Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/shfVwQXP7E79Kncmh1lEoPhzMUo.roa
File: shfVwQXP7E79Kncmh1lEoPhzMUo.roa (raw, json)
Hash identifier: heyQJCLxjau5e3E6dMtjQ6LJt6c0msR978JM/teZq9c=
Subject key identifier: B2:17:D5:C1:05:CF:EC:4E:FD:2A:77:26:87:59:44:A0:F8:73:31:4A
Certificate issuer: /CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Certificate serial: 019422FB579B5A3695C06B85E57C52D1B505
Authority key identifier: E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/shfVwQXP7E79Kncmh1lEoPhzMUo.roa
Signing time: Wed 01 Jan 2025 17:48:04 +0000
ROA not before: Wed 01 Jan 2025 17:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213168
IP address blocks: 2a13:8140::/48 maxlen: 48
2a13:8140:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 14:54:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:57:9b:5a:36:95:c0:6b:85:e5:7c:52:d1:b5:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Validity
Not Before: Jan 1 17:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b217d5c105cfec4efd2a7726875944a0f873314a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:20:dd:79:50:dc:99:ef:4b:6d:f2:17:7c:76:
c3:39:4e:db:35:7f:ed:d8:5b:37:a0:a1:99:a9:00:
32:02:91:19:bd:a7:6d:1f:ac:64:30:59:ac:a4:07:
ee:a2:d7:88:d7:3a:fa:35:ae:71:02:c9:af:f2:24:
32:78:e9:6c:36:4a:33:51:a8:7d:87:f9:1e:77:e4:
54:d2:fd:74:bc:c4:b5:24:e4:7c:e0:e7:f4:db:88:
8d:b4:61:1d:69:79:ee:4f:30:57:73:8e:77:49:29:
b9:c6:ec:40:4c:c6:62:62:f3:b9:c1:37:dc:f8:a1:
a1:66:2c:ef:81:0b:1f:07:8c:f2:63:f0:35:11:47:
4b:e5:57:01:bc:f5:82:59:cc:fd:09:5b:03:de:14:
dd:b2:c2:2f:51:e3:ca:9b:17:08:b3:8a:c5:75:9b:
45:89:2f:88:cf:23:e0:56:75:b8:6b:dc:02:6d:46:
b7:b1:7e:66:5c:1d:d3:a5:6f:31:02:5f:e2:b6:d7:
49:aa:9e:a1:00:a2:b5:c0:88:57:d9:bd:72:9b:95:
4f:53:8c:e5:4f:26:08:93:78:61:5a:31:e9:6d:8c:
48:e4:d9:2f:ae:85:be:cf:6e:f4:c5:c9:12:fa:1c:
8b:21:70:88:ea:06:86:b1:2a:11:c7:d2:80:b0:c8:
6e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:17:D5:C1:05:CF:EC:4E:FD:2A:77:26:87:59:44:A0:F8:73:31:4A
X509v3 Authority Key Identifier:
keyid:E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/shfVwQXP7E79Kncmh1lEoPhzMUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:8140::/47
Signature Algorithm: sha256WithRSAEncryption
81:4c:53:d9:06:7a:d9:84:69:db:9a:94:e2:81:ba:37:f2:0b:
41:3c:fa:33:1c:f9:b3:30:bd:71:8f:f5:c6:a3:a3:87:5d:49:
ff:d4:d3:2a:bd:2a:62:58:01:c5:0f:c8:13:03:5a:e4:06:ea:
94:f0:a9:f7:15:11:b6:5c:45:5b:7d:34:61:56:45:45:4d:a7:
fb:77:ee:36:d3:9d:5e:55:21:35:36:c3:34:35:40:ab:a6:81:
d3:88:5b:b2:d5:6c:08:2e:c1:38:42:40:3b:5a:86:0e:97:be:
ff:bf:16:ff:1c:15:f5:d5:42:e7:4d:87:0e:58:3e:00:05:e8:
c6:a0:8e:5a:07:34:4b:05:09:06:eb:30:c8:48:3d:af:ac:59:
fc:e3:19:fb:2a:05:8d:6a:4e:f6:2a:98:c4:da:7a:99:ce:85:
f5:0d:6f:9f:f3:29:e0:20:ed:56:ac:48:ca:f2:23:c8:0f:ea:
7c:01:bf:30:23:b7:74:ec:b7:39:0b:ee:44:cb:1a:6d:31:99:
0e:af:cf:f7:d0:24:7e:ee:8b:3d:7a:c0:96:1b:a0:90:53:7f:
49:cc:d5:5c:12:7f:f5:e5:1b:53:49:76:db:fa:ee:db:9b:f8:
c4:07:c9:7d:74:f5:81:4b:e3:39:72:c2:34:97:47:9d:44:26:
8c:45:ce:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi+1ebWjaVwGuF5XxS0bUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjYyYmJlOWVlYjVhM2Q2NmUxY2MyMjNhZGVkYzUzYjE3
N2M0ZWUwHhcNMjUwMTAxMTc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjE3ZDVjMTA1Y2ZlYzRlZmQyYTc3MjY4NzU5NDRhMGY4NzMzMTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyDdeVDcme9LbfIXfHbDOU7bNX/t
2Fs3oKGZqQAyApEZvadtH6xkMFmspAfuoteI1zr6Na5xAsmv8iQyeOlsNkozUah9
h/ked+RU0v10vMS1JOR84Of024iNtGEdaXnuTzBXc453SSm5xuxATMZiYvO5wTfc
+KGhZizvgQsfB4zyY/A1EUdL5VcBvPWCWcz9CVsD3hTdssIvUePKmxcIs4rFdZtF
iS+IzyPgVnW4a9wCbUa3sX5mXB3TpW8xAl/ittdJqp6hAKK1wIhX2b1ym5VPU4zl
TyYIk3hhWjHpbYxI5NkvroW+z270xckS+hyLIXCI6gaGsSoRx9KAsMhurQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLIX1cEFz+xO/Sp3JodZRKD4czFKMB8GA1UdIwQY
MBaAFOi2K76e61o9ZuHMIjre3FOxd8TuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgt
YjNjYmI1YWQyYWQwLzEvc2hmVndRWFA3RTc5S25jbWgxbEVvUGh6TVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgtYjNjYmI1YWQyYWQw
LzEvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhOBQAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCBTFPZBnrZhGnbmpTigbo38gtBPPozHPmzML1x
j/XGo6OHXUn/1NMqvSpiWAHFD8gTA1rkBuqU8Kn3FRG2XEVbfTRhVkVFTaf7d+42
051eVSE1NsM0NUCrpoHTiFuy1WwILsE4QkA7WoYOl77/vxb/HBX11ULnTYcOWD4A
BejGoI5aBzRLBQkG6zDISD2vrFn84xn7KgWNak72KpjE2nqZzoX1DW+f8yngIO1W
rEjK8iPID+p8Ab8wI7d07Lc5C+5EyxptMZkOr8/30CR+7os9esCWG6CQU39JzNVc
En/15RtTSXbb+u7bm/jEB8l9dPWBS+M5csI0l0edRCaMRc6H
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:03:57 2025 by rpki-client