Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/H0KwMbX473i3EyvOXh1BK6Zo4vA.roa
File: H0KwMbX473i3EyvOXh1BK6Zo4vA.roa (raw, json)
Hash identifier: clMQLU7ZJpy8vg6s4Zah+c95OC+5f48ZB0kYTiUKiXg=
Subject key identifier: 1F:42:B0:31:B5:F8:EF:78:B7:13:2B:CE:5E:1D:41:2B:A6:68:E2:F0
Certificate issuer: /CN=b504bcceb9c363f13e3adaa4c0fa52780f064684
Certificate serial: 018E33B024A36F6193A31BC406DCB7D35E84
Authority key identifier: B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/H0KwMbX473i3EyvOXh1BK6Zo4vA.roa
Signing time: Tue 12 Mar 2024 17:22:45 +0000
ROA not before: Tue 12 Mar 2024 17:22:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213216
IP address blocks: 2a13:7fc0:4201::/48 maxlen: 48
2a13:7fc0:a42a::/48 maxlen: 64
Validation: Failed, certificate revoked on Wed 30 Oct 2024 20:46:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:33:b0:24:a3:6f:61:93:a3:1b:c4:06:dc:b7:d3:5e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b504bcceb9c363f13e3adaa4c0fa52780f064684
Validity
Not Before: Mar 12 17:22:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f42b031b5f8ef78b7132bce5e1d412ba668e2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f3:9c:84:36:db:2c:72:5a:e3:49:c9:02:2f:
04:ee:ba:34:83:6c:56:e3:d2:2e:89:0b:0a:0b:8c:
5b:1b:82:5d:9f:0c:c4:31:73:fd:06:49:b0:ff:9a:
b6:40:81:7f:06:df:e8:3f:b3:bf:59:79:82:8c:66:
ee:a3:47:22:8f:f8:d6:df:c4:0a:65:2b:cb:b8:10:
ec:11:fa:87:66:76:e3:c9:9a:15:22:03:d7:ba:0c:
d7:b4:3b:91:c5:a5:9e:e8:10:bf:a9:ff:45:72:33:
89:c9:ed:b7:d2:f5:81:e8:b1:fb:9e:04:a3:4e:0c:
43:64:99:ee:49:e8:d3:75:1c:80:2b:a7:48:97:20:
80:1f:f2:07:65:13:ce:c4:ea:5d:ec:ba:5d:3e:11:
e0:ab:0b:72:e1:7c:3c:cf:7d:ce:56:f3:50:d5:0c:
7f:50:36:09:ee:0c:7d:63:ea:ce:ff:85:d8:01:d0:
dc:63:24:2b:a0:34:7a:4a:c2:30:28:5d:52:30:89:
b2:46:77:87:f3:95:2a:a2:25:0f:0f:ba:33:5c:39:
12:c7:ae:fb:b7:8e:bb:0e:cf:a3:bc:6b:5e:af:8a:
a6:7f:fb:08:00:34:d1:3c:1c:20:b0:3d:57:aa:0d:
8a:38:85:b7:b5:e5:88:5d:c2:bb:60:68:90:8f:7f:
0e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:42:B0:31:B5:F8:EF:78:B7:13:2B:CE:5E:1D:41:2B:A6:68:E2:F0
X509v3 Authority Key Identifier:
keyid:B5:04:BC:CE:B9:C3:63:F1:3E:3A:DA:A4:C0:FA:52:78:0F:06:46:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/H0KwMbX473i3EyvOXh1BK6Zo4vA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/1d3cdc-d04b-4adb-b069-2a351ab3b8f6/1/tQS8zrnDY_E-OtqkwPpSeA8GRoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7fc0:4201::/48
2a13:7fc0:a42a::/48
Signature Algorithm: sha256WithRSAEncryption
7a:c4:df:09:f7:ef:2a:07:1f:95:79:e9:9d:b9:0e:bd:d0:30:
72:52:71:3a:1b:91:ac:f5:1f:41:f2:ad:9e:32:a6:f4:22:d7:
0a:68:37:c0:76:fd:26:eb:ea:af:21:cc:24:75:57:1e:e4:98:
a2:71:0f:d5:04:e2:e5:97:dd:a2:c2:1c:aa:38:ec:a9:57:a8:
55:0d:0c:ee:39:43:f6:a8:87:97:24:cb:13:96:dd:ce:45:df:
ec:03:b2:78:6d:cd:c6:fb:1c:d9:e9:b8:59:00:57:b2:c4:ea:
69:90:6b:20:74:05:fb:d1:03:48:df:e8:e2:c4:e4:f4:f0:4b:
7d:99:43:4d:76:b6:10:95:60:bd:4b:8b:6e:f2:0a:2c:21:62:
a9:47:7c:f2:46:73:e4:93:3d:b6:b4:65:fd:1b:4e:ce:11:31:
9c:71:a4:4e:11:01:c3:ef:99:e4:5d:cf:35:dd:42:68:c3:8c:
75:d1:08:a5:89:4d:6f:ed:09:a6:10:f2:e7:c3:7e:a2:21:f4:
48:c8:b7:5d:0f:cb:00:91:fb:be:02:7e:c5:00:0a:dd:0d:a0:
a4:1f:fe:91:17:a0:28:b6:68:89:47:15:62:43:a4:68:9f:e7:
92:7f:98:de:be:ea:28:2c:ac:09:79:63:82:60:92:13:48:36:
4e:c2:63:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4zsCSjb2GToxvEBty3016EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MDRiY2NlYjljMzYzZjEzZTNhZGFhNGMwZmE1Mjc4MGYw
NjQ2ODQwHhcNMjQwMzEyMTcyMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjQyYjAzMWI1ZjhlZjc4YjcxMzJiY2U1ZTFkNDEyYmE2NjhlMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/OchDbbLHJa40nJAi8E7ro0g2xW
49IuiQsKC4xbG4JdnwzEMXP9Bkmw/5q2QIF/Bt/oP7O/WXmCjGbuo0cij/jW38QK
ZSvLuBDsEfqHZnbjyZoVIgPXugzXtDuRxaWe6BC/qf9FcjOJye230vWB6LH7ngSj
TgxDZJnuSejTdRyAK6dIlyCAH/IHZRPOxOpd7LpdPhHgqwty4Xw8z33OVvNQ1Qx/
UDYJ7gx9Y+rO/4XYAdDcYyQroDR6SsIwKF1SMImyRneH85UqoiUPD7ozXDkSx677
t467Ds+jvGter4qmf/sIADTRPBwgsD1Xqg2KOIW3teWIXcK7YGiQj38OrwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB9CsDG1+O94txMrzl4dQSumaOLwMB8GA1UdIwQY
MBaAFLUEvM65w2PxPjrapMD6UngPBkaEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFFTOHpybkRZX0UtT3Rxa3dQcFNlQThHUm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xZDNjZGMtZDA0Yi00YWRiLWIwNjkt
MmEzNTFhYjNiOGY2LzEvSDBLd01iWDQ3M2kzRXl2T1hoMUJLNlpvNHZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xZDNjZGMtZDA0Yi00YWRiLWIwNjktMmEzNTFhYjNiOGY2
LzEvdFFTOHpybkRZX0UtT3Rxa3dQcFNlQThHUm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhN/wEIB
AwcAKhN/wKQqMA0GCSqGSIb3DQEBCwUAA4IBAQB6xN8J9+8qBx+VeemduQ690DBy
UnE6G5Gs9R9B8q2eMqb0ItcKaDfAdv0m6+qvIcwkdVce5JiicQ/VBOLll92iwhyq
OOypV6hVDQzuOUP2qIeXJMsTlt3ORd/sA7J4bc3G+xzZ6bhZAFeyxOppkGsgdAX7
0QNI3+jixOT08Et9mUNNdrYQlWC9S4tu8gosIWKpR3zyRnPkkz22tGX9G07OETGc
caROEQHD75nkXc813UJow4x10QiliU1v7QmmEPLnw36iIfRIyLddD8sAkfu+An7F
AArdDaCkH/6RF6AotmiJRxViQ6Ron+eSf5jevuooLKwJeWOCYJITSDZOwmOv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:28 2025 by rpki-client