Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/NjU6E2GjKMifiwQvRwMGney7f2I.roa
File: NjU6E2GjKMifiwQvRwMGney7f2I.roa (raw, json)
Hash identifier: qYmW97zWwGVcp75TCfkQ97lAtCCTY1LDL+IUA1O4GkA=
Subject key identifier: 36:35:3A:13:61:A3:28:C8:9F:8B:04:2F:47:03:06:9D:EC:BB:7F:62
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 018CC871497C73A2AD4942DAC834F9EFAB81
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/NjU6E2GjKMifiwQvRwMGney7f2I.roa
Signing time: Tue 02 Jan 2024 04:31:56 +0000
ROA not before: Tue 02 Jan 2024 04:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202044
IP address blocks: 2a13:1880::/31 maxlen: 31
2a13:1884::/31 maxlen: 31
2a13:1886::/31 maxlen: 31
2a13:1882::/31 maxlen: 31
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:49:7c:73:a2:ad:49:42:da:c8:34:f9:ef:ab:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jan 2 04:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36353a1361a328c89f8b042f4703069decbb7f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ad:84:7e:17:9c:e4:c9:e4:a6:56:43:19:ca:
f5:dc:b8:2a:ba:cb:a6:ca:fe:55:09:e4:7b:a3:04:
82:98:63:a7:d8:51:c9:14:b3:4c:40:a5:e0:7c:a0:
73:2f:08:49:4c:e3:5b:5c:fe:82:a7:bb:77:4f:6e:
83:cd:d7:d6:2c:dd:38:87:a7:95:79:63:9e:e5:8a:
24:6b:ab:0c:f0:5d:88:bd:d1:6d:63:28:b0:68:c2:
02:ea:c0:5c:93:4e:ad:03:21:e6:8a:20:a7:99:8b:
2a:3c:8d:d4:82:06:95:21:3f:d1:43:ee:a1:fa:ab:
08:2e:97:95:e8:69:9e:e0:f7:02:bd:5a:5c:1b:60:
b2:a6:6c:23:83:2f:e7:05:f1:98:d4:7d:22:e0:37:
35:6d:07:fc:e8:39:e0:42:23:2c:60:27:6c:ff:5b:
ca:fa:92:0c:3a:81:c7:3f:cc:d8:49:2b:f6:16:f4:
6b:9b:10:62:64:a6:15:8b:51:7c:5c:41:22:a8:2d:
60:be:46:34:bb:b0:19:6c:81:04:14:86:26:2e:90:
eb:61:35:93:7b:8e:d6:0f:ce:ee:c7:70:02:fa:2a:
0b:4d:09:83:5b:aa:68:79:a7:5c:6a:5f:a8:a8:f3:
86:34:f6:bc:f3:46:d5:fd:6f:b0:9b:97:af:a4:48:
67:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:35:3A:13:61:A3:28:C8:9F:8B:04:2F:47:03:06:9D:EC:BB:7F:62
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/NjU6E2GjKMifiwQvRwMGney7f2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:1880::/29
Signature Algorithm: sha256WithRSAEncryption
2c:ef:7e:ec:02:5e:b5:d0:1c:95:c9:5b:40:2f:f7:c1:bd:8a:
28:48:41:2f:04:2d:98:1e:17:d0:a0:cb:cf:0a:df:b0:89:11:
61:b0:ef:0a:fe:42:c9:cd:7a:d3:f8:82:b3:1b:8a:fd:ff:38:
e2:83:c0:cc:64:be:c2:f2:84:23:3f:8c:8d:66:e0:54:bc:43:
6e:2c:39:e7:ef:dc:9c:f4:af:c8:b4:95:a7:47:be:c5:4e:54:
4b:d2:58:90:6d:6f:03:c7:ba:bd:b4:2c:09:44:91:6e:67:d0:
a5:d8:b3:3b:3d:5e:e4:8a:c8:f8:e8:69:56:ee:ee:93:3a:70:
9f:01:1b:1e:ca:ce:b7:fe:4f:6a:46:74:83:8e:d3:e6:20:54:
04:75:b7:37:36:4f:fb:34:11:a6:fe:33:e2:93:78:47:fc:4d:
5c:56:4f:a6:dd:d2:ce:36:0f:81:64:5b:6d:7b:2b:03:cb:6b:
36:d4:68:c6:7e:63:75:f1:f7:55:cc:4c:54:5a:67:62:fb:d4:
ef:36:4c:7d:7d:d8:59:c4:66:5c:0c:fb:62:68:a6:fa:bc:a1:
57:76:22:1c:9a:5d:32:96:75:0f:28:05:14:11:9a:9d:6e:9c:
95:29:d8:c4:d5:f5:e8:0a:73:3e:b5:e4:b4:b9:93:29:14:48:
df:e3:5f:22
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIcUl8c6KtSULayDT576uBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQwMTAyMDQzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM1M2ExMzYxYTMyOGM4OWY4YjA0MmY0NzAzMDY5ZGVjYmI3ZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa2Efhec5MnkplZDGcr13Lgqusum
yv5VCeR7owSCmGOn2FHJFLNMQKXgfKBzLwhJTONbXP6Cp7t3T26DzdfWLN04h6eV
eWOe5Yoka6sM8F2IvdFtYyiwaMIC6sBck06tAyHmiiCnmYsqPI3UggaVIT/RQ+6h
+qsILpeV6Gme4PcCvVpcG2Cypmwjgy/nBfGY1H0i4Dc1bQf86DngQiMsYCds/1vK
+pIMOoHHP8zYSSv2FvRrmxBiZKYVi1F8XEEiqC1gvkY0u7AZbIEEFIYmLpDrYTWT
e47WD87ux3AC+ioLTQmDW6poeadcal+oqPOGNPa880bV/W+wm5evpEhnbQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDY1OhNhoyjIn4sEL0cDBp3su39iMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvTmpVNkUyR2pLTWlmaXdRdlJ3TUduZXk3ZjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhMYgDAN
BgkqhkiG9w0BAQsFAAOCAQEALO9+7AJetdAclclbQC/3wb2KKEhBLwQtmB4X0KDL
zwrfsIkRYbDvCv5Cyc160/iCsxuK/f844oPAzGS+wvKEIz+MjWbgVLxDbiw55+/c
nPSvyLSVp0e+xU5US9JYkG1vA8e6vbQsCUSRbmfQpdizOz1e5IrI+OhpVu7ukzpw
nwEbHsrOt/5PakZ0g47T5iBUBHW3NzZP+zQRpv4z4pN4R/xNXFZPpt3SzjYPgWRb
bXsrA8trNtRoxn5jdfH3VcxMVFpnYvvU7zZMfX3YWcRmXAz7Ymim+ryhV3YiHJpd
MpZ1DygFFBGanW6clSnYxNX16ApzPrXktLmTKRRI3+NfIg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:32 2025 by rpki-client