Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/1LapM2uQSql4MMQDsG3GKqTB0T0.roa
File: 1LapM2uQSql4MMQDsG3GKqTB0T0.roa (raw, json)
Hash identifier: Ek8UX6bIlAkQVXRLMIvll88e3Ph6ZKEAEhFRSfz3gfo=
Subject key identifier: D4:B6:A9:33:6B:90:4A:A9:78:30:C4:03:B0:6D:C6:2A:A4:C1:D1:3D
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 01946FC592898A65DF25FF7DCC8E3E0F07AE
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/1LapM2uQSql4MMQDsG3GKqTB0T0.roa
Signing time: Thu 16 Jan 2025 15:40:06 +0000
ROA not before: Thu 16 Jan 2025 15:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39900
IP address blocks: 2a13:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 Jan 2025 20:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6f:c5:92:89:8a:65:df:25:ff:7d:cc:8e:3e:0f:07:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Jan 16 15:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4b6a9336b904aa97830c403b06dc62aa4c1d13d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:aa:87:06:3d:3d:64:15:f3:c3:f9:6c:88:d6:
47:76:07:cd:e5:f0:83:ab:45:27:4c:9c:cd:38:04:
89:38:d4:e2:37:66:09:a0:60:dc:db:15:5f:91:79:
72:1c:f4:3d:7d:69:df:97:6a:d7:8f:7c:a4:d5:87:
ee:82:4b:e5:fc:b8:14:2b:65:5f:17:2f:d6:00:64:
a1:02:2a:e1:ec:1a:9d:ac:b3:ab:93:85:9a:00:07:
b4:06:7d:c0:c3:8a:0b:fb:89:e5:a3:cb:af:3e:55:
01:a3:29:3d:c2:40:3e:2f:5f:5f:be:b9:31:96:a0:
f4:ec:3a:87:fc:9e:35:35:95:2d:f4:a7:ed:c6:0e:
cb:d5:4c:05:5c:62:9d:e5:27:5c:bd:c9:4f:f0:c4:
99:72:58:fb:81:a4:73:6e:a9:e8:43:8e:31:56:64:
34:1f:97:54:d8:00:12:0b:e8:38:da:b5:bd:62:39:
77:0b:b1:89:d9:cb:2a:3d:08:29:e3:d4:23:dc:91:
bf:db:d4:ec:70:95:cd:7b:6e:27:d6:8a:a4:ae:58:
00:bf:0a:6c:71:20:41:20:74:8e:3e:20:2e:bf:5a:
51:37:9d:e0:6c:19:19:39:4e:b4:c9:e0:65:80:35:
44:d9:4e:b1:08:c6:23:b4:7c:ea:e4:ed:64:85:34:
e0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B6:A9:33:6B:90:4A:A9:78:30:C4:03:B0:6D:C6:2A:A4:C1:D1:3D
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/1LapM2uQSql4MMQDsG3GKqTB0T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
b6:bc:d4:23:f9:f2:e3:64:60:e9:53:b3:19:38:1b:97:07:75:
ab:44:1a:dd:d6:5e:33:cd:96:dd:59:53:26:3f:93:92:44:a9:
25:14:4b:44:e3:f7:c5:1a:b5:44:6c:b9:4d:de:c1:63:13:c7:
1e:c1:3f:11:94:77:0a:eb:5d:e2:16:1e:18:17:ca:ed:92:4e:
42:16:78:05:19:f6:5c:12:1b:18:d0:87:5f:d1:5d:75:c6:9b:
45:8d:96:33:31:62:89:a5:fd:96:7c:52:c8:88:2f:a0:5d:d8:
8b:2b:52:36:fb:ad:ee:8a:ec:ed:83:2f:3c:a7:9c:16:e2:51:
68:75:54:e8:41:cd:ff:f0:3a:26:01:e1:41:57:be:53:e4:85:
c5:f3:16:33:fa:e1:4b:4d:45:9e:d5:7b:d3:7f:3c:b8:ef:03:
33:fe:cb:3a:98:b7:21:26:d9:18:55:fb:bd:7c:ad:2d:f5:7e:
1a:30:e8:8d:f3:88:97:13:a3:3e:17:13:96:35:9b:97:a5:c8:
3b:89:81:d5:8a:8b:76:94:88:e8:0d:2c:05:5e:40:c7:a8:01:
a2:3c:8d:22:59:88:3f:c1:d4:6d:7c:fd:4d:57:81:82:b5:be:
48:1f:df:9f:f2:90:10:88:fb:ae:fb:1e:a8:8e:12:5a:fe:61:
6a:2b:a5:58
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRvxZKJimXfJf99zI4+DweuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjUwMTE2MTU0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGI2YTkzMzZiOTA0YWE5NzgzMGM0MDNiMDZkYzYyYWE0YzFkMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6qHBj09ZBXzw/lsiNZHdgfN5fCD
q0UnTJzNOASJONTiN2YJoGDc2xVfkXlyHPQ9fWnfl2rXj3yk1Yfugkvl/LgUK2Vf
Fy/WAGShAirh7BqdrLOrk4WaAAe0Bn3Aw4oL+4nlo8uvPlUBoyk9wkA+L19fvrkx
lqD07DqH/J41NZUt9Kftxg7L1UwFXGKd5SdcvclP8MSZclj7gaRzbqnoQ44xVmQ0
H5dU2AASC+g42rW9Yjl3C7GJ2csqPQgp49Qj3JG/29TscJXNe24n1oqkrlgAvwps
cSBBIHSOPiAuv1pRN53gbBkZOU60yeBlgDVE2U6xCMYjtHzq5O1khTTgeQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNS2qTNrkEqpeDDEA7BtxiqkwdE9MB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvMUxhcE0ydVFTcWw0TU1RRHNHM0dLcVRCMFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNsQDAN
BgkqhkiG9w0BAQsFAAOCAQEAtrzUI/ny42Rg6VOzGTgblwd1q0Qa3dZeM82W3VlT
Jj+TkkSpJRRLROP3xRq1RGy5Td7BYxPHHsE/EZR3Cutd4hYeGBfK7ZJOQhZ4BRn2
XBIbGNCHX9FddcabRY2WMzFiiaX9lnxSyIgvoF3YiytSNvut7ors7YMvPKecFuJR
aHVU6EHN//A6JgHhQVe+U+SFxfMWM/rhS01FntV70388uO8DM/7LOpi3ISbZGFX7
vXytLfV+GjDojfOIlxOjPhcTljWbl6XIO4mB1YqLdpSI6A0sBV5Ax6gBojyNIlmI
P8HUbXz9TVeBgrW+SB/fn/KQEIj7rvseqI4SWv5haiulWA==
-----END CERTIFICATE-----
Generated at Thu Apr 24 08:19:37 2025 by rpki-client