Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/9Kiziwirl2FK3EuE5pUwxLNvkMI.roa
File: 9Kiziwirl2FK3EuE5pUwxLNvkMI.roa (raw, json)
Hash identifier: 4xqrX6q555LMKYlXTQ4XRHAiagne99pW0rGuiZyKLdI=
Subject key identifier: F4:A8:B3:8B:08:AB:97:61:4A:DC:4B:84:E6:95:30:C4:B3:6F:90:C2
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 018CC793DB83BCDC8975129E8B54BE295C5A
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/9Kiziwirl2FK3EuE5pUwxLNvkMI.roa
Signing time: Tue 02 Jan 2024 00:30:05 +0000
ROA not before: Tue 02 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216321
IP address blocks: 2a13:d8c0::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 32
2a13:d8c1::/32 maxlen: 32
2a13:d8c1:ce00::/40 maxlen: 40
2a13:d8c1:fe00::/40 maxlen: 40
2a13:d8c3::/32 maxlen: 32
2a13:d8c4::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 Jan 2024 07:52:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:db:83:bc:dc:89:75:12:9e:8b:54:be:29:5c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jan 2 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4a8b38b08ab97614adc4b84e69530c4b36f90c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:72:92:5d:c8:99:3a:ca:13:86:4a:d3:7b:0d:
e3:28:4f:67:54:ba:0e:88:71:cc:ed:79:fd:af:fd:
5f:7f:5e:27:1e:05:2f:46:09:3d:cf:b9:51:71:b9:
fe:ff:50:8a:b8:9f:fd:f9:14:84:9f:46:e6:40:69:
a6:e5:30:97:61:eb:7b:23:1a:c9:6b:75:62:f4:0e:
ed:fa:d8:af:7c:34:a8:73:40:93:ca:8c:20:2c:1d:
1c:4e:15:19:89:54:bc:38:e6:2b:3d:37:45:87:81:
58:7c:30:fc:aa:39:a4:b8:d8:1a:f5:67:25:f4:12:
e3:23:31:cf:b3:89:62:93:ec:1b:e7:ee:f4:e0:da:
b6:f5:4e:d5:1b:4b:9e:39:24:3d:4e:84:33:62:34:
13:5f:b8:d6:d0:7e:3a:28:a3:43:0c:8d:8d:96:c6:
89:d3:59:2d:27:60:1d:38:7d:9b:28:ef:f3:18:06:
a4:96:66:de:10:67:df:54:cf:3f:be:a1:21:6e:63:
ea:ef:76:cc:b6:c4:64:18:ac:ad:15:e8:bd:64:e7:
7e:9d:73:df:3c:d4:85:86:b7:48:99:5b:d6:a6:0f:
e4:40:54:c1:c8:11:20:93:90:55:f9:e9:5f:b7:9f:
99:66:d3:cd:20:0b:0b:1e:d1:b5:df:f2:2f:02:48:
d0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A8:B3:8B:08:AB:97:61:4A:DC:4B:84:E6:95:30:C4:B3:6F:90:C2
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/9Kiziwirl2FK3EuE5pUwxLNvkMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
36:e4:df:72:75:82:2f:a1:d4:48:08:31:93:81:b0:ba:37:33:
70:d4:c0:bc:03:50:3d:a6:a9:e2:d2:e0:ad:fe:0c:5a:42:ad:
5b:21:da:40:94:64:39:c3:01:a0:fe:56:18:21:2d:e2:2d:7a:
54:43:64:7c:1a:cd:c9:af:83:e7:e5:79:4e:31:31:1d:59:d1:
a0:a4:00:27:4f:f8:25:d6:9b:cc:9e:01:b0:0f:89:eb:22:b7:
2e:fd:0c:fd:df:7a:79:f1:33:d1:ff:2f:04:e3:be:ed:e7:bf:
7d:dd:b1:8d:e3:8c:e9:d3:79:99:55:fd:73:d0:46:83:1f:75:
92:ca:89:c4:19:9f:9a:53:e7:1d:63:e2:a3:85:20:27:87:4f:
5f:6d:fd:fd:63:9f:90:f4:a1:69:c4:e8:67:12:ee:84:8c:06:
bd:27:00:6d:86:6b:24:9f:d9:db:5d:84:c7:85:b3:bb:3e:86:
b5:53:86:12:5f:20:ce:22:04:3d:92:7f:44:52:b3:f0:00:65:
44:a8:ca:e1:e1:a3:d1:ef:5b:e2:73:db:16:56:da:68:73:9c:
61:01:d3:ef:2f:fa:1b:bb:7f:5f:28:04:73:55:19:82:fc:12:
d8:3b:a8:a5:8e:99:9d:f2:21:4a:70:25:49:e8:5e:4c:10:d0:
d8:34:e8:69
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHk9uDvNyJdRKei1S+KVxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjQwMTAyMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE4YjM4YjA4YWI5NzYxNGFkYzRiODRlNjk1MzBjNGIzNmY5MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnKSXciZOsoThkrTew3jKE9nVLoO
iHHM7Xn9r/1ff14nHgUvRgk9z7lRcbn+/1CKuJ/9+RSEn0bmQGmm5TCXYet7IxrJ
a3Vi9A7t+tivfDSoc0CTyowgLB0cThUZiVS8OOYrPTdFh4FYfDD8qjmkuNga9Wcl
9BLjIzHPs4lik+wb5+704Nq29U7VG0ueOSQ9ToQzYjQTX7jW0H46KKNDDI2NlsaJ
01ktJ2AdOH2bKO/zGAaklmbeEGffVM8/vqEhbmPq73bMtsRkGKytFei9ZOd+nXPf
PNSFhrdImVvWpg/kQFTByBEgk5BV+elft5+ZZtPNIAsLHtG13/IvAkjQxQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPSos4sIq5dhStxLhOaVMMSzb5DCMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvOUtpeml3aXJsMkZLM0V1RTVwVXd4TE52a01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPYwDAN
BgkqhkiG9w0BAQsFAAOCAQEANuTfcnWCL6HUSAgxk4GwujczcNTAvANQPaap4tLg
rf4MWkKtWyHaQJRkOcMBoP5WGCEt4i16VENkfBrNya+D5+V5TjExHVnRoKQAJ0/4
JdabzJ4BsA+J6yK3Lv0M/d96efEz0f8vBOO+7ee/fd2xjeOM6dN5mVX9c9BGgx91
ksqJxBmfmlPnHWPio4UgJ4dPX239/WOfkPShacToZxLuhIwGvScAbYZrJJ/Z212E
x4Wzuz6GtVOGEl8gziIEPZJ/RFKz8ABlRKjK4eGj0e9b4nPbFlbaaHOcYQHT7y/6
G7t/XygEc1UZgvwS2DuopY6ZnfIhSnAlSeheTBDQ2DToaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:54 2024 by rpki-client on console-fra.rpki-client.org