Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/jzxlLnr3aI3FRC8qZWvCJTNnfF8.roa
File: jzxlLnr3aI3FRC8qZWvCJTNnfF8.roa (raw, json)
Hash identifier: Zvgs/GZfHfE5R0d43BQv5sxIrwQ+oKKfbkh7pfD2hLw=
Subject key identifier: 8F:3C:65:2E:7A:F7:68:8D:C5:44:2F:2A:65:6B:C2:25:33:67:7C:5F
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 019424B3763D35BA9EF0EA5BC8C39D72CC7A
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/jzxlLnr3aI3FRC8qZWvCJTNnfF8.roa
Signing time: Thu 02 Jan 2025 01:48:48 +0000
ROA not before: Thu 02 Jan 2025 01:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212996
IP address blocks: 2a13:d8c0::/32 maxlen: 32
2a13:d8c1::/32 maxlen: 32
2a13:d8c2::/32 maxlen: 32
2a13:d8c3::/32 maxlen: 32
2a13:d8c4::/32 maxlen: 32
2a13:d8c5::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 23 Jan 2025 14:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:76:3d:35:ba:9e:f0:ea:5b:c8:c3:9d:72:cc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Jan 2 01:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f3c652e7af7688dc5442f2a656bc22533677c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5d:af:64:a6:b8:a9:f7:0c:b2:d6:a3:54:fd:
13:29:28:0e:b8:95:4e:5d:58:6f:b7:30:e0:ea:04:
ad:a3:af:dc:d6:16:e1:4d:76:8d:ad:21:3b:6c:85:
b3:1f:5e:99:14:c0:50:cc:79:ec:62:97:cc:8f:29:
de:c2:0c:fa:3f:b7:9c:78:fd:66:24:8a:69:26:a8:
e9:b7:d9:ad:e7:51:d0:e5:7f:e9:bf:91:da:4d:87:
23:bb:b1:5b:00:b2:41:c0:93:71:22:a2:0d:f7:1e:
08:e0:cd:3f:08:3e:43:37:dd:f6:24:dc:03:fa:c8:
c0:80:ee:ce:7d:d9:d1:8f:58:ea:d1:41:0e:fd:ff:
6c:54:8b:be:e9:c7:3f:90:72:fa:5a:e1:75:19:b4:
bd:dd:29:3b:15:1e:0c:d5:e1:62:3c:5c:f3:99:ca:
0b:1b:3a:db:7c:41:c0:ab:29:56:34:5c:25:4e:37:
e6:f9:24:57:be:73:d3:2e:3a:49:68:4b:3a:dc:78:
6a:06:3b:50:d9:b6:91:0f:d8:74:e8:ba:a0:6f:09:
ac:b3:9e:ea:54:e4:cd:b5:57:e9:5a:31:2c:86:99:
9c:64:55:6a:f5:e5:c5:1f:90:81:07:a2:4a:6b:67:
70:eb:d0:07:aa:25:2c:e8:45:21:37:36:1d:ac:9c:
76:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3C:65:2E:7A:F7:68:8D:C5:44:2F:2A:65:6B:C2:25:33:67:7C:5F
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/jzxlLnr3aI3FRC8qZWvCJTNnfF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d8c0::/29
Signature Algorithm: sha256WithRSAEncryption
78:17:0b:51:62:f5:f8:0e:f9:2b:c6:39:4f:fa:69:da:27:4d:
91:14:79:f9:cc:4d:ae:12:f3:a2:f3:76:3a:ea:e9:b5:5e:d0:
fb:e8:fd:24:45:b1:cf:db:e2:eb:ba:9d:8c:f4:52:0a:03:be:
40:d7:70:c3:db:36:33:79:f1:3d:84:7b:b0:4b:9d:cb:e2:be:
fa:4e:d2:a9:71:0c:5a:ac:94:b5:4e:8a:f4:b2:99:0e:f9:53:
f8:d3:86:20:0b:10:c0:93:bb:9c:3a:f2:6b:14:4c:11:ff:32:
aa:d3:86:08:cf:cb:e4:ae:81:d3:1a:b1:6a:f0:b7:c2:02:9e:
7e:f2:6a:cc:20:47:87:f4:f2:87:e9:4e:1b:30:e8:33:43:82:
05:1f:5e:d3:29:40:67:d5:c2:7a:86:d7:92:28:74:ed:05:f9:
82:ee:bf:3c:f3:ff:34:16:53:33:6f:1e:52:f3:30:62:e7:02:
38:b2:3f:60:cc:9e:6c:bd:04:b9:f9:64:b4:13:70:19:5b:96:
5d:40:46:96:0f:61:a2:c9:5d:95:c4:19:71:b2:e9:7d:19:9a:
57:62:0a:1a:b9:c9:89:5f:93:eb:c6:7b:ae:cc:b8:5a:b9:94:
89:da:18:93:13:c2:c7:53:c7:5f:2d:86:f4:c9:9b:61:6e:0d:
75:8f:03:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks3Y9Nbqe8OpbyMOdcsx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjUwMTAyMDE0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjNjNjUyZTdhZjc2ODhkYzU0NDJmMmE2NTZiYzIyNTMzNjc3YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl2vZKa4qfcMstajVP0TKSgOuJVO
XVhvtzDg6gSto6/c1hbhTXaNrSE7bIWzH16ZFMBQzHnsYpfMjynewgz6P7eceP1m
JIppJqjpt9mt51HQ5X/pv5HaTYcju7FbALJBwJNxIqIN9x4I4M0/CD5DN932JNwD
+sjAgO7OfdnRj1jq0UEO/f9sVIu+6cc/kHL6WuF1GbS93Sk7FR4M1eFiPFzzmcoL
GzrbfEHAqylWNFwlTjfm+SRXvnPTLjpJaEs63HhqBjtQ2baRD9h06Lqgbwmss57q
VOTNtVfpWjEshpmcZFVq9eXFH5CBB6JKa2dw69AHqiUs6EUhNzYdrJx2XwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFI88ZS5692iNxUQvKmVrwiUzZ3xfMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvanp4bExucjNhSTNGUkM4cVpXdkNKVE5uZkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPYwDAN
BgkqhkiG9w0BAQsFAAOCAQEAeBcLUWL1+A75K8Y5T/pp2idNkRR5+cxNrhLzovN2
OurptV7Q++j9JEWxz9vi67qdjPRSCgO+QNdww9s2M3nxPYR7sEudy+K++k7SqXEM
WqyUtU6K9LKZDvlT+NOGIAsQwJO7nDryaxRMEf8yqtOGCM/L5K6B0xqxavC3wgKe
fvJqzCBHh/Tyh+lOGzDoM0OCBR9e0ylAZ9XCeobXkih07QX5gu6/PPP/NBZTM28e
UvMwYucCOLI/YMyebL0EuflktBNwGVuWXUBGlg9hosldlcQZcbLpfRmaV2IKGrnJ
iV+T68Z7rsy4WrmUidoYkxPCx1PHXy2G9MmbYW4NdY8DdQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 14:29:19 2025 by rpki-client