Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/9G3tuyL06n5MGe8UqUCr8kA3ut8.roa
File: 9G3tuyL06n5MGe8UqUCr8kA3ut8.roa (raw, json)
Hash identifier: AKyLJv1/vvKZSaN8iBgrsaU7/Q06abkiXXwZNSB6kGM=
Subject key identifier: F4:6D:ED:BB:22:F4:EA:7E:4C:19:EF:14:A9:40:AB:F2:40:37:BA:DF
Certificate issuer: /CN=4b53f9567f6d6ad89412c0515f74647612dce04a
Certificate serial: 018CC2DB501E5A211C527DE3354015BAA2DD
Authority key identifier: 4B:53:F9:56:7F:6D:6A:D8:94:12:C0:51:5F:74:64:76:12:DC:E0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/9G3tuyL06n5MGe8UqUCr8kA3ut8.roa
Signing time: Mon 01 Jan 2024 02:30:01 +0000
ROA not before: Mon 01 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213320
IP address blocks: 2a13:8a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 11 Jan 2024 11:13:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:50:1e:5a:21:1c:52:7d:e3:35:40:15:ba:a2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b53f9567f6d6ad89412c0515f74647612dce04a
Validity
Not Before: Jan 1 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f46dedbb22f4ea7e4c19ef14a940abf24037badf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:1e:09:e8:b8:36:ca:48:85:32:d6:94:08:
65:6f:a6:a1:84:e2:ca:ef:0e:01:3a:02:fc:90:9f:
47:8d:5f:c9:e2:75:8f:2a:ed:4a:95:93:48:0f:f6:
a3:1e:8a:31:28:c6:49:07:01:dc:97:14:d3:65:17:
ad:69:a2:96:4c:3f:4f:4b:5b:e3:6e:99:61:c8:22:
57:b4:f5:7f:cd:bd:5a:c1:5b:37:92:a4:5f:b6:8b:
fc:09:c3:19:60:54:79:5f:7f:a4:b1:2d:46:cc:0f:
ad:e7:ac:79:db:25:50:ea:55:a7:eb:b0:b3:40:64:
d2:d2:b9:af:ca:eb:f6:5a:fa:d4:cd:d5:87:8d:22:
fb:3c:97:89:c4:ea:48:8a:bb:4f:9d:25:5c:78:2a:
c1:6e:78:8c:30:73:90:8e:19:b7:79:7a:19:9c:e7:
ab:21:2a:fd:d4:81:ac:bc:30:42:cf:6b:f1:43:f8:
72:44:92:bc:5e:94:b4:c4:fc:68:7e:0a:59:2d:36:
51:33:0c:4a:4a:35:b9:d6:cd:51:92:fe:06:87:a6:
ae:46:e0:20:bd:4f:fc:26:11:3c:7c:eb:10:1b:ea:
88:00:17:9f:91:0c:3d:be:6a:0d:70:0e:2a:53:dc:
db:58:ec:a1:23:ac:8b:5a:62:1e:b0:43:84:00:06:
d2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6D:ED:BB:22:F4:EA:7E:4C:19:EF:14:A9:40:AB:F2:40:37:BA:DF
X509v3 Authority Key Identifier:
keyid:4B:53:F9:56:7F:6D:6A:D8:94:12:C0:51:5F:74:64:76:12:DC:E0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/9G3tuyL06n5MGe8UqUCr8kA3ut8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/6e9804-8a07-4238-b9d1-1fa522a05795/1/S1P5Vn9tatiUEsBRX3RkdhLc4Eo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
6e:13:f2:da:a7:0a:a1:a3:b3:44:69:60:e3:76:07:d1:30:25:
65:13:72:d8:d2:3a:01:96:2f:f6:fa:60:a5:25:e7:1d:b5:6c:
0d:d6:28:f1:4d:95:5b:ff:97:26:52:4c:5e:5c:24:dc:41:9d:
44:df:1f:dd:66:49:f3:a3:1a:fa:dd:0a:f1:5b:4c:f5:8e:04:
62:2e:6f:f7:2f:2c:05:a9:a7:f0:b7:74:14:40:0e:bc:82:46:
6e:53:7a:c6:ba:b8:d7:04:46:9a:1b:c7:de:04:c2:99:0b:d7:
1e:78:5d:22:c8:2e:f8:17:ce:e4:50:34:e8:5f:68:de:e1:0c:
47:71:f9:bd:3e:3a:18:ee:cf:55:fe:9a:a7:42:ad:b2:d9:1d:
ac:f3:06:16:97:fd:49:b3:f8:a3:78:d6:63:69:f5:3c:24:df:
4e:50:ba:65:b1:96:52:0b:b1:53:f4:5f:c0:4c:ba:42:38:5a:
ab:eb:5a:d0:39:bc:48:18:66:6a:35:b9:b8:0e:1e:0f:cf:95:
9a:b2:f7:43:d2:f9:94:f5:b6:4b:45:c0:cc:ee:6e:d9:69:2b:
16:a5:a8:61:d3:4b:c4:d1:c4:55:12:a4:e5:28:fd:8c:ea:73:
94:a9:f7:f8:ac:b8:1f:69:18:a5:77:61:7a:30:00:e5:c0:8a:
24:20:62:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzC21AeWiEcUn3jNUAVuqLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTNmOTU2N2Y2ZDZhZDg5NDEyYzA1MTVmNzQ2NDc2MTJk
Y2UwNGEwHhcNMjQwMTAxMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZkZWRiYjIyZjRlYTdlNGMxOWVmMTRhOTQwYWJmMjQwMzdiYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwoeCei4NspIhTLWlAhlb6ahhOLK
7w4BOgL8kJ9HjV/J4nWPKu1KlZNID/ajHooxKMZJBwHclxTTZRetaaKWTD9PS1vj
bplhyCJXtPV/zb1awVs3kqRftov8CcMZYFR5X3+ksS1GzA+t56x52yVQ6lWn67Cz
QGTS0rmvyuv2WvrUzdWHjSL7PJeJxOpIirtPnSVceCrBbniMMHOQjhm3eXoZnOer
ISr91IGsvDBCz2vxQ/hyRJK8XpS0xPxofgpZLTZRMwxKSjW51s1Rkv4Gh6auRuAg
vU/8JhE8fOsQG+qIABefkQw9vmoNcA4qU9zbWOyhI6yLWmIesEOEAAbS8QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPRt7bsi9Op+TBnvFKlAq/JAN7rfMB8GA1UdIwQY
MBaAFEtT+VZ/bWrYlBLAUV90ZHYS3OBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFQNVZuOXRhdGlVRXNCUlgzUmtkaExjNEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS82ZTk4MDQtOGEwNy00MjM4LWI5ZDEt
MWZhNTIyYTA1Nzk1LzEvOUczdHV5TDA2bjVNR2U4VXFVQ3I4a0EzdXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS82ZTk4MDQtOGEwNy00MjM4LWI5ZDEtMWZhNTIyYTA1Nzk1
LzEvUzFQNVZuOXRhdGlVRXNCUlgzUmtkaExjNEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOKADAN
BgkqhkiG9w0BAQsFAAOCAQEAbhPy2qcKoaOzRGlg43YH0TAlZRNy2NI6AZYv9vpg
pSXnHbVsDdYo8U2VW/+XJlJMXlwk3EGdRN8f3WZJ86Ma+t0K8VtM9Y4EYi5v9y8s
Bamn8Ld0FEAOvIJGblN6xrq41wRGmhvH3gTCmQvXHnhdIsgu+BfO5FA06F9o3uEM
R3H5vT46GO7PVf6ap0KtstkdrPMGFpf9SbP4o3jWY2n1PCTfTlC6ZbGWUguxU/Rf
wEy6Qjhaq+ta0Dm8SBhmajW5uA4eD8+VmrL3Q9L5lPW2S0XAzO5u2WkrFqWoYdNL
xNHEVRKk5Sj9jOpzlKn3+Ky4H2kYpXdhejAA5cCKJCBiVg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 16:49:56 2025 by rpki-client