Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/Y7t1QyOMYCmfJnm6GABsBIqmXc0.roa
File: Y7t1QyOMYCmfJnm6GABsBIqmXc0.roa (raw, json)
Hash identifier: qQ4Kl1Gnevf+6Uzh0qVQ35cPu+zbCyxWMPQBTmpCJ+w=
Subject key identifier: 63:BB:75:43:23:8C:60:29:9F:26:79:BA:18:00:6C:04:8A:A6:5D:CD
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 018D9D6A3E62A1259EE9DE60B1E328044428
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/Y7t1QyOMYCmfJnm6GABsBIqmXc0.roa
Signing time: Mon 12 Feb 2024 13:03:22 +0000
ROA not before: Mon 12 Feb 2024 13:03:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a13:9240::/29 maxlen: 32
2a13:92c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 12 Feb 2024 17:39:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:6a:3e:62:a1:25:9e:e9:de:60:b1:e3:28:04:44:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Feb 12 13:03:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63bb7543238c60299f2679ba18006c048aa65dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:90:04:d8:75:44:5f:1d:b9:78:e8:83:86:d1:
ee:ce:c9:2f:e9:15:4b:16:95:09:d9:eb:73:b0:51:
50:7c:62:e8:e7:29:51:17:23:98:91:0a:57:83:e5:
71:74:e7:18:14:33:51:f5:22:f7:33:05:5a:1e:ea:
5b:7a:a5:63:ce:4f:9d:16:13:0d:70:bd:34:52:91:
26:17:89:3a:54:34:0e:4f:c0:19:26:7b:46:81:5b:
10:d8:90:79:19:87:2d:7c:52:3d:bc:4d:5e:87:1f:
3a:33:75:31:f9:8d:b5:ee:82:4f:5f:53:48:81:bc:
e4:6d:3e:47:e3:a8:2d:93:08:2f:d3:1d:30:09:44:
5b:6c:ab:1c:70:1e:b0:00:c8:44:a4:d8:e5:9d:35:
c5:c9:69:be:de:05:fc:54:24:5f:af:08:7e:6d:a2:
0e:ea:d9:d0:8e:03:89:c4:44:7f:99:6d:a9:d9:1a:
da:2f:21:c4:cb:2b:0c:ad:d3:70:26:f8:99:fc:18:
32:89:ef:9e:0e:65:ae:f0:df:77:a9:90:d4:a2:46:
76:aa:e1:a2:8f:14:26:14:65:ed:25:f1:fe:38:67:
2e:77:83:04:a6:00:f3:cc:f5:63:47:d1:99:50:54:
d2:aa:8e:21:a7:81:8a:16:44:7c:8a:9e:94:c4:66:
e6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BB:75:43:23:8C:60:29:9F:26:79:BA:18:00:6C:04:8A:A6:5D:CD
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/Y7t1QyOMYCmfJnm6GABsBIqmXc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9240::/29
2a13:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:3d:07:4e:5e:79:3f:92:1e:e6:b2:96:e7:ac:bd:b7:90:76:
c1:94:91:4c:cb:d6:3a:78:1f:e7:c7:1d:8c:e6:83:90:fe:ce:
0b:6c:90:e6:7e:5a:75:80:e2:47:54:b1:45:bc:24:92:c9:6b:
44:6e:a3:cd:91:d2:ac:04:ce:3c:87:5b:b6:45:26:04:5c:38:
d8:98:af:88:c4:49:f2:98:97:89:b9:8e:44:65:d8:2f:3c:54:
80:27:58:b5:28:5e:a3:94:b5:64:fa:31:45:31:49:d5:86:38:
40:94:ee:27:32:e6:f2:48:93:6f:0a:0b:fc:49:40:0b:15:ec:
f9:8b:42:7e:c3:84:1d:55:42:fe:88:ea:e2:30:f6:e3:5a:11:
50:ad:d5:40:6e:3a:8c:16:21:db:67:76:3d:84:44:4b:f5:01:
65:91:42:d1:3d:f3:db:ed:06:58:49:74:27:ee:f1:03:69:e6:
34:5c:8a:89:ee:3f:be:82:6a:47:6c:7a:c0:bc:af:8b:a1:be:
60:24:fd:ff:d3:48:c4:2e:6c:f4:08:8d:95:f2:ff:31:f0:7a:
4d:1e:4e:3d:13:02:7c:e0:bc:aa:8b:c5:45:ee:89:fd:9f:a0:
cc:e6:25:2d:98:b1:42:d9:2f:6d:43:1c:a9:74:88:d8:26:ae:
23:22:c5:0b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY2daj5ioSWe6d5gseMoBEQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjQwMjEyMTMwMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2JiNzU0MzIzOGM2MDI5OWYyNjc5YmExODAwNmMwNDhhYTY1ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJAE2HVEXx25eOiDhtHuzskv6RVL
FpUJ2etzsFFQfGLo5ylRFyOYkQpXg+VxdOcYFDNR9SL3MwVaHupbeqVjzk+dFhMN
cL00UpEmF4k6VDQOT8AZJntGgVsQ2JB5GYctfFI9vE1ehx86M3Ux+Y217oJPX1NI
gbzkbT5H46gtkwgv0x0wCURbbKsccB6wAMhEpNjlnTXFyWm+3gX8VCRfrwh+baIO
6tnQjgOJxER/mW2p2RraLyHEyysMrdNwJviZ/Bgyie+eDmWu8N93qZDUokZ2quGi
jxQmFGXtJfH+OGcud4MEpgDzzPVjR9GZUFTSqo4hp4GKFkR8ip6UxGbm1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGO7dUMjjGApnyZ5uhgAbASKpl3NMB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvWTd0MVF5T01ZQ21mSm5tNkdBQnNCSXFtWGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhOSQAMF
AyoTksAwDQYJKoZIhvcNAQELBQADggEBAD89B05eeT+SHuayluesvbeQdsGUkUzL
1jp4H+fHHYzmg5D+zgtskOZ+WnWA4kdUsUW8JJLJa0Ruo82R0qwEzjyHW7ZFJgRc
ONiYr4jESfKYl4m5jkRl2C88VIAnWLUoXqOUtWT6MUUxSdWGOECU7icy5vJIk28K
C/xJQAsV7PmLQn7DhB1VQv6I6uIw9uNaEVCt1UBuOowWIdtndj2EREv1AWWRQtE9
89vtBlhJdCfu8QNp5jRcionuP76CakdsesC8r4uhvmAk/f/TSMQubPQIjZXy/zHw
ek0eTj0TAnzgvKqLxUXuif2foMzmJS2YsULZL21DHKl0iNgmriMixQs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:19 2025 by rpki-client