Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/32fe0f-bcc9-42bc-9226-0bce80d4dff9/1/Ajvlgk29yZFTcQvAbsIrCSzw6Bs.roa
File: Ajvlgk29yZFTcQvAbsIrCSzw6Bs.roa (raw, json)
Hash identifier: 4L/k51BNzKihGUV7xUoInBQ548iErhf2q88rgV12xSo=
Subject key identifier: 02:3B:E5:82:4D:BD:C9:91:53:71:0B:C0:6E:C2:2B:09:2C:F0:E8:1B
Certificate issuer: /CN=fff37e6144be7f5dd93adb9babd83d48d51894fd
Certificate serial: 018CC3B6F1278AFB37E6D39AC753BC88B81D
Authority key identifier: FF:F3:7E:61:44:BE:7F:5D:D9:3A:DB:9B:AB:D8:3D:48:D5:18:94:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/__N-YUS-f13ZOtubq9g9SNUYlP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/32fe0f-bcc9-42bc-9226-0bce80d4dff9/1/Ajvlgk29yZFTcQvAbsIrCSzw6Bs.roa
Signing time: Mon 01 Jan 2024 06:29:55 +0000
ROA not before: Mon 01 Jan 2024 06:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13079
IP address blocks: 213.168.128.0/19 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f1:27:8a:fb:37:e6:d3:9a:c7:53:bc:88:b8:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fff37e6144be7f5dd93adb9babd83d48d51894fd
Validity
Not Before: Jan 1 06:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=023be5824dbdc99153710bc06ec22b092cf0e81b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ec:59:97:2e:82:a6:73:d6:c4:4f:35:9e:67:
e6:a6:d0:62:17:55:21:06:e5:66:90:60:ab:c8:cd:
0b:c3:7c:2a:45:f6:5f:12:6e:d8:6b:27:11:5b:df:
50:d0:05:25:22:3b:f3:28:f1:2a:e6:7d:a4:fe:3b:
4a:40:18:cd:99:87:6e:73:23:3e:7b:02:03:06:30:
51:73:d7:24:47:15:fd:1b:2e:98:83:b9:dc:be:f8:
87:51:8f:8e:9f:30:8d:b5:2c:e7:5f:cb:27:f8:0f:
65:21:47:45:09:e0:45:96:a8:95:8b:7f:8a:00:e5:
28:f6:82:6f:22:e1:49:7a:17:5d:cb:1d:b0:f4:e6:
d1:7f:b4:b3:36:2e:a2:de:3a:a0:1b:c2:af:c8:70:
e4:45:8a:22:86:2c:47:12:13:19:a7:4b:f3:82:97:
24:88:88:1c:1f:31:28:30:15:0b:86:58:78:c4:d0:
3a:9b:ed:15:b3:25:b3:4a:5a:43:2a:1e:15:d5:c9:
30:c7:d9:26:2e:db:d2:9f:9b:05:34:64:03:29:3d:
84:1d:dc:b7:07:42:d0:1b:9f:28:1b:49:3d:16:2e:
3e:61:90:a8:eb:a9:37:b8:4b:94:0b:e8:20:2e:45:
ab:68:73:50:80:e0:2a:98:ae:d4:af:d2:69:bd:b0:
0f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3B:E5:82:4D:BD:C9:91:53:71:0B:C0:6E:C2:2B:09:2C:F0:E8:1B
X509v3 Authority Key Identifier:
keyid:FF:F3:7E:61:44:BE:7F:5D:D9:3A:DB:9B:AB:D8:3D:48:D5:18:94:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/__N-YUS-f13ZOtubq9g9SNUYlP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32fe0f-bcc9-42bc-9226-0bce80d4dff9/1/Ajvlgk29yZFTcQvAbsIrCSzw6Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32fe0f-bcc9-42bc-9226-0bce80d4dff9/1/__N-YUS-f13ZOtubq9g9SNUYlP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.168.128.0/19
Signature Algorithm: sha256WithRSAEncryption
02:8c:d1:f3:06:af:f2:3b:fe:6b:a4:c7:e3:19:57:d3:80:de:
6d:38:df:01:a5:44:91:e6:cf:29:09:7f:01:20:95:f3:d1:98:
ce:a9:2a:76:24:00:d6:5a:62:f6:c7:c8:1a:77:73:df:ef:83:
c0:51:93:34:35:83:21:5a:a2:32:48:be:c2:68:6c:89:56:f8:
f6:23:d2:8d:2f:b8:05:67:ae:65:50:75:3d:4f:67:f8:80:32:
18:c3:66:4a:b3:dd:50:1b:ca:e7:ed:cf:1e:cc:db:c7:6b:e3:
83:aa:f2:12:bb:9e:29:f9:35:b9:2f:4b:3c:1e:6f:d8:66:6d:
4f:1b:32:58:39:5d:f3:8b:d3:a6:4e:0a:0c:79:f2:e2:c2:f4:
1d:8e:7c:9f:0c:c7:39:23:a9:72:62:83:56:37:97:d4:54:02:
3b:b8:f6:8f:22:45:78:b7:aa:63:8d:1e:23:fd:ab:f5:f5:37:
43:ff:59:e0:11:45:5d:31:6b:58:48:be:9c:e1:39:1a:a3:ed:
5e:a8:e4:3a:71:54:88:32:77:f0:9a:ff:29:1a:34:1b:43:42:
86:21:10:af:b1:9b:e0:c4:0f:c8:a4:7d:79:4d:66:f3:0a:f6:
a8:ad:10:23:6e:a2:ed:f0:5f:10:06:42:d3:a9:cd:cb:e0:3c:
c8:17:39:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtvEnivs35tOax1O8iLgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZjM3ZTYxNDRiZTdmNWRkOTNhZGI5YmFiZDgzZDQ4ZDUx
ODk0ZmQwHhcNMjQwMTAxMDYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjNiZTU4MjRkYmRjOTkxNTM3MTBiYzA2ZWMyMmIwOTJjZjBlODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOxZly6CpnPWxE81nmfmptBiF1Uh
BuVmkGCryM0Lw3wqRfZfEm7YaycRW99Q0AUlIjvzKPEq5n2k/jtKQBjNmYducyM+
ewIDBjBRc9ckRxX9Gy6Yg7ncvviHUY+OnzCNtSznX8sn+A9lIUdFCeBFlqiVi3+K
AOUo9oJvIuFJehddyx2w9ObRf7SzNi6i3jqgG8KvyHDkRYoihixHEhMZp0vzgpck
iIgcHzEoMBULhlh4xNA6m+0VsyWzSlpDKh4V1ckwx9kmLtvSn5sFNGQDKT2EHdy3
B0LQG58oG0k9Fi4+YZCo66k3uEuUC+ggLkWraHNQgOAqmK7Ur9JpvbAP0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAI75YJNvcmRU3ELwG7CKwks8OgbMB8GA1UdIwQY
MBaAFP/zfmFEvn9d2Trbm6vYPUjVGJT9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX19OLVlVUy1mMTNaT3R1YnE5ZzlTTlVZbFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zMmZlMGYtYmNjOS00MmJjLTkyMjYt
MGJjZTgwZDRkZmY5LzEvQWp2bGdrMjl5WkZUY1F2QWJzSXJDU3p3NkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zMmZlMGYtYmNjOS00MmJjLTkyMjYtMGJjZTgwZDRkZmY5
LzEvX19OLVlVUy1mMTNaT3R1YnE5ZzlTTlVZbFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1aiAMA0G
CSqGSIb3DQEBCwUAA4IBAQACjNHzBq/yO/5rpMfjGVfTgN5tON8BpUSR5s8pCX8B
IJXz0ZjOqSp2JADWWmL2x8gad3Pf74PAUZM0NYMhWqIySL7CaGyJVvj2I9KNL7gF
Z65lUHU9T2f4gDIYw2ZKs91QG8rn7c8ezNvHa+ODqvISu54p+TW5L0s8Hm/YZm1P
GzJYOV3zi9OmTgoMefLiwvQdjnyfDMc5I6lyYoNWN5fUVAI7uPaPIkV4t6pjjR4j
/av19TdD/1ngEUVdMWtYSL6c4Tkao+1eqOQ6cVSIMnfwmv8pGjQbQ0KGIRCvsZvg
xA/IpH15TWbzCvaorRAjbqLt8F8QBkLTqc3L4DzIFzka
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:06:43 2025 by rpki-client