Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/koY3YXxFUiR_SHr8DH4MdHARUzI.roa
File: koY3YXxFUiR_SHr8DH4MdHARUzI.roa (raw, json)
Hash identifier: rK2UryJwvhs2kUVa3o3TfJNq3Jew1E5JA+cqQamudNc=
Subject key identifier: 92:86:37:61:7C:45:52:24:7F:48:7A:FC:0C:7E:0C:74:70:11:53:32
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 0193EEA795491FE1E842C7F5A2081145469B
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/koY3YXxFUiR_SHr8DH4MdHARUzI.roa
Signing time: Sun 22 Dec 2024 13:56:20 +0000
ROA not before: Sun 22 Dec 2024 13:56:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216299
IP address blocks: 2a13:a5c3:ff40::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ee:a7:95:49:1f:e1:e8:42:c7:f5:a2:08:11:45:46:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Dec 22 13:56:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=928637617c4552247f487afc0c7e0c7470115332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:4b:20:ff:1a:a9:f0:87:f0:7d:d7:09:84:
69:4d:13:26:52:68:ec:fb:14:6a:ba:c5:2c:dd:c6:
0d:a7:4b:2d:f5:f9:44:5c:c3:56:ab:73:b5:46:55:
80:8f:d5:b1:3b:49:b3:a7:7a:eb:55:6b:be:55:35:
6f:5c:e5:35:fd:e8:e1:a0:1b:a6:1a:40:8e:36:a6:
23:84:6a:8c:1b:05:47:6b:de:39:8d:46:dd:e1:43:
20:60:82:a1:c1:65:5b:1f:3a:e1:89:07:25:a9:ff:
e8:1e:d4:53:ed:35:6d:0d:d6:a7:af:bb:ab:a3:40:
4c:5b:cd:5a:74:90:db:e1:1f:d3:2c:f8:38:04:32:
bc:a6:f7:77:09:30:0f:6e:31:ae:fb:19:cd:44:f5:
cb:57:02:c0:0a:99:5a:03:33:de:d1:1a:df:bf:2d:
f2:81:52:20:03:cc:4a:67:ba:81:bc:a5:16:17:f9:
8c:80:8d:13:0b:e4:85:44:c5:cc:53:0f:1d:af:81:
1d:5c:df:a9:58:f6:34:9f:c9:d4:d9:76:bb:b5:b1:
f2:14:ad:bb:1b:e9:d0:7e:7e:5b:1a:49:98:e5:33:
b2:26:55:66:83:01:98:b7:6a:2b:94:a6:95:65:b0:
fc:c3:ff:ae:5d:f3:5b:bf:44:9e:b3:89:4c:0c:4f:
fd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:86:37:61:7C:45:52:24:7F:48:7A:FC:0C:7E:0C:74:70:11:53:32
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/koY3YXxFUiR_SHr8DH4MdHARUzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c3:ff40::/44
Signature Algorithm: sha256WithRSAEncryption
19:bd:6b:73:41:a8:7c:fb:8c:2a:cb:ed:1f:b1:9e:01:c6:3e:
18:d8:2d:3e:25:26:86:4f:54:15:8f:80:73:6f:ee:5c:9c:94:
19:23:9c:da:8b:39:27:a8:96:b0:dd:db:0f:2b:e6:3e:e2:f5:
88:6d:5f:72:43:40:19:b1:91:df:6b:f7:a9:4e:e5:2d:9d:f0:
db:67:7a:66:8a:78:a2:de:43:ca:9f:1e:9d:69:e7:bc:6c:99:
ac:77:7e:03:cf:8b:69:2f:df:ec:45:a1:8b:dd:92:e0:b1:43:
18:d5:34:5d:f7:2c:47:14:d7:f0:ca:29:22:ba:b9:97:48:78:
d6:1b:04:4b:b9:c4:f4:50:6f:cd:fb:1a:ab:93:e1:a1:49:aa:
44:57:d1:29:7b:57:08:9c:cb:63:42:43:22:2b:3f:1f:25:17:
0e:60:90:4b:e4:ca:d1:62:7a:05:01:0c:0f:dc:ef:55:20:83:
ff:80:d8:d9:98:fb:a1:91:95:c4:20:cb:23:a4:33:28:52:55:
d4:a2:7d:69:67:d0:f4:0a:00:f0:be:75:53:6f:9d:d0:63:ed:
d8:b4:62:fe:a5:62:c1:3f:18:06:d3:45:9c:9d:de:96:5e:08:
a7:61:68:de:de:eb:f0:f6:6e:69:53:da:78:9e:1b:31:b0:cb:
d4:a8:71:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZPup5VJH+HoQsf1oggRRUabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjQxMjIyMTM1NjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjg2Mzc2MTdjNDU1MjI0N2Y0ODdhZmMwYzdlMGM3NDcwMTE1MzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrxLIP8aqfCH8H3XCYRpTRMmUmjs
+xRqusUs3cYNp0st9flEXMNWq3O1RlWAj9WxO0mzp3rrVWu+VTVvXOU1/ejhoBum
GkCONqYjhGqMGwVHa945jUbd4UMgYIKhwWVbHzrhiQclqf/oHtRT7TVtDdanr7ur
o0BMW81adJDb4R/TLPg4BDK8pvd3CTAPbjGu+xnNRPXLVwLACplaAzPe0Rrfvy3y
gVIgA8xKZ7qBvKUWF/mMgI0TC+SFRMXMUw8dr4EdXN+pWPY0n8nU2Xa7tbHyFK27
G+nQfn5bGkmY5TOyJlVmgwGYt2orlKaVZbD8w/+uXfNbv0Ses4lMDE/9zQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJKGN2F8RVIkf0h6/Ax+DHRwEVMyMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEva29ZM1lYeEZVaVJfU0hyOERINE1kSEFSVXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhOlw/9A
MA0GCSqGSIb3DQEBCwUAA4IBAQAZvWtzQah8+4wqy+0fsZ4Bxj4Y2C0+JSaGT1QV
j4Bzb+5cnJQZI5zaizknqJaw3dsPK+Y+4vWIbV9yQ0AZsZHfa/epTuUtnfDbZ3pm
inii3kPKnx6daee8bJmsd34Dz4tpL9/sRaGL3ZLgsUMY1TRd9yxHFNfwyikiurmX
SHjWGwRLucT0UG/N+xqrk+GhSapEV9Epe1cInMtjQkMiKz8fJRcOYJBL5MrRYnoF
AQwP3O9VIIP/gNjZmPuhkZXEIMsjpDMoUlXUon1pZ9D0CgDwvnVTb53QY+3YtGL+
pWLBPxgG00Wcnd6WXginYWje3uvw9m5pU9p4nhsxsMvUqHHd
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:41:46 2025 by rpki-client