Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/vZhwfFLIW4ov7mMnQu29uOfbLKc.roa
File: vZhwfFLIW4ov7mMnQu29uOfbLKc.roa (raw, json)
Hash identifier: BxFAH96SpkWhXQw0RfHvgFG3oqj/ff48gV92Z8lSs94=
Subject key identifier: BD:98:70:7C:52:C8:5B:8A:2F:EE:63:27:42:ED:BD:B8:E7:DB:2C:A7
Certificate issuer: /CN=8e06f5a7314b2f966b24fc53155ce7bf604c07a6
Certificate serial: 018CC500F5F6D0276B733B6BC96014F78817
Authority key identifier: 8E:06:F5:A7:31:4B:2F:96:6B:24:FC:53:15:5C:E7:BF:60:4C:07:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/vZhwfFLIW4ov7mMnQu29uOfbLKc.roa
Signing time: Mon 01 Jan 2024 12:30:23 +0000
ROA not before: Mon 01 Jan 2024 12:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 2a13:a286:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Fri 19 Jul 2024 19:38:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:f5:f6:d0:27:6b:73:3b:6b:c9:60:14:f7:88:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e06f5a7314b2f966b24fc53155ce7bf604c07a6
Validity
Not Before: Jan 1 12:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd98707c52c85b8a2fee632742edbdb8e7db2ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6d:53:a9:e7:b5:ff:d2:97:14:e3:95:4c:bf:
79:c9:dc:cc:26:f3:a9:0c:d3:1f:ca:c8:af:2f:3b:
48:12:bc:89:5b:ab:fd:72:4a:33:54:4b:22:f9:42:
b6:b8:be:92:3e:41:97:20:c5:16:8f:4b:43:ce:a5:
77:96:15:22:f9:65:1c:b2:f4:35:02:1b:ba:8b:87:
6d:f1:b1:f5:6a:e7:94:13:ba:34:bd:e8:98:af:8f:
13:39:bc:dd:78:20:ea:78:44:53:28:16:42:f8:e8:
13:d4:6c:a0:04:11:44:e3:8f:c4:83:cb:93:e7:56:
73:9e:5d:0d:7a:60:fa:56:47:b1:78:77:8d:2a:1f:
c9:ea:05:f2:67:e3:cf:d9:dc:8c:38:dd:4b:16:f6:
da:05:25:ca:84:97:71:b5:d0:9d:30:88:5d:62:17:
95:73:3c:01:59:94:6f:fc:2b:d7:28:22:f7:b9:95:
d9:39:63:60:84:ce:5b:6e:61:52:67:bb:4b:4a:b6:
4e:6a:4c:4e:14:d8:22:50:27:44:d5:b2:d2:06:f2:
db:07:0e:7f:38:72:d9:dd:d6:76:a4:c9:66:2f:17:
72:f7:e3:67:1c:0e:79:2c:d9:4e:e0:8b:50:8d:ab:
04:60:85:d1:72:74:e0:cf:38:05:ce:4d:3e:f6:f7:
e4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:98:70:7C:52:C8:5B:8A:2F:EE:63:27:42:ED:BD:B8:E7:DB:2C:A7
X509v3 Authority Key Identifier:
keyid:8E:06:F5:A7:31:4B:2F:96:6B:24:FC:53:15:5C:E7:BF:60:4C:07:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/vZhwfFLIW4ov7mMnQu29uOfbLKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a286:8000::/33
Signature Algorithm: sha256WithRSAEncryption
cb:ac:79:7d:98:80:72:4e:d4:b2:2e:86:bc:96:f2:7a:ad:bc:
bf:a1:d7:a9:56:80:d1:af:a9:52:b1:84:62:92:50:3e:05:16:
1a:94:60:e0:23:b2:0c:5d:6b:ff:38:ba:ba:fa:08:7a:ea:85:
44:26:5c:cf:6f:6f:07:eb:af:23:1f:01:58:5e:a2:df:ca:37:
64:62:a3:9d:9e:ea:33:66:99:9a:18:74:d2:bf:62:3e:90:5c:
7d:90:6b:15:3b:75:83:b6:a2:2d:6c:ec:4e:0a:32:65:8e:14:
c4:2a:23:ac:d7:81:b6:1e:90:96:32:41:b5:50:22:36:1c:5a:
f3:5c:a9:af:7b:4b:8c:41:56:1c:10:d7:65:4d:99:75:96:b3:
83:93:58:2d:73:af:b6:95:5d:3a:13:64:64:b3:87:08:a0:5d:
7c:f0:7d:7b:8e:03:b9:9a:70:2a:6f:22:f5:dc:39:1a:32:55:
e4:ac:e1:13:de:c8:91:6d:b5:50:9a:16:cf:28:4d:01:6f:73:
89:9d:c9:00:36:17:7e:b7:f5:3c:7e:13:23:0c:25:73:aa:cc:
84:08:72:12:9c:c8:37:f3:9b:6a:76:a9:c2:c9:fe:c7:73:85:
f2:fa:a2:2d:f1:02:ae:e9:ad:05:f9:39:a6:a5:b7:02:fc:c3:
fd:6b:f9:13
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzFAPX20CdrcztryWAU94gXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDZmNWE3MzE0YjJmOTY2YjI0ZmM1MzE1NWNlN2JmNjA0
YzA3YTYwHhcNMjQwMTAxMTIzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk4NzA3YzUyYzg1YjhhMmZlZTYzMjc0MmVkYmRiOGU3ZGIyY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG1Tqee1/9KXFOOVTL95ydzMJvOp
DNMfysivLztIEryJW6v9ckozVEsi+UK2uL6SPkGXIMUWj0tDzqV3lhUi+WUcsvQ1
Ahu6i4dt8bH1aueUE7o0veiYr48TObzdeCDqeERTKBZC+OgT1GygBBFE44/Eg8uT
51Zznl0NemD6VkexeHeNKh/J6gXyZ+PP2dyMON1LFvbaBSXKhJdxtdCdMIhdYheV
czwBWZRv/CvXKCL3uZXZOWNghM5bbmFSZ7tLSrZOakxOFNgiUCdE1bLSBvLbBw5/
OHLZ3dZ2pMlmLxdy9+NnHA55LNlO4ItQjasEYIXRcnTgzzgFzk0+9vfkDwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFL2YcHxSyFuKL+5jJ0Ltvbjn2yynMB8GA1UdIwQY
MBaAFI4G9acxSy+WayT8UxVc579gTAemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdiMXB6RkxMNVpySlB4VEZWem52MkJNQjZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82MjYzM2YtMmIzZi00MDcyLThmNGEt
YjQ3NDk3MGVjYTY2LzEvdlpod2ZGTElXNG92N21NblF1Mjl1T2ZiTEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82MjYzM2YtMmIzZi00MDcyLThmNGEtYjQ3NDk3MGVjYTY2
LzEvamdiMXB6RkxMNVpySlB4VEZWem52MkJNQjZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKhOihoAw
DQYJKoZIhvcNAQELBQADggEBAMuseX2YgHJO1LIuhryW8nqtvL+h16lWgNGvqVKx
hGKSUD4FFhqUYOAjsgxda/84urr6CHrqhUQmXM9vbwfrryMfAVheot/KN2Rio52e
6jNmmZoYdNK/Yj6QXH2QaxU7dYO2oi1s7E4KMmWOFMQqI6zXgbYekJYyQbVQIjYc
WvNcqa97S4xBVhwQ12VNmXWWs4OTWC1zr7aVXToTZGSzhwigXXzwfXuOA7macCpv
IvXcORoyVeSs4RPeyJFttVCaFs8oTQFvc4mdyQA2F3639Tx+EyMMJXOqzIQIchKc
yDfzm2p2qcLJ/sdzhfL6oi3xAq7prQX5OaaltwL8w/1r+RM=
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:17:24 2025 by rpki-client