Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/xOd24i6hVyTwfxuALTvOfuHdYf8.roa
File: xOd24i6hVyTwfxuALTvOfuHdYf8.roa (raw, json)
Hash identifier: 40RksAdI3wK42UbEGPafHVss03KZW4sJzgC3iZrWB6k=
Subject key identifier: C4:E7:76:E2:2E:A1:57:24:F0:7F:1B:80:2D:3B:CE:7E:E1:DD:61:FF
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 01942521A7D468D7FBCECD3622CC068F36F0
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/xOd24i6hVyTwfxuALTvOfuHdYf8.roa
Signing time: Thu 02 Jan 2025 03:49:10 +0000
ROA not before: Thu 02 Jan 2025 03:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216296
IP address blocks: 2a13:a5c7:1400::/40 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Jan 2025 16:21:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a7:d4:68:d7:fb:ce:cd:36:22:cc:06:8f:36:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Jan 2 03:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4e776e22ea15724f07f1b802d3bce7ee1dd61ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6b:60:f5:82:15:53:f6:37:d5:53:f3:19:c0:
9a:62:6b:c3:c7:f0:1c:d3:61:1c:a8:00:46:c4:5f:
fa:45:cc:75:9e:f1:b3:e4:71:18:20:21:cd:32:c5:
f4:de:ca:a3:cf:b2:7e:f4:e0:40:d6:a0:23:a4:de:
1a:95:1b:e5:99:82:cc:60:b7:17:3c:ce:4e:ff:39:
c6:89:86:ec:65:9e:a5:30:a8:44:90:b1:9a:37:ab:
e4:65:8b:ae:3e:f2:68:f6:bf:32:36:3e:7f:d3:c2:
5c:e9:d6:fd:71:09:b4:a2:65:96:98:81:d7:ce:85:
12:42:2e:43:fd:2f:3e:52:6c:d2:5f:df:69:50:23:
10:27:be:20:90:63:06:67:c2:35:ce:14:e5:ef:a7:
d1:3b:0e:37:1f:a3:1d:e4:ad:21:a7:13:36:e9:1d:
59:42:bb:28:eb:ee:d2:06:c5:67:21:df:89:68:3b:
3a:21:d3:ad:e4:0d:c6:3c:79:ec:3a:84:e2:e2:3d:
e4:54:fe:fb:e9:d1:28:93:4a:8d:b2:4c:f7:dc:6a:
4c:c7:0d:76:93:99:83:4a:42:ce:f2:0c:76:4f:83:
ae:ab:97:18:3d:77:1b:b6:54:00:90:f1:6a:09:d0:
c4:43:d1:e5:5a:72:83:b8:cf:77:5d:c7:4d:61:ef:
e4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E7:76:E2:2E:A1:57:24:F0:7F:1B:80:2D:3B:CE:7E:E1:DD:61:FF
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/xOd24i6hVyTwfxuALTvOfuHdYf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c7:1400::/40
Signature Algorithm: sha256WithRSAEncryption
ad:61:9d:67:b9:eb:bb:02:14:21:27:9f:8b:da:f7:c7:13:b3:
51:f9:da:55:e5:10:56:0b:3a:79:46:c0:86:31:3c:56:a0:4a:
cf:db:f1:21:dd:1d:b9:f4:8b:08:2c:1c:6d:13:06:76:37:0c:
c8:f3:ea:15:4b:95:1e:36:cf:4a:09:da:65:08:e6:05:81:f2:
60:85:44:b6:ce:e6:66:fd:06:64:36:50:30:76:36:55:62:6e:
fe:fb:66:65:3f:1e:79:46:6f:a7:50:98:ff:c1:99:3f:37:83:
f3:25:6d:9d:21:9e:83:fa:18:0f:0d:5a:ee:d4:6e:8a:f8:db:
8f:b1:bc:76:15:35:e5:f0:be:1f:0a:43:ad:2c:fe:c5:8d:99:
ba:f9:e9:f2:53:db:ce:f6:1d:97:6c:d8:97:34:93:e2:ca:4d:
7e:61:83:05:b4:2b:c9:cc:16:e1:35:4e:b3:ad:60:87:fc:2a:
de:16:16:5a:eb:91:29:bb:0f:79:b0:c4:8d:80:44:a4:6c:b0:
13:21:6a:69:e2:b1:ba:5e:0c:d7:40:4c:cd:6d:af:8e:37:66:
1c:46:87:6d:0a:1f:65:c7:86:4b:4c:5b:ce:07:19:ed:b0:bc:
b7:87:75:72:ae:9a:30:61:5b:e2:6f:3f:2f:99:3c:b6:67:dd:
e9:30:f8:fc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQlIafUaNf7zs02IswGjzbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjUwMTAyMDM0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGU3NzZlMjJlYTE1NzI0ZjA3ZjFiODAyZDNiY2U3ZWUxZGQ2MWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWtg9YIVU/Y31VPzGcCaYmvDx/Ac
02EcqABGxF/6Rcx1nvGz5HEYICHNMsX03sqjz7J+9OBA1qAjpN4alRvlmYLMYLcX
PM5O/znGiYbsZZ6lMKhEkLGaN6vkZYuuPvJo9r8yNj5/08Jc6db9cQm0omWWmIHX
zoUSQi5D/S8+UmzSX99pUCMQJ74gkGMGZ8I1zhTl76fROw43H6Md5K0hpxM26R1Z
Qrso6+7SBsVnId+JaDs6IdOt5A3GPHnsOoTi4j3kVP776dEok0qNskz33GpMxw12
k5mDSkLO8gx2T4Ouq5cYPXcbtlQAkPFqCdDEQ9HlWnKDuM93XcdNYe/kPwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFMTnduIuoVck8H8bgC07zn7h3WH/MB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEveE9kMjRpNmhWeVR3Znh1QUxUdk9mdUhkWWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlxxQw
DQYJKoZIhvcNAQELBQADggEBAK1hnWe567sCFCEnn4va98cTs1H52lXlEFYLOnlG
wIYxPFagSs/b8SHdHbn0iwgsHG0TBnY3DMjz6hVLlR42z0oJ2mUI5gWB8mCFRLbO
5mb9BmQ2UDB2NlVibv77ZmU/HnlGb6dQmP/BmT83g/MlbZ0hnoP6GA8NWu7Ubor4
24+xvHYVNeXwvh8KQ60s/sWNmbr56fJT2872HZds2Jc0k+LKTX5hgwW0K8nMFuE1
TrOtYIf8Kt4WFlrrkSm7D3mwxI2ARKRssBMhamnisbpeDNdATM1tr443ZhxGh20K
H2XHhktMW84HGe2wvLeHdXKumjBhW+JvPy+ZPLZn3ekw+Pw=
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:41:48 2025 by rpki-client