Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/zuaeRtJxIykT4ghXuDpw-0b1B6s.roa
File: zuaeRtJxIykT4ghXuDpw-0b1B6s.roa (raw, json)
Hash identifier: ugA1KOTtP5a2JlsXfg5R3F0X41utBLARerCRJSAXJ0Q=
Subject key identifier: CE:E6:9E:46:D2:71:23:29:13:E2:08:57:B8:3A:70:FB:46:F5:07:AB
Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Certificate serial: 01942521A2C54270826D890CC90C3C9B871C
Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/zuaeRtJxIykT4ghXuDpw-0b1B6s.roa
Signing time: Thu 02 Jan 2025 03:49:08 +0000
ROA not before: Thu 02 Jan 2025 03:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213856
IP address blocks: 2a13:a5c5::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Feb 2025 13:06:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:a2:c5:42:70:82:6d:89:0c:c9:0c:3c:9b:87:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d
Validity
Not Before: Jan 2 03:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cee69e46d271232913e20857b83a70fb46f507ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fe:08:1f:c5:36:0c:0b:ae:26:8e:5c:88:51:
dd:50:07:e5:6e:3e:a4:2c:9b:0e:29:f4:4f:1b:54:
ce:36:02:d2:c2:82:23:28:f9:82:7f:86:23:6d:e1:
66:e0:28:da:f7:98:34:35:68:a7:ab:e8:b8:ef:80:
a1:5c:77:54:c8:a9:95:79:2b:22:94:fa:71:7c:d6:
cb:60:22:6f:15:0c:ff:ec:3d:b4:f7:01:df:be:c6:
a9:a6:66:43:7d:d3:4c:dd:87:46:e5:7b:71:80:a9:
d5:b0:db:0a:59:58:f3:2f:35:36:7c:00:6f:7d:00:
b0:0d:ad:36:90:12:dd:5f:06:08:1b:97:cd:2d:6b:
bd:c7:ac:f2:9c:93:9f:ae:f9:0f:db:61:df:50:d1:
ee:21:3a:46:71:f0:01:fd:e7:57:0a:22:a4:a0:f1:
f6:f9:a7:e6:86:30:35:f6:d6:86:11:45:ad:8c:38:
67:ba:39:ba:73:09:dd:65:55:54:a7:f2:f7:49:65:
80:d6:a4:28:c9:f4:15:e6:75:08:5c:0e:0e:f0:6a:
ce:77:cd:8b:c4:15:e7:62:fa:82:e3:e8:19:6b:d5:
a0:f8:a9:9d:5a:df:cc:79:12:a8:d3:da:3d:28:43:
57:fc:8e:7f:30:ef:1e:24:5b:72:74:81:a1:47:aa:
34:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E6:9E:46:D2:71:23:29:13:E2:08:57:B8:3A:70:FB:46:F5:07:AB
X509v3 Authority Key Identifier:
keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/zuaeRtJxIykT4ghXuDpw-0b1B6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a5c5::/32
Signature Algorithm: sha256WithRSAEncryption
10:ef:fb:43:ab:a1:61:f8:31:bf:1f:b9:29:43:06:97:24:d0:
57:7b:87:e1:4b:80:25:ca:b5:99:a6:d4:4b:e5:7c:14:d1:8a:
dd:21:3a:6c:b4:96:91:6a:e5:9c:dc:85:02:7f:21:f7:80:c5:
f6:0f:d8:23:c7:9e:48:69:45:eb:1c:e7:d6:6a:5c:4b:14:28:
6d:0b:dd:d4:d0:36:53:d2:d8:cf:a7:dc:de:6e:2a:a7:44:c7:
9e:f9:66:f9:3a:f1:bf:b0:c9:67:12:e8:df:74:44:f0:78:18:
23:09:33:f1:e7:cc:c4:dc:40:49:31:4b:94:f8:1d:39:ed:70:
38:10:e6:fc:97:c2:93:35:d1:e3:6b:67:8a:f4:1a:bd:ef:06:
a4:e9:ab:73:41:c8:e8:d1:8f:79:f6:07:26:24:c7:2d:90:a1:
e7:e6:28:6a:1c:71:e8:06:92:8c:1e:5d:a4:25:ab:1b:cb:f7:
b0:68:55:f0:63:05:5a:e1:68:80:d3:34:1a:e3:b0:29:8b:49:
62:7c:6d:6c:0c:d7:67:07:40:4a:d7:d2:17:4c:0b:dd:c9:a0:
8e:b7:e5:f1:48:27:2e:a1:78:9f:b0:16:4c:84:6b:c0:8d:33:
2f:99:49:93:bd:93:d5:1e:43:12:46:ff:e9:75:bc:da:06:98:
40:54:79:cd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQlIaLFQnCCbYkMyQw8m4ccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3
MWRkOWQwHhcNMjUwMTAyMDM0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWU2OWU0NmQyNzEyMzI5MTNlMjA4NTdiODNhNzBmYjQ2ZjUwN2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArv4IH8U2DAuuJo5ciFHdUAflbj6k
LJsOKfRPG1TONgLSwoIjKPmCf4YjbeFm4Cja95g0NWinq+i474ChXHdUyKmVeSsi
lPpxfNbLYCJvFQz/7D209wHfvsappmZDfdNM3YdG5XtxgKnVsNsKWVjzLzU2fABv
fQCwDa02kBLdXwYIG5fNLWu9x6zynJOfrvkP22HfUNHuITpGcfAB/edXCiKkoPH2
+afmhjA19taGEUWtjDhnujm6cwndZVVUp/L3SWWA1qQoyfQV5nUIXA4O8GrOd82L
xBXnYvqC4+gZa9Wg+KmdWt/MeRKo09o9KENX/I5/MO8eJFtydIGhR6o0OQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM7mnkbScSMpE+IIV7g6cPtG9QerMB8GA1UdIwQY
MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct
NjNjNzIxY2YxZjU2LzEvenVhZVJ0SnhJeWtUNGdoWHVEcHctMGIxQjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2
LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOlxTAN
BgkqhkiG9w0BAQsFAAOCAQEAEO/7Q6uhYfgxvx+5KUMGlyTQV3uH4UuAJcq1mabU
S+V8FNGK3SE6bLSWkWrlnNyFAn8h94DF9g/YI8eeSGlF6xzn1mpcSxQobQvd1NA2
U9LYz6fc3m4qp0THnvlm+Trxv7DJZxLo33RE8HgYIwkz8efMxNxASTFLlPgdOe1w
OBDm/JfCkzXR42tnivQave8GpOmrc0HI6NGPefYHJiTHLZCh5+Yoahxx6AaSjB5d
pCWrG8v3sGhV8GMFWuFogNM0GuOwKYtJYnxtbAzXZwdAStfSF0wL3cmgjrfl8Ugn
LqF4n7AWTIRrwI0zL5lJk72T1R5DEkb/6XW82gaYQFR5zQ==
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:51:15 2025 by rpki-client