Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/2r9ndtrebcHANzmBSt46YsZ_hNQ.roa
File: 2r9ndtrebcHANzmBSt46YsZ_hNQ.roa (raw, json)
Hash identifier: mp/JudskkUJFVTcBxuTtE4uWN7xV7HUGWO9OJcZlGSw=
Subject key identifier: DA:BF:67:76:DA:DE:6D:C1:C0:37:39:81:4A:DE:3A:62:C6:7F:84:D4
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 018D9E66ECC69381C6F5EA70457D92BD82DE
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/2r9ndtrebcHANzmBSt46YsZ_hNQ.roa
Signing time: Mon 12 Feb 2024 17:39:21 +0000
ROA not before: Mon 12 Feb 2024 17:39:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a13:80c0::/29 maxlen: 32
2a13:9240::/29 maxlen: 32
2a13:92c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 May 2024 08:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9e:66:ec:c6:93:81:c6:f5:ea:70:45:7d:92:bd:82:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Feb 12 17:39:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dabf6776dade6dc1c03739814ade3a62c67f84d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:10:eb:0f:c1:98:5e:12:45:2e:a2:b2:07:e1:
1c:c3:bd:38:87:de:da:45:e1:0b:0a:ad:06:b0:9e:
cd:87:67:04:2a:00:ca:24:b9:d1:47:32:3d:34:1d:
39:35:58:be:f4:fa:1f:2c:6a:2c:49:ac:4e:9d:9e:
1d:db:fe:6d:87:f6:51:5a:ae:18:b8:c4:4a:33:4e:
e1:6c:04:66:20:31:c6:47:0c:50:e5:16:e8:55:90:
39:e6:18:79:5e:fc:e8:7f:8a:e0:a7:76:e4:36:24:
4a:c3:d9:4d:9b:12:c1:78:f2:e1:53:45:b3:03:b5:
80:8c:c7:bd:66:0d:14:58:99:bc:76:e3:35:9d:95:
c0:19:71:f5:e9:d0:22:67:14:99:89:d1:df:9d:af:
f5:ab:ac:39:cf:a3:c0:3d:50:2e:06:04:fe:a3:0b:
bd:1c:ad:49:e8:b2:a0:31:ba:ee:fa:ec:52:df:c4:
60:fc:d4:fd:7d:58:9e:64:ee:41:a5:5f:4c:f1:24:
e0:ac:a5:72:dd:69:bb:5d:2b:f9:89:fe:a3:47:78:
3f:64:bf:9a:6b:4d:91:a0:cc:4a:aa:4e:28:cb:4a:
77:3d:4a:00:2e:d3:e8:9f:2d:42:4c:f1:3c:73:bc:
c7:60:c3:9c:95:2f:55:4b:52:58:66:7a:8f:5a:55:
ef:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:BF:67:76:DA:DE:6D:C1:C0:37:39:81:4A:DE:3A:62:C6:7F:84:D4
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/2r9ndtrebcHANzmBSt46YsZ_hNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:80c0::/29
2a13:9240::/29
2a13:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
7e:aa:6a:4b:b6:e5:57:64:1a:c1:52:ab:fc:1f:c5:56:35:a9:
a4:25:5c:f5:42:62:2f:6c:ac:ba:68:f2:72:9a:dd:94:7f:47:
94:c6:5b:dd:7d:db:e4:5a:dc:2d:cb:54:56:81:64:c3:14:ba:
60:9b:c5:3a:56:4f:a9:90:c6:d1:8d:03:ab:07:d7:da:6f:77:
35:f1:e3:51:e2:37:78:6b:55:ff:10:88:32:da:f6:69:a8:8b:
b3:74:7d:66:de:4f:51:0a:a1:72:94:3b:6a:01:3f:73:11:f9:
22:3f:18:3e:67:36:71:01:35:50:39:db:35:cc:a0:df:0f:b4:
94:75:f4:c9:71:cd:89:1a:a7:dd:25:de:52:7f:b7:4d:99:32:
38:83:11:b2:d4:7a:1b:d0:c9:71:5a:a7:dc:09:e8:cc:32:ec:
64:94:4e:2c:38:61:69:97:a7:4b:0a:5e:aa:e8:88:1a:d6:1b:
8c:a6:08:7a:a3:ad:1f:9d:40:9e:fe:35:6e:53:69:ac:46:77:
9e:ee:e1:f4:1c:0c:0b:0d:d5:e5:99:cb:f9:8a:eb:10:aa:32:
d6:eb:85:11:d2:70:09:36:b8:ea:8a:8c:ba:56:04:0f:c1:69:
38:07:ca:2d:b2:78:d6:23:ba:eb:ca:c4:09:2b:3e:41:09:b5:
9c:5e:9e:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2eZuzGk4HG9epwRX2SvYLeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjQwMjEyMTczOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJmNjc3NmRhZGU2ZGMxYzAzNzM5ODE0YWRlM2E2MmM2N2Y4NGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhDrD8GYXhJFLqKyB+Ecw704h97a
ReELCq0GsJ7Nh2cEKgDKJLnRRzI9NB05NVi+9PofLGosSaxOnZ4d2/5th/ZRWq4Y
uMRKM07hbARmIDHGRwxQ5RboVZA55hh5Xvzof4rgp3bkNiRKw9lNmxLBePLhU0Wz
A7WAjMe9Zg0UWJm8duM1nZXAGXH16dAiZxSZidHfna/1q6w5z6PAPVAuBgT+owu9
HK1J6LKgMbru+uxS38Rg/NT9fVieZO5BpV9M8STgrKVy3Wm7XSv5if6jR3g/ZL+a
a02RoMxKqk4oy0p3PUoALtPony1CTPE8c7zHYMOclS9VS1JYZnqPWlXvPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNq/Z3ba3m3BwDc5gUreOmLGf4TUMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvMnI5bmR0cmViY0hBTnptQlN0NDZZc1pfaE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhOAwAMF
AyoTkkADBQMqE5LAMA0GCSqGSIb3DQEBCwUAA4IBAQB+qmpLtuVXZBrBUqv8H8VW
NamkJVz1QmIvbKy6aPJymt2Uf0eUxlvdfdvkWtwty1RWgWTDFLpgm8U6Vk+pkMbR
jQOrB9fab3c18eNR4jd4a1X/EIgy2vZpqIuzdH1m3k9RCqFylDtqAT9zEfkiPxg+
ZzZxATVQOds1zKDfD7SUdfTJcc2JGqfdJd5Sf7dNmTI4gxGy1Hob0MlxWqfcCejM
MuxklE4sOGFpl6dLCl6q6Iga1huMpgh6o60fnUCe/jVuU2msRnee7uH0HAwLDdXl
mcv5iusQqjLW64UR0nAJNrjqioy6VgQPwWk4B8otsnjWI7rrysQJKz5BCbWcXp6s
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:46 2024 by rpki-client on console-ams.rpki-client.org