Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d63178-5d53-41e4-a70e-2a1e39dd633c/1/1xfDPWGtFx0Oprmi3eg_E0-bYzk.roa
File: 1xfDPWGtFx0Oprmi3eg_E0-bYzk.roa (raw, json)
Hash identifier: S+XMqXjHo1sBGpKkWdRlzgNH+nfI/2ADIKu3MUcpxzg=
Subject key identifier: D7:17:C3:3D:61:AD:17:1D:0E:A6:B9:A2:DD:E8:3F:13:4F:9B:63:39
Certificate issuer: /CN=6d68d33d3da14d3bbcfcfc2e492dc1673849aa6c
Certificate serial: 018CC64B7CACFAF6D71E521B8E5F07514A2A
Authority key identifier: 6D:68:D3:3D:3D:A1:4D:3B:BC:FC:FC:2E:49:2D:C1:67:38:49:AA:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWjTPT2hTTu8_PwuSS3BZzhJqmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/d63178-5d53-41e4-a70e-2a1e39dd633c/1/1xfDPWGtFx0Oprmi3eg_E0-bYzk.roa
Signing time: Mon 01 Jan 2024 18:31:25 +0000
ROA not before: Mon 01 Jan 2024 18:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200723
IP address blocks: 2a13:4a40::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 13:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7c:ac:fa:f6:d7:1e:52:1b:8e:5f:07:51:4a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d68d33d3da14d3bbcfcfc2e492dc1673849aa6c
Validity
Not Before: Jan 1 18:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d717c33d61ad171d0ea6b9a2dde83f134f9b6339
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:4a:57:c3:dc:50:6b:2b:1f:b6:74:35:f7:48:
ff:e8:5f:bc:ba:9c:69:84:43:9f:ae:93:52:56:d1:
cd:93:19:85:a1:1f:2c:b2:d2:51:4c:9e:e6:3e:f2:
3c:fe:40:7e:bd:b4:17:58:2e:7b:93:cf:e7:82:f9:
45:14:5e:0f:9b:7d:07:09:25:3a:cd:80:96:a0:da:
c0:de:7f:bd:11:b8:1e:89:3b:a0:70:22:3b:c8:92:
5e:3c:90:2a:56:b3:94:f4:a1:7b:1d:1e:94:9d:89:
b5:db:87:ba:00:b7:de:18:7a:85:cf:ce:ea:ce:ce:
b1:15:e4:80:e8:dc:a5:22:30:43:2d:ce:aa:80:bc:
ee:79:e0:68:9b:a0:04:c3:52:95:69:42:4f:b9:69:
2b:95:3c:ff:97:e3:6d:9e:77:7f:35:89:16:be:c7:
fd:5e:c0:0e:39:b2:5f:f8:69:5a:e2:f7:c1:b5:6c:
24:7e:06:5f:c1:fe:69:9e:d7:67:38:db:0e:70:00:
65:cb:9c:97:15:0f:6c:a5:73:ef:47:9e:e4:6b:46:
c9:48:b1:aa:ec:59:88:ba:3b:ae:7d:d0:35:48:bc:
ee:ef:04:96:6d:f4:ca:63:0c:31:ce:e1:aa:ab:80:
dd:ab:22:9d:fb:36:02:f4:01:fa:8e:5c:04:47:63:
d3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:17:C3:3D:61:AD:17:1D:0E:A6:B9:A2:DD:E8:3F:13:4F:9B:63:39
X509v3 Authority Key Identifier:
keyid:6D:68:D3:3D:3D:A1:4D:3B:BC:FC:FC:2E:49:2D:C1:67:38:49:AA:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWjTPT2hTTu8_PwuSS3BZzhJqmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d63178-5d53-41e4-a70e-2a1e39dd633c/1/1xfDPWGtFx0Oprmi3eg_E0-bYzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d63178-5d53-41e4-a70e-2a1e39dd633c/1/bWjTPT2hTTu8_PwuSS3BZzhJqmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:4a40::/48
Signature Algorithm: sha256WithRSAEncryption
52:0a:26:b7:6d:fb:20:34:b1:5e:8a:16:75:a2:07:03:97:b1:
4a:5f:b6:ee:71:f5:2e:43:f5:70:18:82:2c:64:cc:8d:2c:c7:
49:49:30:04:b4:8e:b6:1a:20:44:e1:ec:f6:cc:68:2b:5e:6b:
13:b9:4d:f3:19:ea:8b:62:9a:3b:89:a5:db:2a:74:53:42:ba:
90:b3:b0:fc:da:1e:54:ab:11:64:68:6d:e5:83:b0:7a:8e:01:
6b:3d:30:1b:fb:62:53:70:77:46:3a:98:31:f8:ad:45:f8:6f:
a2:5f:fb:dd:e2:ec:09:ef:70:1c:cf:50:03:e9:39:16:bb:1a:
d0:75:fc:24:c1:ab:f1:f2:ea:62:19:03:34:d0:a8:29:9b:69:
a0:47:03:d3:93:c9:b7:a4:be:cd:a9:0e:01:ec:43:4e:ab:d5:
16:88:3b:b7:e7:11:e3:09:b1:b3:6c:7f:35:f2:e3:19:49:d8:
fc:e8:5c:ef:43:d3:ce:d8:df:13:0e:28:91:be:04:8b:42:31:
15:83:4d:44:a1:e5:5f:f3:26:95:52:ca:b8:7a:57:9f:7d:06:
e7:cc:58:21:5a:f7:22:0a:88:de:47:a6:c0:eb:92:d5:27:91:
bb:13:cb:79:ca:f6:0a:b1:d1:d4:4a:01:81:cb:89:ea:52:bc:
f1:c5:a7:b7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGS3ys+vbXHlIbjl8HUUoqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjhkMzNkM2RhMTRkM2JiY2ZjZmMyZTQ5MmRjMTY3Mzg0
OWFhNmMwHhcNMjQwMTAxMTgzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzE3YzMzZDYxYWQxNzFkMGVhNmI5YTJkZGU4M2YxMzRmOWI2MzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UpXw9xQaysftnQ190j/6F+8upxp
hEOfrpNSVtHNkxmFoR8sstJRTJ7mPvI8/kB+vbQXWC57k8/ngvlFFF4Pm30HCSU6
zYCWoNrA3n+9EbgeiTugcCI7yJJePJAqVrOU9KF7HR6UnYm124e6ALfeGHqFz87q
zs6xFeSA6NylIjBDLc6qgLzueeBom6AEw1KVaUJPuWkrlTz/l+Ntnnd/NYkWvsf9
XsAOObJf+Gla4vfBtWwkfgZfwf5pntdnONsOcABly5yXFQ9spXPvR57ka0bJSLGq
7FmIujuufdA1SLzu7wSWbfTKYwwxzuGqq4DdqyKd+zYC9AH6jlwER2PTNwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNcXwz1hrRcdDqa5ot3oPxNPm2M5MB8GA1UdIwQY
MBaAFG1o0z09oU07vPz8LkktwWc4SapsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYldqVFBUMmhUVHU4X1B3dVNTM0JaemhKcW13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9kNjMxNzgtNWQ1My00MWU0LWE3MGUt
MmExZTM5ZGQ2MzNjLzEvMXhmRFBXR3RGeDBPcHJtaTNlZ19FMC1iWXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9kNjMxNzgtNWQ1My00MWU0LWE3MGUtMmExZTM5ZGQ2MzNj
LzEvYldqVFBUMmhUVHU4X1B3dVNTM0JaemhKcW13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhNKQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBSCia3bfsgNLFeihZ1ogcDl7FKX7bucfUuQ/Vw
GIIsZMyNLMdJSTAEtI62GiBE4ez2zGgrXmsTuU3zGeqLYpo7iaXbKnRTQrqQs7D8
2h5UqxFkaG3lg7B6jgFrPTAb+2JTcHdGOpgx+K1F+G+iX/vd4uwJ73Acz1AD6TkW
uxrQdfwkwavx8upiGQM00Kgpm2mgRwPTk8m3pL7NqQ4B7ENOq9UWiDu35xHjCbGz
bH818uMZSdj86FzvQ9PO2N8TDiiRvgSLQjEVg01EoeVf8yaVUsq4eleffQbnzFgh
WvciCojeR6bA65LVJ5G7E8t5yvYKsdHUSgGBy4nqUrzxxae3
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:38 2025 by rpki-client