Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/odCzUR7Rwb6S9nxACvBp61Rd1HU.roa
File: odCzUR7Rwb6S9nxACvBp61Rd1HU.roa (raw, json)
Hash identifier: dEaqD0u7Y46rpxieltyq3/pE+PkAbd4qSBnlNR3rOlQ=
Subject key identifier: A1:D0:B3:51:1E:D1:C1:BE:92:F6:7C:40:0A:F0:69:EB:54:5D:D4:75
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0193ACDE802B02C5DEC662FE290239ABCFC3
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/odCzUR7Rwb6S9nxACvBp61Rd1HU.roa
Signing time: Mon 09 Dec 2024 19:21:22 +0000
ROA not before: Mon 09 Dec 2024 19:21:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2a13:c240::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 25 Dec 2024 10:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:de:80:2b:02:c5:de:c6:62:fe:29:02:39:ab:cf:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Dec 9 19:21:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1d0b3511ed1c1be92f67c400af069eb545dd475
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6d:e8:b5:ca:cf:ab:51:ee:19:7c:3f:72:d1:
f8:ca:69:c5:06:3b:38:59:4c:2b:aa:03:97:bd:be:
a6:c8:09:27:8c:da:22:4c:5d:92:c6:d6:b5:a9:33:
1e:9e:0a:aa:36:49:cd:94:25:b3:1d:3e:17:38:40:
17:0f:c2:d0:68:90:1f:6c:d8:a0:a2:e3:46:2f:51:
c2:56:54:71:ff:cc:c2:9d:b6:2d:68:69:d1:f3:e4:
05:41:8f:25:d1:cd:35:7c:bb:cb:ba:b1:68:e4:6e:
85:8c:09:46:55:e8:31:52:0e:87:56:8c:34:c8:c3:
00:a1:a1:c6:78:5d:98:6e:9d:97:7c:bc:07:66:b6:
fa:13:99:b6:e5:c7:e2:af:4d:05:f8:55:98:b2:39:
00:87:c0:01:fa:b9:92:80:c4:67:ed:f5:e0:9c:2b:
b0:ce:39:4a:be:ee:1c:f5:ed:16:92:ad:aa:b3:02:
7a:8e:6c:6c:f9:19:56:90:0f:bf:02:67:98:2d:01:
14:ec:82:66:b4:c3:32:f7:24:15:eb:5e:9c:3b:30:
c0:14:d6:5d:25:96:c4:ce:40:9a:b5:f0:60:ae:95:
a7:62:82:b7:29:09:a1:01:8a:43:b0:12:50:a9:00:
3b:42:75:f4:19:6f:9a:f1:bc:f6:c5:a5:7d:36:c9:
4c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D0:B3:51:1E:D1:C1:BE:92:F6:7C:40:0A:F0:69:EB:54:5D:D4:75
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/odCzUR7Rwb6S9nxACvBp61Rd1HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c240::/29
Signature Algorithm: sha256WithRSAEncryption
c6:a6:d1:55:f6:8e:82:f4:4a:70:5e:62:e7:76:43:a2:fb:fa:
f4:5f:74:6d:1a:b2:e8:2e:46:7f:d7:c3:9c:47:56:4e:1c:1e:
7f:ad:12:76:35:9f:e3:0a:b2:fe:18:b4:87:ac:bd:f9:5a:96:
51:fd:4c:ab:d2:35:2c:29:df:a1:44:7b:ee:2d:55:bb:b2:33:
4c:63:cc:37:00:2e:88:bf:ca:e9:13:48:af:91:19:df:64:02:
54:e4:e0:42:19:ee:00:97:e1:63:3c:86:1f:4d:0e:06:91:14:
4e:6c:c4:bc:9f:c1:31:22:9c:a4:e0:eb:5d:03:e2:c1:a1:09:
0b:dc:c5:b8:38:86:d1:73:eb:74:0d:82:d3:26:d3:58:76:77:
38:67:ca:d7:20:b1:db:5a:c6:7c:9b:a1:04:1a:9d:11:a5:ef:
f3:d8:e5:37:93:26:e2:93:90:40:cb:80:ba:71:de:4b:41:a7:
0c:5d:a1:5a:c4:32:a5:73:0c:37:40:cc:71:52:2e:ae:61:9a:
0d:b0:7a:51:45:05:c5:92:87:74:a9:c1:41:7e:af:84:8b:07:
01:14:c8:28:ac:0b:18:09:ae:eb:7b:22:fa:2b:c7:0f:16:cb:
44:3b:a6:3e:80:38:97:01:05:d9:80:46:96:8b:3a:00:f5:52:
30:91:34:0e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZOs3oArAsXexmL+KQI5q8/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQxMjA5MTkyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQwYjM1MTFlZDFjMWJlOTJmNjdjNDAwYWYwNjllYjU0NWRkNDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5m3otcrPq1HuGXw/ctH4ymnFBjs4
WUwrqgOXvb6myAknjNoiTF2Sxta1qTMengqqNknNlCWzHT4XOEAXD8LQaJAfbNig
ouNGL1HCVlRx/8zCnbYtaGnR8+QFQY8l0c01fLvLurFo5G6FjAlGVegxUg6HVow0
yMMAoaHGeF2Ybp2XfLwHZrb6E5m25cfir00F+FWYsjkAh8AB+rmSgMRn7fXgnCuw
zjlKvu4c9e0Wkq2qswJ6jmxs+RlWkA+/AmeYLQEU7IJmtMMy9yQV616cOzDAFNZd
JZbEzkCatfBgrpWnYoK3KQmhAYpDsBJQqQA7QnX0GW+a8bz2xaV9NslMJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKHQs1Ee0cG+kvZ8QArwaetUXdR1MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvb2RDelVSN1J3YjZTOW54QUN2QnA2MVJkMUhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPCQDAN
BgkqhkiG9w0BAQsFAAOCAQEAxqbRVfaOgvRKcF5i53ZDovv69F90bRqy6C5Gf9fD
nEdWThwef60SdjWf4wqy/hi0h6y9+VqWUf1Mq9I1LCnfoUR77i1Vu7IzTGPMNwAu
iL/K6RNIr5EZ32QCVOTgQhnuAJfhYzyGH00OBpEUTmzEvJ/BMSKcpODrXQPiwaEJ
C9zFuDiG0XPrdA2C0ybTWHZ3OGfK1yCx21rGfJuhBBqdEaXv89jlN5Mm4pOQQMuA
unHeS0GnDF2hWsQypXMMN0DMcVIurmGaDbB6UUUFxZKHdKnBQX6vhIsHARTIKKwL
GAmu63si+ivHDxbLRDumPoA4lwEF2YBGlos6APVSMJE0Dg==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:40:32 2025 by rpki-client