Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/nHPMIjybHCXbz3qGFOdFLm9pOEw.roa
File: nHPMIjybHCXbz3qGFOdFLm9pOEw.roa (raw, json)
Hash identifier: zJp1BxiO2cPkfcErZ9VW3UoAn20q6SDFdA2XHqdJWxc=
Subject key identifier: 9C:73:CC:22:3C:9B:1C:25:DB:CF:7A:86:14:E7:45:2E:6F:69:38:4C
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 01915F9938E1C120C53796F9DD8A01CCCB79
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/nHPMIjybHCXbz3qGFOdFLm9pOEw.roa
Signing time: Sat 17 Aug 2024 09:09:22 +0000
ROA not before: Sat 17 Aug 2024 09:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214773
IP address blocks: 2a13:b4c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 20 Aug 2024 17:25:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5f:99:38:e1:c1:20:c5:37:96:f9:dd:8a:01:cc:cb:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Aug 17 09:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c73cc223c9b1c25dbcf7a8614e7452e6f69384c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a8:c0:67:1f:6d:3f:89:58:48:81:a0:5b:07:
5a:97:0e:ef:60:68:3f:1c:ed:52:68:b7:53:dd:6b:
84:1e:cb:ce:56:85:1a:8d:d1:97:2d:96:e1:8a:8c:
c7:34:ad:b0:5a:20:83:ad:b0:dc:55:a7:e1:1c:dd:
f2:86:b9:9b:68:c9:36:ac:63:36:4f:4e:c0:22:33:
a6:d2:26:90:a9:48:73:2f:9b:5e:88:f0:d7:c9:5a:
af:7d:f8:fa:c1:c3:31:cb:92:c4:aa:82:50:b6:85:
a5:a3:d7:e9:65:20:28:f0:8a:02:8b:6d:cf:81:fd:
8b:b2:1a:f0:eb:c5:1e:8b:da:b1:0e:0d:bb:84:61:
8a:15:7a:7e:69:8e:67:6a:b8:2d:79:8d:f7:c4:c5:
c9:1f:35:09:5a:c1:30:5d:43:f8:7d:ee:7c:f6:1a:
51:c4:c1:04:36:f8:ee:7f:54:56:85:d4:b2:3e:01:
72:d2:72:a6:71:94:19:de:c1:92:f3:10:71:7e:58:
fe:5f:1b:f0:3d:82:f2:54:32:19:19:5a:64:4f:35:
70:2d:26:69:cf:2d:7b:1f:c0:e6:e1:e7:33:52:15:
54:89:d8:37:80:35:cd:3f:97:50:d3:5d:56:04:a5:
b8:90:8b:d9:c0:43:a1:b2:d1:3c:d2:5e:49:da:e8:
30:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:73:CC:22:3C:9B:1C:25:DB:CF:7A:86:14:E7:45:2E:6F:69:38:4C
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/nHPMIjybHCXbz3qGFOdFLm9pOEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:b4c0::/29
Signature Algorithm: sha256WithRSAEncryption
df:cf:5d:96:66:b8:ef:d0:58:8f:a6:c4:c3:96:69:4f:4d:bb:
f0:89:93:4e:36:ee:21:de:56:c8:7b:b7:a4:77:9d:98:38:bc:
88:9e:ac:c7:ec:5b:25:1b:6e:71:a2:18:28:0e:bc:e8:26:a5:
92:6a:cf:75:a8:b9:35:6b:69:4f:74:a5:95:ff:a7:98:4c:17:
6f:b1:a1:e9:06:c6:71:6f:55:7c:07:c0:97:78:39:38:2e:d2:
74:8d:5e:0c:ff:15:54:d1:1e:da:a0:12:a5:c1:2f:53:80:95:
76:83:12:67:83:29:99:0e:6e:de:ae:35:73:d0:a5:d9:06:37:
08:06:ac:a7:17:7f:a9:1a:6f:61:18:72:ed:db:a2:a7:2a:42:
f5:02:92:1b:cf:5f:8f:2b:54:de:eb:c6:e2:f5:94:af:6e:fd:
31:cf:0b:d9:1e:08:a1:15:76:a5:3e:9c:28:f4:c2:74:aa:c6:
95:84:9a:9c:17:7d:46:cf:4e:16:a4:9b:a4:05:37:86:66:dd:
c8:20:ab:7b:e9:49:9d:73:3c:9c:9c:91:e9:a7:a2:16:c9:6b:
c4:0f:13:d1:8b:3a:88:24:ee:af:7a:27:ff:a8:59:9e:ab:b6:
60:fc:02:a5:18:10:83:80:4b:2a:26:df:c5:4d:80:f3:55:e6:
7c:80:cd:b2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZFfmTjhwSDFN5b53YoBzMt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwODE3MDkwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzczY2MyMjNjOWIxYzI1ZGJjZjdhODYxNGU3NDUyZTZmNjkzODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqajAZx9tP4lYSIGgWwdalw7vYGg/
HO1SaLdT3WuEHsvOVoUajdGXLZbhiozHNK2wWiCDrbDcVafhHN3yhrmbaMk2rGM2
T07AIjOm0iaQqUhzL5teiPDXyVqvffj6wcMxy5LEqoJQtoWlo9fpZSAo8IoCi23P
gf2Lshrw68Uei9qxDg27hGGKFXp+aY5nargteY33xMXJHzUJWsEwXUP4fe589hpR
xMEENvjuf1RWhdSyPgFy0nKmcZQZ3sGS8xBxflj+XxvwPYLyVDIZGVpkTzVwLSZp
zy17H8Dm4eczUhVUidg3gDXNP5dQ011WBKW4kIvZwEOhstE80l5J2ugwDQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJxzzCI8mxwl2896hhTnRS5vaThMMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbkhQTUlqeWJIQ1hiejNxR0ZPZEZMbTlwT0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhO0wDAN
BgkqhkiG9w0BAQsFAAOCAQEA389dlma479BYj6bEw5ZpT0278ImTTjbuId5WyHu3
pHedmDi8iJ6sx+xbJRtucaIYKA686CalkmrPdai5NWtpT3Sllf+nmEwXb7Gh6QbG
cW9VfAfAl3g5OC7SdI1eDP8VVNEe2qASpcEvU4CVdoMSZ4MpmQ5u3q41c9Cl2QY3
CAaspxd/qRpvYRhy7duipypC9QKSG89fjytU3uvG4vWUr279Mc8L2R4IoRV2pT6c
KPTCdKrGlYSanBd9Rs9OFqSbpAU3hmbdyCCre+lJnXM8nJyR6aeiFslrxA8T0Ys6
iCTur3on/6hZnqu2YPwCpRgQg4BLKibfxU2A81XmfIDNsg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:34 2025 by rpki-client