Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/JkWxfN9by86cqpF7xW7YodvFkdo.roa
File: JkWxfN9by86cqpF7xW7YodvFkdo.roa (raw, json)
Hash identifier: laUS2jbGJNfcAU76OU7BEutxYN8qw1j31Q5xzzVNBuE=
Subject key identifier: 26:45:B1:7C:DF:5B:CB:CE:9C:AA:91:7B:C5:6E:D8:A1:DB:C5:91:DA
Certificate issuer: /CN=a42371281dfe19072d1339dd0482b2aafad542ce
Certificate serial: 018CC5DD024EAB7EE1784AA8AAF03E8F58F2
Authority key identifier: A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/JkWxfN9by86cqpF7xW7YodvFkdo.roa
Signing time: Mon 01 Jan 2024 16:30:44 +0000
ROA not before: Mon 01 Jan 2024 16:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57025
IP address blocks: 2a13:db00::/30 maxlen: 30
2a13:db01:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:02:4e:ab:7e:e1:78:4a:a8:aa:f0:3e:8f:58:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42371281dfe19072d1339dd0482b2aafad542ce
Validity
Not Before: Jan 1 16:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2645b17cdf5bcbce9caa917bc56ed8a1dbc591da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f8:68:c6:fb:87:e2:82:be:9c:30:48:88:e6:
81:52:a6:38:ef:53:63:f7:4e:10:7c:32:c6:56:8d:
39:f3:09:e3:eb:b4:06:b7:ff:78:63:67:6e:6d:3e:
7c:c2:d5:69:93:08:0e:37:40:5d:c4:5c:cf:96:f6:
dc:d7:04:78:39:83:f6:46:88:7c:23:80:6b:a2:fa:
bf:95:5c:69:dd:49:03:a0:0f:3d:3f:34:06:93:73:
be:34:2d:8c:21:97:80:02:21:39:ba:20:f5:ad:57:
f4:02:8b:28:fd:1e:37:16:ea:3e:b3:e0:65:69:b0:
c3:b8:e0:6a:95:93:78:95:c8:9e:4b:7c:12:e1:08:
a0:db:f8:45:eb:8d:cb:39:6d:f1:4a:2c:8e:62:54:
fc:20:87:18:96:64:f9:e5:a1:99:43:6f:c5:2d:37:
6c:a5:95:ae:92:05:76:e3:14:6b:cd:74:5b:d8:33:
05:b5:cc:f5:24:19:0c:30:16:cb:5d:89:86:11:27:
9e:69:32:86:3e:7c:58:b7:f0:2c:07:16:42:ad:32:
3a:0b:c8:da:73:03:91:3a:41:cf:82:c0:27:7d:6c:
69:d7:23:41:38:bd:17:b1:7a:d2:f6:4f:d3:0c:95:
b5:b3:c2:f4:fe:3f:cd:f0:1a:61:ce:ff:90:57:92:
86:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:45:B1:7C:DF:5B:CB:CE:9C:AA:91:7B:C5:6E:D8:A1:DB:C5:91:DA
X509v3 Authority Key Identifier:
keyid:A4:23:71:28:1D:FE:19:07:2D:13:39:DD:04:82:B2:AA:FA:D5:42:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCNxKB3-GQctEzndBIKyqvrVQs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/JkWxfN9by86cqpF7xW7YodvFkdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a43a05-603f-4607-bc68-99060e2458ec/1/pCNxKB3-GQctEzndBIKyqvrVQs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:db00::/30
Signature Algorithm: sha256WithRSAEncryption
82:c4:93:4f:77:c2:81:ca:d7:6d:23:39:82:a9:1a:90:c6:f4:
f8:9d:91:42:33:73:72:fd:26:6e:9b:2f:f2:37:fb:de:44:68:
85:a2:16:a9:05:02:b2:ca:3b:f3:a4:a8:cd:1b:19:b7:4f:e2:
4f:23:b0:a3:05:28:d7:b2:1e:db:45:f8:ef:55:c0:a3:16:e0:
6a:77:ec:d2:ac:6d:fc:34:16:15:ff:34:b9:b6:95:9c:42:f8:
75:2f:a0:9c:29:d0:9e:da:07:00:4d:9c:c5:e2:64:5d:dd:52:
27:b9:4f:5d:5b:2d:e4:be:28:94:6f:5d:9f:da:78:3e:1c:1f:
36:d6:a7:cf:fa:08:65:a1:6e:a3:7c:d7:55:5a:5a:19:98:5c:
e1:ea:51:25:1e:67:76:58:24:71:a4:64:3f:d5:44:fd:84:df:
02:78:6b:3a:33:3b:7f:d9:88:2e:72:86:7a:e3:2a:5b:61:2b:
a7:13:1a:18:99:0a:15:c2:0d:4e:57:ca:be:45:e6:b0:cc:c4:
8c:4c:e4:18:fe:b3:2f:fa:a5:0a:ef:48:1a:95:80:2e:3f:f4:
7b:6a:ed:ab:94:89:e4:fe:09:e3:ef:c7:df:53:3c:93:67:4c:
af:b7:b9:46:93:57:f1:b2:06:45:35:15:17:be:2b:5e:77:9d:
7d:da:85:f0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzF3QJOq37heEqoqvA+j1jyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjM3MTI4MWRmZTE5MDcyZDEzMzlkZDA0ODJiMmFhZmFk
NTQyY2UwHhcNMjQwMTAxMTYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjQ1YjE3Y2RmNWJjYmNlOWNhYTkxN2JjNTZlZDhhMWRiYzU5MWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvhoxvuH4oK+nDBIiOaBUqY471Nj
904QfDLGVo058wnj67QGt/94Y2dubT58wtVpkwgON0BdxFzPlvbc1wR4OYP2Roh8
I4Brovq/lVxp3UkDoA89PzQGk3O+NC2MIZeAAiE5uiD1rVf0Aoso/R43Fuo+s+Bl
abDDuOBqlZN4lcieS3wS4Qig2/hF643LOW3xSiyOYlT8IIcYlmT55aGZQ2/FLTds
pZWukgV24xRrzXRb2DMFtcz1JBkMMBbLXYmGESeeaTKGPnxYt/AsBxZCrTI6C8ja
cwOROkHPgsAnfWxp1yNBOL0XsXrS9k/TDJW1s8L0/j/N8Bphzv+QV5KGFQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCZFsXzfW8vOnKqRe8Vu2KHbxZHaMB8GA1UdIwQY
MBaAFKQjcSgd/hkHLRM53QSCsqr61ULOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgt
OTkwNjBlMjQ1OGVjLzEvSmtXeGZOOWJ5ODZjcXBGN3hXN1lvZHZGa2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNDNhMDUtNjAzZi00NjA3LWJjNjgtOTkwNjBlMjQ1OGVj
LzEvcENOeEtCMy1HUWN0RXpuZEJJS3lxdnJWUXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUCKhPbADAN
BgkqhkiG9w0BAQsFAAOCAQEAgsSTT3fCgcrXbSM5gqkakMb0+J2RQjNzcv0mbpsv
8jf73kRohaIWqQUCsso786SozRsZt0/iTyOwowUo17Ie20X471XAoxbganfs0qxt
/DQWFf80ubaVnEL4dS+gnCnQntoHAE2cxeJkXd1SJ7lPXVst5L4olG9dn9p4Phwf
Ntanz/oIZaFuo3zXVVpaGZhc4epRJR5ndlgkcaRkP9VE/YTfAnhrOjM7f9mILnKG
euMqW2ErpxMaGJkKFcINTlfKvkXmsMzEjEzkGP6zL/qlCu9IGpWALj/0e2rtq5SJ
5P4J4+/H31M8k2dMr7e5RpNX8bIGRTUVF74rXnedfdqF8A==
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:34:58 2025 by rpki-client