Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/3b11de-900f-4378-84eb-7870c645e219/1/4TLGiRKRAWmZsvWhVdIK7lZ_KQo.roa
File: 4TLGiRKRAWmZsvWhVdIK7lZ_KQo.roa (raw, json)
Hash identifier: o/7HkR/4TcBOBNgU8fnTyekebm3MkdHLsrLzAEPnzvQ=
Subject key identifier: E1:32:C6:89:12:91:01:69:99:B2:F5:A1:55:D2:0A:EE:56:7F:29:0A
Certificate issuer: /CN=8f1cb9737524c437f6fa7521176bb0ab71fbee63
Certificate serial: 018CC2DB1DD7F452D8755AA1482894975512
Authority key identifier: 8F:1C:B9:73:75:24:C4:37:F6:FA:75:21:17:6B:B0:AB:71:FB:EE:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxy5c3UkxDf2-nUhF2uwq3H77mM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/3b11de-900f-4378-84eb-7870c645e219/1/4TLGiRKRAWmZsvWhVdIK7lZ_KQo.roa
Signing time: Mon 01 Jan 2024 02:29:49 +0000
ROA not before: Mon 01 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60021
IP address blocks: 2a13:96c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1d:d7:f4:52:d8:75:5a:a1:48:28:94:97:55:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f1cb9737524c437f6fa7521176bb0ab71fbee63
Validity
Not Before: Jan 1 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e132c6891291016999b2f5a155d20aee567f290a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d0:2a:ee:a0:4b:83:4b:ce:cf:64:6c:7c:cd:
47:fb:45:ce:c1:d4:42:b0:2d:e9:e1:fd:be:02:fd:
61:77:e8:23:3b:7c:0d:2f:a2:f9:75:7b:79:ff:38:
13:21:96:c4:32:ad:c5:01:47:82:79:dc:bb:47:ab:
00:72:56:44:a0:ce:dc:be:d8:19:a2:25:f3:91:1d:
66:1e:8e:df:57:64:99:47:12:3c:14:17:7b:19:ee:
84:78:a8:54:61:8f:66:33:cd:d1:3d:36:dc:2f:58:
96:f6:08:a2:64:0f:9f:aa:7e:0c:80:cf:27:6a:ea:
37:c7:29:8f:00:b6:eb:42:60:f4:ce:41:c8:38:a7:
40:a7:fc:ec:db:12:8a:8f:62:69:89:88:82:9c:dc:
5b:89:01:dd:3c:41:a6:59:00:dc:03:06:89:ad:4d:
eb:46:8c:6f:45:10:ee:a9:16:d7:5d:70:50:47:0e:
15:b1:60:af:ca:9f:36:49:49:08:29:ea:74:88:cc:
c7:f1:98:1a:d9:7b:15:07:60:be:d4:6c:ec:64:d2:
43:13:2d:11:f7:cb:e5:8b:12:2c:b7:bb:79:a0:fb:
f2:ee:84:f2:59:5b:74:b0:ae:9a:88:69:13:f0:d7:
ed:bd:9b:c8:c3:b2:68:5c:22:e8:5b:6b:2c:06:ac:
28:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:32:C6:89:12:91:01:69:99:B2:F5:A1:55:D2:0A:EE:56:7F:29:0A
X509v3 Authority Key Identifier:
keyid:8F:1C:B9:73:75:24:C4:37:F6:FA:75:21:17:6B:B0:AB:71:FB:EE:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxy5c3UkxDf2-nUhF2uwq3H77mM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3b11de-900f-4378-84eb-7870c645e219/1/4TLGiRKRAWmZsvWhVdIK7lZ_KQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/3b11de-900f-4378-84eb-7870c645e219/1/jxy5c3UkxDf2-nUhF2uwq3H77mM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:96c0::/29
Signature Algorithm: sha256WithRSAEncryption
70:3b:7d:73:a1:a4:10:18:09:66:a6:b4:3a:ab:3f:14:21:12:
07:35:7f:f4:d5:ff:55:f5:3d:ce:82:2d:1d:d4:b5:ad:91:0c:
6f:04:77:2f:8b:f3:1b:6f:5d:61:e4:9f:08:24:20:12:b0:0e:
f0:66:45:4e:8d:a6:a2:35:ac:23:55:10:56:f3:63:d3:97:4e:
4e:d8:cf:4b:49:89:a3:ff:1c:64:ae:ae:dc:84:3f:83:0c:8e:
d1:76:ce:f8:ac:5a:e0:81:5c:11:d3:99:44:ab:59:7e:9e:03:
f8:b0:8d:ae:95:bf:d0:e2:3a:a6:f5:ac:4e:39:13:24:e2:ce:
ec:8d:d3:8f:2e:19:ca:55:66:57:9a:55:94:40:1a:cd:fe:d7:
82:ab:bb:02:4a:de:20:8a:e7:82:82:5f:75:18:05:23:93:69:
0a:0d:5d:a9:f2:83:ca:c4:ca:b1:67:15:5f:95:74:d6:c1:ba:
2f:41:a3:82:67:96:a3:68:76:40:af:08:48:21:78:34:7c:86:
8c:44:0e:0f:9d:5f:15:ec:f5:f2:36:8e:ce:1c:62:8a:fd:dc:
8e:2d:c8:97:78:0d:58:4c:a6:5d:f4:e5:cd:98:87:a7:2d:b2:
80:ed:7d:95:78:82:79:0c:45:c8:c6:06:70:68:2f:38:a5:7b:
96:86:03:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzC2x3X9FLYdVqhSCiUl1USMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMWNiOTczNzUyNGM0MzdmNmZhNzUyMTE3NmJiMGFiNzFm
YmVlNjMwHhcNMjQwMTAxMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTMyYzY4OTEyOTEwMTY5OTliMmY1YTE1NWQyMGFlZTU2N2YyOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09Aq7qBLg0vOz2RsfM1H+0XOwdRC
sC3p4f2+Av1hd+gjO3wNL6L5dXt5/zgTIZbEMq3FAUeCedy7R6sAclZEoM7cvtgZ
oiXzkR1mHo7fV2SZRxI8FBd7Ge6EeKhUYY9mM83RPTbcL1iW9giiZA+fqn4MgM8n
auo3xymPALbrQmD0zkHIOKdAp/zs2xKKj2JpiYiCnNxbiQHdPEGmWQDcAwaJrU3r
RoxvRRDuqRbXXXBQRw4VsWCvyp82SUkIKep0iMzH8Zga2XsVB2C+1GzsZNJDEy0R
98vlixIst7t5oPvy7oTyWVt0sK6aiGkT8NftvZvIw7JoXCLoW2ssBqwotQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOEyxokSkQFpmbL1oVXSCu5WfykKMB8GA1UdIwQY
MBaAFI8cuXN1JMQ39vp1IRdrsKtx++5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanh5NWMzVWt4RGYyLW5VaEYydXdxM0g3N21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8zYjExZGUtOTAwZi00Mzc4LTg0ZWIt
Nzg3MGM2NDVlMjE5LzEvNFRMR2lSS1JBV21ac3ZXaFZkSUs3bFpfS1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8zYjExZGUtOTAwZi00Mzc4LTg0ZWItNzg3MGM2NDVlMjE5
LzEvanh5NWMzVWt4RGYyLW5VaEYydXdxM0g3N21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOWwDAN
BgkqhkiG9w0BAQsFAAOCAQEAcDt9c6GkEBgJZqa0Oqs/FCESBzV/9NX/VfU9zoIt
HdS1rZEMbwR3L4vzG29dYeSfCCQgErAO8GZFTo2mojWsI1UQVvNj05dOTtjPS0mJ
o/8cZK6u3IQ/gwyO0XbO+Kxa4IFcEdOZRKtZfp4D+LCNrpW/0OI6pvWsTjkTJOLO
7I3Tjy4ZylVmV5pVlEAazf7Xgqu7AkreIIrngoJfdRgFI5NpCg1dqfKDysTKsWcV
X5V01sG6L0GjgmeWo2h2QK8ISCF4NHyGjEQOD51fFez18jaOzhxiiv3cji3Il3gN
WEymXfTlzZiHpy2ygO19lXiCeQxFyMYGcGgvOKV7loYDXg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:24 2025 by rpki-client