Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f4663f-484e-42db-89a0-15b09f5f6ed7/1/iVWh2p_3MFMD1pnbdvAW0VsDF6Q.roa
File: iVWh2p_3MFMD1pnbdvAW0VsDF6Q.roa (raw, json)
Hash identifier: WzNEOzmSsDGCLejlf3phj6fQAc1BRPIJQaShgOM5y9E=
Subject key identifier: 89:55:A1:DA:9F:F7:30:53:03:D6:99:DB:76:F0:16:D1:5B:03:17:A4
Certificate issuer: /CN=80b0638b876f3978ca7bd28d7de370996b396a3f
Certificate serial: 018CC26D6DB4A203622E679535BE6926B295
Authority key identifier: 80:B0:63:8B:87:6F:39:78:CA:7B:D2:8D:7D:E3:70:99:6B:39:6A:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gLBji4dvOXjKe9KNfeNwmWs5aj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f4663f-484e-42db-89a0-15b09f5f6ed7/1/iVWh2p_3MFMD1pnbdvAW0VsDF6Q.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216346
IP address blocks: 2a13:4e00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 03 Apr 2024 09:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6d:b4:a2:03:62:2e:67:95:35:be:69:26:b2:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80b0638b876f3978ca7bd28d7de370996b396a3f
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8955a1da9ff7305303d699db76f016d15b0317a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6f:52:38:ee:64:4c:cf:44:ba:b0:98:b6:4d:
fe:c5:9a:4a:5c:dd:57:9d:32:12:25:a8:1d:3e:84:
57:49:a5:1f:f5:33:1f:ce:f5:72:b2:13:b0:db:af:
5e:f2:e6:19:91:c6:9b:8e:a5:e5:41:e6:43:a7:f5:
a9:e3:cc:24:85:1a:7e:69:3a:f5:f2:d8:92:bb:54:
bb:75:cb:07:8f:0b:3e:5c:f1:33:c7:1a:87:f7:23:
5c:8e:df:8e:52:43:6f:5a:42:1f:cd:01:be:0c:e3:
6c:4b:77:91:f7:b9:a4:cd:2f:6d:eb:be:6c:f2:54:
14:14:10:7d:74:5d:aa:b9:9c:ca:5e:a8:1e:bf:01:
6a:91:04:04:80:2b:34:2b:bb:95:15:49:29:98:c4:
66:1f:4c:93:a6:a7:3e:a4:70:8a:96:06:81:6a:95:
8e:f8:f4:ac:ec:aa:e2:f9:04:03:9d:ec:07:c3:9c:
4d:14:bb:f8:e2:f5:73:95:b7:0d:0c:9d:6f:4f:95:
ba:78:5e:c8:75:80:07:d8:51:33:8e:90:1c:73:79:
ba:26:0b:42:54:15:3d:d4:ed:c9:e1:17:0f:f0:8c:
36:7a:1c:cc:0a:b6:1a:dc:43:7f:f5:a5:fd:f3:cd:
0f:fe:e4:2d:b0:01:5f:fd:c9:46:f9:62:32:7c:ed:
b6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:55:A1:DA:9F:F7:30:53:03:D6:99:DB:76:F0:16:D1:5B:03:17:A4
X509v3 Authority Key Identifier:
keyid:80:B0:63:8B:87:6F:39:78:CA:7B:D2:8D:7D:E3:70:99:6B:39:6A:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gLBji4dvOXjKe9KNfeNwmWs5aj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f4663f-484e-42db-89a0-15b09f5f6ed7/1/iVWh2p_3MFMD1pnbdvAW0VsDF6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f4663f-484e-42db-89a0-15b09f5f6ed7/1/gLBji4dvOXjKe9KNfeNwmWs5aj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:4e00::/29
Signature Algorithm: sha256WithRSAEncryption
54:1e:d4:87:9a:ac:f4:d7:71:d9:32:65:06:ed:1f:27:aa:a7:
d6:32:35:68:3b:b3:60:39:81:d5:4b:26:e3:05:c9:98:7c:28:
50:ec:64:75:98:5a:cf:6b:d9:71:8e:f1:bb:71:e8:c5:03:a9:
99:53:1b:25:25:29:3d:0a:07:b5:7d:84:4e:29:27:95:53:4d:
21:3e:44:69:69:e0:e3:49:4b:6c:93:c1:c1:8b:f7:0a:d9:96:
88:32:86:4c:e8:1c:34:aa:fd:79:56:c4:cc:54:c3:a2:b0:a2:
16:f0:c0:47:84:90:22:48:d9:3f:3b:59:85:c4:9f:e4:1b:77:
ca:ec:06:34:8c:b7:2b:c9:42:c2:68:11:f7:29:bf:40:9c:b5:
e4:5f:1a:ed:3a:5e:75:15:1c:c5:63:59:61:b8:f1:61:6f:25:
7b:8c:6c:b1:7b:99:28:c2:ac:b6:08:5d:f3:f0:d0:46:15:b0:
00:90:71:6c:46:1b:4f:1f:8e:dc:44:9e:cb:57:5c:ea:b3:c3:
5c:52:5a:2d:d3:b5:c2:6b:81:40:06:38:9d:d5:6d:b7:36:84:
c2:06:74:54:77:94:b0:a4:fe:45:b4:40:55:84:18:d4:ac:48:
73:bf:9f:93:08:94:3f:02:d6:30:6d:d5:09:bd:f7:07:6e:22:
9e:33:8f:68
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzCbW20ogNiLmeVNb5pJrKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYjA2MzhiODc2ZjM5NzhjYTdiZDI4ZDdkZTM3MDk5NmIz
OTZhM2YwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTU1YTFkYTlmZjczMDUzMDNkNjk5ZGI3NmYwMTZkMTViMDMxN2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq29SOO5kTM9EurCYtk3+xZpKXN1X
nTISJagdPoRXSaUf9TMfzvVyshOw269e8uYZkcabjqXlQeZDp/Wp48wkhRp+aTr1
8tiSu1S7dcsHjws+XPEzxxqH9yNcjt+OUkNvWkIfzQG+DONsS3eR97mkzS9t675s
8lQUFBB9dF2quZzKXqgevwFqkQQEgCs0K7uVFUkpmMRmH0yTpqc+pHCKlgaBapWO
+PSs7Kri+QQDnewHw5xNFLv44vVzlbcNDJ1vT5W6eF7IdYAH2FEzjpAcc3m6JgtC
VBU91O3J4RcP8Iw2ehzMCrYa3EN/9aX9880P/uQtsAFf/clG+WIyfO22bQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIlVodqf9zBTA9aZ23bwFtFbAxekMB8GA1UdIwQY
MBaAFICwY4uHbzl4ynvSjX3jcJlrOWo/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0xCamk0ZHZPWGpLZTlLTmZlTndtV3M1YWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mNDY2M2YtNDg0ZS00MmRiLTg5YTAt
MTViMDlmNWY2ZWQ3LzEvaVZXaDJwXzNNRk1EMXBuYmR2QVcwVnNERjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mNDY2M2YtNDg0ZS00MmRiLTg5YTAtMTViMDlmNWY2ZWQ3
LzEvZ0xCamk0ZHZPWGpLZTlLTmZlTndtV3M1YWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNOADAN
BgkqhkiG9w0BAQsFAAOCAQEAVB7Uh5qs9Ndx2TJlBu0fJ6qn1jI1aDuzYDmB1Usm
4wXJmHwoUOxkdZhaz2vZcY7xu3HoxQOpmVMbJSUpPQoHtX2ETiknlVNNIT5EaWng
40lLbJPBwYv3CtmWiDKGTOgcNKr9eVbEzFTDorCiFvDAR4SQIkjZPztZhcSf5Bt3
yuwGNIy3K8lCwmgR9ym/QJy15F8a7TpedRUcxWNZYbjxYW8le4xssXuZKMKstghd
8/DQRhWwAJBxbEYbTx+O3ESey1dc6rPDXFJaLdO1wmuBQAY4ndVttzaEwgZ0VHeU
sKT+RbRAVYQY1KxIc7+fkwiUPwLWMG3VCb33B24injOPaA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:16 2025 by rpki-client