Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/4a2e97-2570-478b-b9bc-5ebb6378009e/1/9k8nqCJTjYn9MHDkZgWkiW9FBgs.roa
File: 9k8nqCJTjYn9MHDkZgWkiW9FBgs.roa (raw, json)
Hash identifier: jNSCZ7BG1DgMYXdrup37f+dBk7kG1Dngcf4KuOYw3Jc=
Subject key identifier: F6:4F:27:A8:22:53:8D:89:FD:30:70:E4:66:05:A4:89:6F:45:06:0B
Certificate issuer: /CN=e292c8c779b6ed6ede72a8cf11490ef6d7a9e921
Certificate serial: 0193780D07D80EF903E3B8B9A118533A5B8D
Authority key identifier: E2:92:C8:C7:79:B6:ED:6E:DE:72:A8:CF:11:49:0E:F6:D7:A9:E9:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4pLIx3m27W7ecqjPEUkO9tep6SE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/4a2e97-2570-478b-b9bc-5ebb6378009e/1/9k8nqCJTjYn9MHDkZgWkiW9FBgs.roa
Signing time: Fri 29 Nov 2024 13:12:20 +0000
ROA not before: Fri 29 Nov 2024 13:12:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43668
IP address blocks: 2a13:3ac0::/32 maxlen: 32
2a13:3ac1::/32 maxlen: 32
2a13:3ac2::/32 maxlen: 32
2a13:3ac3::/32 maxlen: 32
2a13:3ac4::/32 maxlen: 32
2a13:3ac5::/32 maxlen: 32
2a13:3ac6::/32 maxlen: 32
2a13:3ac7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:0d:07:d8:0e:f9:03:e3:b8:b9:a1:18:53:3a:5b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e292c8c779b6ed6ede72a8cf11490ef6d7a9e921
Validity
Not Before: Nov 29 13:12:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f64f27a822538d89fd3070e46605a4896f45060b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c6:ef:8e:44:40:f4:0b:ce:2d:29:74:2c:9c:
0b:b3:dc:16:bf:41:de:a1:dc:b3:9e:9a:fe:aa:6f:
df:20:7f:15:e1:16:0a:46:05:ed:6f:dc:00:ad:cb:
83:b0:63:0d:0b:14:25:81:79:b9:4e:7a:74:2c:88:
72:7f:90:40:bf:4d:bc:ea:9e:3b:a7:97:5e:35:8b:
d1:75:25:cd:97:28:fb:af:ce:a2:dc:f1:14:cb:2e:
77:67:2f:7b:9c:db:43:3c:45:5f:ee:53:7b:64:65:
43:32:88:e0:7b:6b:b4:0f:74:8d:5b:8d:e7:80:c9:
89:59:4c:07:5c:d4:5f:77:ac:88:c4:b4:c6:0b:eb:
4e:4b:ca:d0:2e:59:99:9c:e5:a6:2b:a3:31:23:c0:
c4:ec:91:01:cf:33:a0:5c:f1:74:89:ea:54:2f:bd:
62:63:92:02:b4:c1:a3:f8:40:0c:06:f3:05:01:6a:
5c:93:9d:7d:99:e3:77:3b:86:9b:b8:7e:a6:db:a6:
75:3d:43:2f:e5:56:72:f8:87:f3:55:b7:e0:c3:75:
34:a7:a4:9f:08:e6:fe:e4:2b:1b:6c:c9:77:62:96:
39:fe:4b:3e:d5:ef:73:2c:b4:0b:6c:2d:89:5b:17:
a9:cc:a5:53:0e:66:6f:89:14:ea:a3:ec:a0:04:8f:
c2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4F:27:A8:22:53:8D:89:FD:30:70:E4:66:05:A4:89:6F:45:06:0B
X509v3 Authority Key Identifier:
keyid:E2:92:C8:C7:79:B6:ED:6E:DE:72:A8:CF:11:49:0E:F6:D7:A9:E9:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4pLIx3m27W7ecqjPEUkO9tep6SE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a2e97-2570-478b-b9bc-5ebb6378009e/1/9k8nqCJTjYn9MHDkZgWkiW9FBgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/4a2e97-2570-478b-b9bc-5ebb6378009e/1/4pLIx3m27W7ecqjPEUkO9tep6SE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3ac0::/29
Signature Algorithm: sha256WithRSAEncryption
91:f0:7d:9c:52:05:1d:34:dc:6c:e0:ee:ed:65:22:c7:69:f1:
6c:54:f0:98:ab:d4:7f:41:45:8a:78:fd:6d:24:cf:e6:b2:40:
00:16:21:11:e0:03:b7:e2:48:48:92:90:8e:1a:f8:ce:db:ea:
27:07:f1:ff:5e:f1:de:75:bf:a9:bf:9d:30:46:01:51:96:e0:
85:d0:7d:7b:20:43:40:50:ff:7e:9e:ec:0c:8e:13:7f:4f:71:
eb:d4:2d:cd:24:ef:19:a8:1e:f9:1f:15:19:94:5f:90:ad:88:
35:1b:fd:54:cd:ed:0e:81:3f:ec:c6:f5:2f:5b:7c:12:0d:bb:
f1:10:53:bb:d5:10:55:a9:74:6c:9b:88:43:e9:87:cc:0b:0e:
d5:e2:fe:37:d3:15:3d:d5:a2:ff:c4:4c:e8:6e:6f:9f:09:9b:
ba:25:02:4e:a9:c2:17:48:bd:8a:ed:49:85:b4:aa:98:f9:0c:
df:91:9f:c9:c1:fc:16:54:09:6b:a3:90:fe:b3:85:f0:2b:c5:
9e:37:93:55:59:62:bc:d7:0d:4c:0d:83:7e:95:93:ed:60:f4:
26:d6:88:18:dc:53:08:54:89:61:51:59:53:f4:84:2b:c6:d2:
f1:fa:f8:08:4c:41:6b:df:6e:dc:07:2f:10:a1:4d:9a:03:3b:
dd:29:89:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZN4DQfYDvkD47i5oRhTOluNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOTJjOGM3NzliNmVkNmVkZTcyYThjZjExNDkwZWY2ZDdh
OWU5MjEwHhcNMjQxMTI5MTMxMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjRmMjdhODIyNTM4ZDg5ZmQzMDcwZTQ2NjA1YTQ4OTZmNDUwNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusbvjkRA9AvOLSl0LJwLs9wWv0He
odyznpr+qm/fIH8V4RYKRgXtb9wArcuDsGMNCxQlgXm5Tnp0LIhyf5BAv0286p47
p5deNYvRdSXNlyj7r86i3PEUyy53Zy97nNtDPEVf7lN7ZGVDMojge2u0D3SNW43n
gMmJWUwHXNRfd6yIxLTGC+tOS8rQLlmZnOWmK6MxI8DE7JEBzzOgXPF0iepUL71i
Y5ICtMGj+EAMBvMFAWpck519meN3O4abuH6m26Z1PUMv5VZy+IfzVbfgw3U0p6Sf
COb+5CsbbMl3YpY5/ks+1e9zLLQLbC2JWxepzKVTDmZviRTqo+ygBI/C5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPZPJ6giU42J/TBw5GYFpIlvRQYLMB8GA1UdIwQY
MBaAFOKSyMd5tu1u3nKozxFJDvbXqekhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHBMSXgzbTI3VzdlY3FqUEVVa085dGVwNlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC80YTJlOTctMjU3MC00NzhiLWI5YmMt
NWViYjYzNzgwMDllLzEvOWs4bnFDSlRqWW45TUhEa1pnV2tpVzlGQmdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC80YTJlOTctMjU3MC00NzhiLWI5YmMtNWViYjYzNzgwMDll
LzEvNHBMSXgzbTI3VzdlY3FqUEVVa085dGVwNlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhM6wDAN
BgkqhkiG9w0BAQsFAAOCAQEAkfB9nFIFHTTcbODu7WUix2nxbFTwmKvUf0FFinj9
bSTP5rJAABYhEeADt+JISJKQjhr4ztvqJwfx/17x3nW/qb+dMEYBUZbghdB9eyBD
QFD/fp7sDI4Tf09x69QtzSTvGage+R8VGZRfkK2INRv9VM3tDoE/7Mb1L1t8Eg27
8RBTu9UQVal0bJuIQ+mHzAsO1eL+N9MVPdWi/8RM6G5vnwmbuiUCTqnCF0i9iu1J
hbSqmPkM35GfycH8FlQJa6OQ/rOF8CvFnjeTVVlivNcNTA2DfpWT7WD0JtaIGNxT
CFSJYVFZU/SEK8bS8fr4CExBa99u3AcvEKFNmgM73SmJkg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 16:00:59 2025 by rpki-client