B05AC411FB1F6AA8C8367179
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/25iSydrBaEaeMDgjLE1h-L9-7ts.roa
Signing time: Wed 27 Mar 2024 16:07:45 +0000
ROA not before: Wed 27 Mar 2024 16:07:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a13:9200::/29 maxlen: 29
2a13:b100::/29 maxlen: 29
2a13:b500::/29 maxlen: 29
2a13:b900::/29 maxlen: 29
2a13:e200::/29 maxlen: 29
2a13:e400::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 30 Mar 2024 14:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:80:aa:dd:a4:b0:5a:c4:11:fb:1f:6a:a8:c8:36:71:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Mar 27 16:07:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db9892c9dac168469e3038232c4d61f8bf7eeedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:03:6c:68:bf:fd:40:23:04:e0:ea:79:2c:5a:
82:3c:f4:c2:55:81:ff:7c:de:3f:1f:c3:0c:4f:18:
29:ef:f8:47:7c:92:2f:d4:a1:bc:94:01:21:d2:48:
0b:f4:d3:51:9e:fe:f1:66:65:7e:d0:7d:20:6e:5f:
d5:fa:1e:60:08:03:99:e0:7d:d2:fe:41:2c:d9:6b:
ee:c1:03:52:fd:b4:89:c4:18:f2:4d:52:93:a8:73:
22:49:60:19:29:28:18:c1:5d:f5:f9:fc:ee:65:e6:
e8:1f:2f:c5:4b:a0:f3:f2:2b:b9:e1:05:e1:e8:02:
32:60:13:15:bf:6e:99:11:15:53:45:37:29:f9:df:
4f:98:54:b1:2a:69:1d:f7:df:e1:69:78:7c:4a:4b:
81:a8:73:10:f9:76:a5:70:65:af:45:f9:63:fb:6b:
75:40:84:ad:58:20:91:1b:d4:78:f3:19:9e:ae:4c:
bc:dc:bf:18:df:c0:05:ed:4a:ce:a1:9a:f1:cd:3a:
fd:cd:6b:fe:6d:29:59:87:32:a0:34:a5:d7:0b:76:
33:f2:5f:f2:9e:1b:e7:f1:a8:67:cd:b3:b4:4f:c7:
9b:44:ca:0b:5b:8c:21:fa:c4:37:2d:dd:12:35:5d:
d3:54:fa:a0:49:99:97:f4:70:f1:10:26:56:41:a7:
a4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:98:92:C9:DA:C1:68:46:9E:30:38:23:2C:4D:61:F8:BF:7E:EE:DB
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/25iSydrBaEaeMDgjLE1h-L9-7ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9200::/29
2a13:b100::/29
2a13:b500::/29
2a13:b900::/29
2a13:e200::/29
2a13:e400::/29
Signature Algorithm: sha256WithRSAEncryption
20:4b:78:d1:a4:4e:7a:b3:22:e7:4a:81:0e:b3:ab:30:d3:1a:
71:7d:55:38:e5:00:7f:14:0c:e4:f4:a7:d1:8a:69:3e:86:66:
2f:2b:79:c4:5a:58:6f:15:d8:ae:7d:b4:3a:1a:58:2e:a0:4d:
4b:1a:b1:d6:02:09:00:25:9d:13:04:b8:7e:2a:05:63:66:6e:
63:64:5d:87:91:0b:f1:62:ba:6b:2a:51:57:53:ac:07:0d:d0:
78:f3:61:46:77:7c:b3:67:b5:89:a4:51:74:f9:d7:d0:21:dd:
93:19:60:7f:85:ed:5b:73:e7:67:61:ba:f4:19:aa:07:d4:8d:
ac:91:52:25:7a:d7:a7:01:76:61:66:71:38:3d:a8:f1:53:67:
07:1a:22:7e:f3:dc:ec:c8:59:c5:37:02:36:72:a1:be:c4:14:
31:dd:5b:f5:96:5b:e6:e2:c6:1e:79:2e:39:41:45:73:dc:97:
c0:ea:da:54:7d:51:ac:d3:64:24:09:84:78:47:b0:eb:ce:a4:
12:e2:80:ff:8b:9a:ad:fa:8d:cf:51:3a:08:5a:0e:8f:0e:5b:
e5:ad:3e:a4:9c:1d:f1:b8:d5:c1:63:2a:9c:36:6f:f0:09:7c:
36:33:de:30:c8:5b:03:ec:47:58:4e:d6:a1:34:60:79:c2:98:
54:9b:a7:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY6Aqt2ksFrEEfsfaqjINnF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMzI3MTYwNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjk4OTJjOWRhYzE2ODQ2OWUzMDM4MjMyYzRkNjFmOGJmN2VlZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8QNsaL/9QCME4Op5LFqCPPTCVYH/
fN4/H8MMTxgp7/hHfJIv1KG8lAEh0kgL9NNRnv7xZmV+0H0gbl/V+h5gCAOZ4H3S
/kEs2WvuwQNS/bSJxBjyTVKTqHMiSWAZKSgYwV31+fzuZeboHy/FS6Dz8iu54QXh
6AIyYBMVv26ZERVTRTcp+d9PmFSxKmkd99/haXh8SkuBqHMQ+XalcGWvRflj+2t1
QIStWCCRG9R48xmerky83L8Y38AF7UrOoZrxzTr9zWv+bSlZhzKgNKXXC3Yz8l/y
nhvn8ahnzbO0T8ebRMoLW4wh+sQ3Ld0SNV3TVPqgSZmX9HDxECZWQaekqQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNuYksnawWhGnjA4IyxNYfi/fu7bMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvMjVpU3lkckJhRWFlTURnakxFMWgtTDktN3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhOSAAMF
AyoTsQADBQMqE7UAAwUDKhO5AAMFAyoT4gADBQMqE+QAMA0GCSqGSIb3DQEBCwUA
A4IBAQAgS3jRpE56syLnSoEOs6sw0xpxfVU45QB/FAzk9KfRimk+hmYvK3nEWlhv
FdiufbQ6GlguoE1LGrHWAgkAJZ0TBLh+KgVjZm5jZF2HkQvxYrprKlFXU6wHDdB4
82FGd3yzZ7WJpFF0+dfQId2TGWB/he1bc+dnYbr0GaoH1I2skVIletenAXZhZnE4
PajxU2cHGiJ+89zsyFnFNwI2cqG+xBQx3Vv1llvm4sYeeS45QUVz3JfA6tpUfVGs
02QkCYR4R7DrzqQS4oD/i5qt+o3PUToIWg6PDlvlrT6knB3xuNXBYyqcNm/wCXw2
M94wyFsD7EdYTtahNGB5wphUm6d4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:58 2024 by rpki-client on console-ams.rpki-client.org