Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/AMBQ2w48sSzRbfj-WBieUHj_7xs.roa
File: AMBQ2w48sSzRbfj-WBieUHj_7xs.roa (raw, json)
Hash identifier: DBP4e1I/rvjgCy0gn0/JSLRn1QbOP24LAKlizqEMddI=
Subject key identifier: 00:C0:50:DB:0E:3C:B1:2C:D1:6D:F8:FE:58:18:9E:50:78:FF:EF:1B
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 0193D552053659D4D807C3B98C7E82094625
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/AMBQ2w48sSzRbfj-WBieUHj_7xs.roa
Signing time: Tue 17 Dec 2024 15:52:22 +0000
ROA not before: Tue 17 Dec 2024 15:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213750
IP address blocks: 2a13:a5c7:2700::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d5:52:05:36:59:d4:d8:07:c3:b9:8c:7e:82:09:46:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Dec 17 15:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00c050db0e3cb12cd16df8fe58189e5078ffef1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9d:6d:78:c3:50:8d:93:72:a6:c1:b2:cf:07:
10:bf:49:f2:81:dc:7c:b5:e8:7a:b5:a6:c4:3b:47:
31:de:b5:53:56:80:5a:bc:3f:e5:83:14:d3:cb:c4:
f9:c2:f7:53:dd:7f:10:96:fc:55:7e:b7:bb:bc:ef:
08:d8:f9:61:6c:80:d0:9c:da:f1:b8:40:b4:14:6e:
04:6a:f8:86:cc:8e:ab:46:3e:55:a3:c1:de:58:6a:
14:f2:15:64:f8:53:d5:7f:18:23:b4:c1:5a:55:4a:
1d:78:4b:cb:7a:45:f4:06:5d:9d:b8:75:45:be:c3:
23:47:2f:6d:e2:8b:06:01:4c:96:ec:c9:8e:b4:65:
b7:e7:75:96:81:67:4e:75:7c:28:52:dd:62:ba:93:
62:01:93:95:92:6a:c6:ea:09:01:24:59:60:e4:98:
b4:e8:08:27:dc:e6:a9:8a:86:a4:c6:bd:12:2e:27:
43:7b:af:e5:81:16:0d:5c:21:e5:c3:f8:04:b9:b8:
94:1c:35:e9:0e:c0:20:ae:62:a3:ab:f2:81:c8:ec:
b8:62:26:d2:e6:f8:fe:f5:1d:d0:3c:1c:2f:f2:73:
92:91:00:a7:4d:c2:d3:f8:ab:47:ea:87:07:b0:88:
6b:09:aa:69:6c:2f:c8:2f:95:5b:8e:7a:20:f0:4b:
62:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C0:50:DB:0E:3C:B1:2C:D1:6D:F8:FE:58:18:9E:50:78:FF:EF:1B
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/AMBQ2w48sSzRbfj-WBieUHj_7xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c7:2700::/40
Signature Algorithm: sha256WithRSAEncryption
4e:e0:6c:ee:67:58:9d:5a:9a:db:0d:3f:a1:c3:f8:ea:71:2f:
65:45:bd:73:21:08:e0:70:28:87:81:be:4d:0b:22:b0:43:55:
cc:56:46:d9:c2:48:34:8f:52:48:a8:9a:d2:8b:31:bd:5e:db:
84:20:ab:49:f3:b9:4d:0d:bc:f8:58:45:4e:97:16:d9:9c:11:
ee:20:67:b1:39:a9:74:f5:0b:6e:5a:ee:17:4a:5a:75:c6:e6:
1b:a4:88:8a:67:2c:17:22:cd:a7:9d:e1:0e:72:48:72:c1:6a:
a5:0e:8d:0b:b6:74:97:23:bd:6f:12:87:fc:94:a7:37:00:92:
55:d2:3a:dc:d5:ca:b4:3f:cf:77:75:db:35:e8:5f:52:8d:68:
e3:ae:b9:4e:28:35:15:5d:9e:4f:15:0a:14:84:4b:4b:55:90:
f8:f5:93:15:2d:bf:29:e2:92:b1:78:28:3d:bf:5d:a2:65:ff:
de:fd:1a:e8:a1:a7:79:ee:2b:ff:ea:55:f3:f7:4f:cd:b9:f8:
1f:b2:80:80:52:66:00:5a:a8:ac:60:fd:31:24:07:cc:40:7f:
ee:87:ae:18:84:fb:06:62:e9:fc:7a:5b:6d:a4:73:ea:d2:0f:
c1:4d:55:26:49:ee:93:3f:57:a0:11:57:d5:2a:24:5e:e4:08:
30:f8:24:a4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZPVUgU2WdTYB8O5jH6CCUYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjQxMjE3MTU1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGMwNTBkYjBlM2NiMTJjZDE2ZGY4ZmU1ODE4OWU1MDc4ZmZlZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1p1teMNQjZNypsGyzwcQv0nygdx8
teh6tabEO0cx3rVTVoBavD/lgxTTy8T5wvdT3X8QlvxVfre7vO8I2PlhbIDQnNrx
uEC0FG4EaviGzI6rRj5Vo8HeWGoU8hVk+FPVfxgjtMFaVUodeEvLekX0Bl2duHVF
vsMjRy9t4osGAUyW7MmOtGW353WWgWdOdXwoUt1iupNiAZOVkmrG6gkBJFlg5Ji0
6Agn3Oapioakxr0SLidDe6/lgRYNXCHlw/gEubiUHDXpDsAgrmKjq/KByOy4YibS
5vj+9R3QPBwv8nOSkQCnTcLT+KtH6ocHsIhrCappbC/IL5Vbjnog8EtiNQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFADAUNsOPLEs0W34/lgYnlB4/+8bMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvQU1CUTJ3NDhzU3pSYmZqLVdCaWVVSGpfN3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlxycw
DQYJKoZIhvcNAQELBQADggEBAE7gbO5nWJ1amtsNP6HD+OpxL2VFvXMhCOBwKIeB
vk0LIrBDVcxWRtnCSDSPUkiomtKLMb1e24Qgq0nzuU0NvPhYRU6XFtmcEe4gZ7E5
qXT1C25a7hdKWnXG5hukiIpnLBcizaed4Q5ySHLBaqUOjQu2dJcjvW8Sh/yUpzcA
klXSOtzVyrQ/z3d12zXoX1KNaOOuuU4oNRVdnk8VChSES0tVkPj1kxUtvynikrF4
KD2/XaJl/979Guihp3nuK//qVfP3T825+B+ygIBSZgBaqKxg/TEkB8xAf+6HrhiE
+wZi6fx6W22kc+rSD8FNVSZJ7pM/V6ARV9UqJF7kCDD4JKQ=
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:56:38 2025 by rpki-client