Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/sVLEsvrPPAaUhrTx2_mp4EFrVYg.roa
File: sVLEsvrPPAaUhrTx2_mp4EFrVYg.roa (raw, json)
Hash identifier: GAcRDn8ah+01lRjkUPcaEjWMGwADOtvhqkYKjuAGef0=
Subject key identifier: B1:52:C4:B2:FA:CF:3C:06:94:86:B4:F1:DB:F9:A9:E0:41:6B:55:88
Certificate issuer: /CN=14a63359e84e00c0f9e2a203ead2781a26d904e6
Certificate serial: 018CC348EEC739D4BB7158A03E0302D45994
Authority key identifier: 14:A6:33:59:E8:4E:00:C0:F9:E2:A2:03:EA:D2:78:1A:26:D9:04:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FKYzWehOAMD54qID6tJ4GibZBOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/sVLEsvrPPAaUhrTx2_mp4EFrVYg.roa
Signing time: Mon 01 Jan 2024 04:29:45 +0000
ROA not before: Mon 01 Jan 2024 04:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200203
IP address blocks: 2a13:d800:1000::/36 maxlen: 36
2a13:d800:2000::/36 maxlen: 36
2a13:d800:3000::/36 maxlen: 36
2a13:d800::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Sep 2024 09:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ee:c7:39:d4:bb:71:58:a0:3e:03:02:d4:59:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14a63359e84e00c0f9e2a203ead2781a26d904e6
Validity
Not Before: Jan 1 04:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b152c4b2facf3c069486b4f1dbf9a9e0416b5588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f7:fe:25:f8:77:4f:5e:9f:8b:c7:38:36:07:
48:e9:0b:08:d4:9b:6b:96:07:a5:81:c4:7c:91:58:
25:a4:c8:66:f9:50:a1:8a:c8:f4:f7:34:98:97:66:
9a:95:74:80:4b:d8:2b:a9:e0:33:a1:09:ae:1c:e8:
31:a8:3b:51:5a:e8:a7:0b:af:b8:0b:8d:b0:d3:91:
63:34:8b:94:29:e2:08:1b:f8:9e:58:5a:56:aa:91:
86:b8:64:0d:33:23:a8:e8:14:31:fa:5a:89:48:ce:
08:34:6c:2d:ca:4b:56:97:78:91:3f:5e:1a:c6:bd:
f7:a2:5e:4f:d6:ca:d7:6c:34:5f:c0:bc:3a:29:7f:
a8:5e:a2:5a:5a:15:74:3d:34:c0:c6:f7:6d:14:0d:
4e:1f:9e:e9:b4:71:f4:76:4f:0c:31:5c:dc:06:8d:
93:03:2a:6a:c2:59:04:13:df:19:a2:31:21:48:53:
bf:a3:47:5e:e7:26:f1:e7:58:a3:10:b5:95:34:cf:
4a:5a:86:e8:68:32:56:59:c5:c8:90:95:94:f8:84:
62:6d:b9:59:aa:11:e8:f3:5a:c0:f8:aa:89:26:e2:
3e:8d:1b:07:5a:0c:d7:5e:6c:a1:dc:47:ba:88:77:
16:39:b5:61:87:09:16:88:25:1f:f0:b4:23:72:10:
e4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:52:C4:B2:FA:CF:3C:06:94:86:B4:F1:DB:F9:A9:E0:41:6B:55:88
X509v3 Authority Key Identifier:
keyid:14:A6:33:59:E8:4E:00:C0:F9:E2:A2:03:EA:D2:78:1A:26:D9:04:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKYzWehOAMD54qID6tJ4GibZBOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/sVLEsvrPPAaUhrTx2_mp4EFrVYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/FKYzWehOAMD54qID6tJ4GibZBOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d800::/32
Signature Algorithm: sha256WithRSAEncryption
63:27:c9:0b:61:05:eb:aa:5f:06:17:ee:6c:1f:46:12:0c:a3:
69:3e:9d:f1:ef:f3:6c:0c:7f:d9:37:73:b5:cb:0d:be:ac:30:
97:dd:80:9b:15:5b:8a:8c:e0:9a:6e:f1:a3:c1:3e:d2:0c:2e:
4f:88:e6:e5:d4:bd:52:3a:ea:6c:7e:f1:d9:0a:ee:16:75:ac:
a0:44:7f:be:52:51:92:03:8d:ca:9e:1d:ab:9b:3a:10:16:fe:
1f:41:37:ee:71:83:35:44:bd:dd:a8:88:e2:8c:f4:8b:99:59:
57:65:ed:37:84:ef:07:61:a2:b2:c0:bb:ab:32:02:82:e5:a2:
a2:2f:a7:29:47:af:0d:b5:5f:50:20:60:98:95:e7:64:1f:aa:
33:14:10:fe:fb:93:1b:d7:34:22:24:3d:4b:82:4f:d8:d4:ef:
94:e6:e1:ee:36:82:58:5c:fc:54:00:cc:3e:8f:95:7c:41:b9:
f2:de:71:b8:54:b3:5b:87:89:93:a4:32:af:ba:f8:ad:5a:b1:
94:06:8e:c4:ce:b5:4d:ce:ba:21:ac:4d:3f:2d:d9:b6:8b:b3:
9f:81:ca:b3:b5:03:30:ec:76:15:b1:ab:67:bc:20:15:6b:f2:
d2:5f:7a:0e:65:6d:2e:f5:5a:ef:28:fa:b6:f6:ab:fb:c4:e7:
d2:86:28:8d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzDSO7HOdS7cVigPgMC1FmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YTYzMzU5ZTg0ZTAwYzBmOWUyYTIwM2VhZDI3ODFhMjZk
OTA0ZTYwHhcNMjQwMTAxMDQyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTUyYzRiMmZhY2YzYzA2OTQ4NmI0ZjFkYmY5YTllMDQxNmI1NTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhff+Jfh3T16fi8c4NgdI6QsI1Jtr
lgelgcR8kVglpMhm+VChisj09zSYl2aalXSAS9grqeAzoQmuHOgxqDtRWuinC6+4
C42w05FjNIuUKeIIG/ieWFpWqpGGuGQNMyOo6BQx+lqJSM4INGwtyktWl3iRP14a
xr33ol5P1srXbDRfwLw6KX+oXqJaWhV0PTTAxvdtFA1OH57ptHH0dk8MMVzcBo2T
AypqwlkEE98ZojEhSFO/o0de5ybx51ijELWVNM9KWoboaDJWWcXIkJWU+IRibblZ
qhHo81rA+KqJJuI+jRsHWgzXXmyh3Ee6iHcWObVhhwkWiCUf8LQjchDkfQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLFSxLL6zzwGlIa08dv5qeBBa1WIMB8GA1UdIwQY
MBaAFBSmM1noTgDA+eKiA+rSeBom2QTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRktZeldlaE9BTUQ1NHFJRDZ0SjRHaWJaQk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xYjZiMjEtNWViMi00YmY4LWI1NWQt
OWYxNzE1OTdhZTc4LzEvc1ZMRXN2clBQQWFVaHJUeDJfbXA0RUZyVllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xYjZiMjEtNWViMi00YmY4LWI1NWQtOWYxNzE1OTdhZTc4
LzEvRktZeldlaE9BTUQ1NHFJRDZ0SjRHaWJaQk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPYADAN
BgkqhkiG9w0BAQsFAAOCAQEAYyfJC2EF66pfBhfubB9GEgyjaT6d8e/zbAx/2Tdz
tcsNvqwwl92AmxVbiozgmm7xo8E+0gwuT4jm5dS9UjrqbH7x2QruFnWsoER/vlJR
kgONyp4dq5s6EBb+H0E37nGDNUS93aiI4oz0i5lZV2XtN4TvB2GissC7qzICguWi
oi+nKUevDbVfUCBgmJXnZB+qMxQQ/vuTG9c0IiQ9S4JP2NTvlObh7jaCWFz8VADM
Po+VfEG58t5xuFSzW4eJk6Qyr7r4rVqxlAaOxM61Tc66IaxNPy3Ztouzn4HKs7UD
MOx2FbGrZ7wgFWvy0l96DmVtLvVa7yj6tvar+8Tn0oYojQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:08 2025 by rpki-client