Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/7lj3rU_es9ZRlvv-YKMJK_I3RIA.roa
File: 7lj3rU_es9ZRlvv-YKMJK_I3RIA.roa (raw, json)
Hash identifier: /nn73UPGqcwLUYvR9h0lhGum8pcVlTh7UW1223QhM5Y=
Subject key identifier: EE:58:F7:AD:4F:DE:B3:D6:51:96:FB:FE:60:A3:09:2B:F2:37:44:80
Certificate issuer: /CN=19ee619ef96a3afd02fc2d5d003a947e4d2d590a
Certificate serial: 018B81893A40C8012B2FA46356172B287C25
Authority key identifier: 19:EE:61:9E:F9:6A:3A:FD:02:FC:2D:5D:00:3A:94:7E:4D:2D:59:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5hnvlqOv0C_C1dADqUfk0tWQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/7lj3rU_es9ZRlvv-YKMJK_I3RIA.roa
Signing time: Mon 30 Oct 2023 17:02:15 +0000
ROA not before: Mon 30 Oct 2023 17:02:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216258
IP address blocks: 2a13:2140::/32 maxlen: 48
2a13:2141:1::/48 maxlen: 48
2a13:2142:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 Nov 2023 14:42:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:89:3a:40:c8:01:2b:2f:a4:63:56:17:2b:28:7c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee619ef96a3afd02fc2d5d003a947e4d2d590a
Validity
Not Before: Oct 30 17:02:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee58f7ad4fdeb3d65196fbfe60a3092bf2374480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:09:71:88:88:f7:99:25:53:78:c9:26:2e:47:
c2:90:65:ee:04:67:ab:d6:0d:2e:56:90:54:f2:5c:
64:4c:a4:ce:a8:08:28:fe:b2:1a:2e:f2:14:05:18:
a8:57:96:59:44:70:7a:b0:ca:fc:3e:82:f0:51:48:
74:d1:2d:da:3d:ba:90:84:6c:0e:64:a2:f2:fc:76:
7a:ee:aa:90:ba:67:89:25:c3:f5:c8:80:d1:43:f4:
00:85:84:3b:fd:b2:ad:ca:1d:b4:69:8b:8c:e3:2a:
30:ca:f9:00:42:8b:ee:5f:64:f6:12:c6:cd:de:3b:
b4:57:7c:c1:8d:e0:24:aa:8c:70:a8:d2:57:35:06:
82:9c:5e:ce:a7:70:3a:c7:43:4d:05:d8:d9:6a:c5:
4d:09:34:e0:dd:11:29:a8:73:fd:61:1a:df:ee:ff:
40:33:bb:bf:df:08:25:59:c2:ab:f9:2b:f5:c8:45:
17:5e:15:f8:48:3e:a8:fd:00:05:6c:37:e6:84:e5:
55:67:17:38:39:5a:97:99:c1:46:10:0a:d1:37:ff:
df:3f:56:22:ef:a4:08:7e:3a:a2:2a:24:2d:67:3c:
32:66:9f:2d:2b:9f:5f:fc:7e:a6:6a:5e:df:08:69:
11:41:62:41:96:4b:76:90:bc:a7:d9:72:fa:0c:d1:
2b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:58:F7:AD:4F:DE:B3:D6:51:96:FB:FE:60:A3:09:2B:F2:37:44:80
X509v3 Authority Key Identifier:
keyid:19:EE:61:9E:F9:6A:3A:FD:02:FC:2D:5D:00:3A:94:7E:4D:2D:59:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5hnvlqOv0C_C1dADqUfk0tWQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/7lj3rU_es9ZRlvv-YKMJK_I3RIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/9ed6d4-7a0d-42b4-96e1-eb277a20f27f/1/Ge5hnvlqOv0C_C1dADqUfk0tWQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:2140::/32
2a13:2141:1::/48
2a13:2142:1::/48
Signature Algorithm: sha256WithRSAEncryption
0c:19:3b:f9:32:cc:00:60:49:e1:a6:ba:00:29:09:4e:cc:2b:
eb:0e:4f:21:92:85:6d:9a:e0:3d:4a:23:07:81:6a:04:94:c4:
11:5b:a3:b8:3d:5c:68:5c:cf:b7:75:69:74:0d:a0:30:1a:fc:
b2:9d:3d:ad:a3:cf:c3:3d:e1:c8:23:92:12:1e:e8:0b:aa:16:
a4:21:4b:57:34:6a:5b:95:e0:0b:9b:87:eb:16:3f:af:d5:98:
09:0b:e0:51:72:6e:90:ff:4c:e2:9b:f9:09:a4:ff:55:b8:a5:
9c:95:fe:46:b0:8b:27:cc:2b:ed:25:bf:bc:66:e5:09:36:98:
05:17:9f:a0:2c:8f:26:77:2f:86:cc:bd:cb:ca:09:4b:81:90:
94:fb:49:f5:d6:33:b4:70:1e:c1:65:1c:a7:21:e4:42:2c:62:
6f:d3:47:52:66:b2:18:37:cc:ba:bb:95:1b:09:85:dc:69:0c:
ce:54:72:94:31:ce:d9:2b:66:84:63:49:3f:e5:2a:c1:82:ff:
2a:00:8a:8e:01:f8:29:d6:91:6a:ef:8c:7f:5d:e9:96:ef:83:
e3:33:ca:81:7b:aa:52:1e:20:ac:a5:05:34:6c:e7:58:1f:6d:
c5:5f:35:d9:0c:e3:2e:9b:09:7d:36:0a:fe:79:3d:88:b8:11:
07:88:12:90
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYuBiTpAyAErL6RjVhcrKHwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU2MTllZjk2YTNhZmQwMmZjMmQ1ZDAwM2E5NDdlNGQy
ZDU5MGEwHhcNMjMxMDMwMTcwMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTU4ZjdhZDRmZGViM2Q2NTE5NmZiZmU2MGEzMDkyYmYyMzc0NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwlxiIj3mSVTeMkmLkfCkGXuBGer
1g0uVpBU8lxkTKTOqAgo/rIaLvIUBRioV5ZZRHB6sMr8PoLwUUh00S3aPbqQhGwO
ZKLy/HZ67qqQumeJJcP1yIDRQ/QAhYQ7/bKtyh20aYuM4yowyvkAQovuX2T2EsbN
3ju0V3zBjeAkqoxwqNJXNQaCnF7Op3A6x0NNBdjZasVNCTTg3REpqHP9YRrf7v9A
M7u/3wglWcKr+Sv1yEUXXhX4SD6o/QAFbDfmhOVVZxc4OVqXmcFGEArRN//fP1Yi
76QIfjqiKiQtZzwyZp8tK59f/H6mal7fCGkRQWJBlkt2kLyn2XL6DNErDwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFO5Y961P3rPWUZb7/mCjCSvyN0SAMB8GA1UdIwQY
MBaAFBnuYZ75ajr9AvwtXQA6lH5NLVkKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1aG52bHFPdjBDX0MxZEFEcVVmazB0V1FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85ZWQ2ZDQtN2EwZC00MmI0LTk2ZTEt
ZWIyNzdhMjBmMjdmLzEvN2xqM3JVX2VzOVpSbHZ2LVlLTUpLX0kzUklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85ZWQ2ZDQtN2EwZC00MmI0LTk2ZTEtZWIyNzdhMjBmMjdm
LzEvR2U1aG52bHFPdjBDX0MxZEFEcVVmazB0V1FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwUAKhMhQAMH
ACoTIUEAAQMHACoTIUIAATANBgkqhkiG9w0BAQsFAAOCAQEADBk7+TLMAGBJ4aa6
ACkJTswr6w5PIZKFbZrgPUojB4FqBJTEEVujuD1caFzPt3VpdA2gMBr8sp09raPP
wz3hyCOSEh7oC6oWpCFLVzRqW5XgC5uH6xY/r9WYCQvgUXJukP9M4pv5CaT/Vbil
nJX+RrCLJ8wr7SW/vGblCTaYBRefoCyPJncvhsy9y8oJS4GQlPtJ9dYztHAewWUc
pyHkQixib9NHUmayGDfMuruVGwmF3GkMzlRylDHO2StmhGNJP+UqwYL/KgCKjgH4
KdaRau+Mf13plu+D4zPKgXuqUh4grKUFNGznWB9txV812QzjLpsJfTYK/nk9iLgR
B4gSkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:42 2024 by rpki-client on console-ams.rpki-client.org