Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ec5584-6618-4b12-a11c-3055cb729bcf/1/3rpll1WzfQPELu_kyTdR4HcRNDw.roa
File: 3rpll1WzfQPELu_kyTdR4HcRNDw.roa (raw, json)
Hash identifier: s8dhY76/JcO94jLo+MtoGeJzf+ItRkdaK6rS0NSabKU=
Subject key identifier: DE:BA:65:97:55:B3:7D:03:C4:2E:EF:E4:C9:37:51:E0:77:11:34:3C
Certificate issuer: /CN=4c3b88cdb13f3eb12a9be54ab19baa90559b396a
Certificate serial: 019424B3FB74B38EC63754171FC2E0F3D3B0
Authority key identifier: 4C:3B:88:CD:B1:3F:3E:B1:2A:9B:E5:4A:B1:9B:AA:90:55:9B:39:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDuIzbE_PrEqm-VKsZuqkFWbOWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ec5584-6618-4b12-a11c-3055cb729bcf/1/3rpll1WzfQPELu_kyTdR4HcRNDw.roa
Signing time: Thu 02 Jan 2025 01:49:22 +0000
ROA not before: Thu 02 Jan 2025 01:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51826
IP address blocks: 2a13:a0c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 10:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:fb:74:b3:8e:c6:37:54:17:1f:c2:e0:f3:d3:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3b88cdb13f3eb12a9be54ab19baa90559b396a
Validity
Not Before: Jan 2 01:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=deba659755b37d03c42eefe4c93751e07711343c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1f:90:92:95:aa:82:e4:60:1a:a0:89:bd:16:
45:d1:17:6d:f0:66:55:9c:f8:0b:6a:cd:1e:99:8e:
f7:45:66:7c:ef:70:88:d6:ac:73:d1:fd:ed:96:83:
1a:5c:8e:96:8d:00:de:c7:a4:ba:80:62:a2:3f:5d:
b1:d0:57:3f:fc:cc:6b:c7:33:3d:7b:70:60:1a:18:
02:6c:e2:b1:bf:61:63:c4:53:74:ef:13:67:fc:f1:
8f:f1:a8:bb:1a:a6:60:76:56:1f:ca:e8:15:1e:60:
9e:07:46:d1:4a:38:15:53:09:ac:35:89:d8:5c:5d:
70:57:ff:a0:ee:9a:eb:29:55:c3:fc:69:ed:60:6b:
c9:94:13:2a:2b:b2:5e:e3:25:cc:d5:b2:e0:2d:95:
5c:50:ca:b5:85:21:6b:ac:dc:9b:42:e2:f2:2e:10:
29:ff:36:ce:22:e8:e4:77:b0:50:30:ff:26:69:98:
91:26:30:00:ca:c5:2e:29:a8:be:9e:f9:38:65:17:
fc:c4:79:ca:2e:07:92:00:7f:2b:8a:3f:35:62:b3:
3c:0e:04:a6:1e:d1:0d:ab:6b:3d:e8:b6:38:db:df:
e5:f7:8c:d1:1b:be:7f:ec:98:db:fb:ba:d9:b9:58:
16:75:e6:fc:87:04:88:cd:eb:0d:3c:f5:96:ad:30:
bd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BA:65:97:55:B3:7D:03:C4:2E:EF:E4:C9:37:51:E0:77:11:34:3C
X509v3 Authority Key Identifier:
keyid:4C:3B:88:CD:B1:3F:3E:B1:2A:9B:E5:4A:B1:9B:AA:90:55:9B:39:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDuIzbE_PrEqm-VKsZuqkFWbOWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ec5584-6618-4b12-a11c-3055cb729bcf/1/3rpll1WzfQPELu_kyTdR4HcRNDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ec5584-6618-4b12-a11c-3055cb729bcf/1/TDuIzbE_PrEqm-VKsZuqkFWbOWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a0c0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:31:b9:d1:bc:2b:f2:e5:7e:53:e4:dc:ce:50:3f:ff:43:b8:
d3:10:3f:8c:0b:a6:f9:c7:24:b9:b1:06:d1:01:27:d7:34:68:
d8:22:8d:e0:8c:b5:4e:1a:33:47:fc:53:e0:d2:5e:95:7a:8c:
e3:e6:0e:53:54:10:cd:e0:b3:3e:72:c3:a9:bd:0c:22:5e:ea:
81:e2:aa:8e:1b:d6:36:c4:98:cc:ec:37:b6:b8:01:39:91:6a:
dd:4f:ec:a9:7f:17:72:01:6e:f1:1c:31:f9:55:f4:c4:ea:db:
1f:12:d7:0b:5d:a9:d5:b5:bb:40:88:22:23:72:1e:e7:67:33:
0f:24:8f:d1:4c:e5:cf:d8:2e:8c:75:d4:be:a8:bc:89:62:b6:
6e:0b:0e:24:80:10:28:97:23:1d:63:b2:cd:a6:1a:d1:cb:58:
37:68:52:0e:71:e2:39:e0:53:64:05:6b:ae:9f:2f:6c:76:1b:
01:1f:48:9f:49:46:65:a5:6b:63:0e:ac:47:15:14:1c:1e:56:
c4:b5:75:d7:0e:68:bc:9f:c6:22:df:bd:df:79:33:20:c2:24:
f7:68:c9:2c:5f:4a:a2:7e:25:16:69:fe:c7:ea:01:6a:83:e4:
80:38:f1:7c:a4:1f:0f:34:e3:5b:af:a3:7d:f6:e4:f5:f8:3a:
3e:12:e0:aa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQks/t0s47GN1QXH8Lg89OwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjM2I4OGNkYjEzZjNlYjEyYTliZTU0YWIxOWJhYTkwNTU5
YjM5NmEwHhcNMjUwMTAyMDE0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWJhNjU5NzU1YjM3ZDAzYzQyZWVmZTRjOTM3NTFlMDc3MTEzNDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR+QkpWqguRgGqCJvRZF0Rdt8GZV
nPgLas0emY73RWZ873CI1qxz0f3tloMaXI6WjQDex6S6gGKiP12x0Fc//MxrxzM9
e3BgGhgCbOKxv2FjxFN07xNn/PGP8ai7GqZgdlYfyugVHmCeB0bRSjgVUwmsNYnY
XF1wV/+g7prrKVXD/GntYGvJlBMqK7Je4yXM1bLgLZVcUMq1hSFrrNybQuLyLhAp
/zbOIujkd7BQMP8maZiRJjAAysUuKai+nvk4ZRf8xHnKLgeSAH8rij81YrM8DgSm
HtENq2s96LY429/l94zRG75/7Jjb+7rZuVgWdeb8hwSIzesNPPWWrTC9TQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN66ZZdVs30DxC7v5Mk3UeB3ETQ8MB8GA1UdIwQY
MBaAFEw7iM2xPz6xKpvlSrGbqpBVmzlqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVER1SXpiRV9QckVxbS1WS3NadXFrRldiT1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lYzU1ODQtNjYxOC00YjEyLWExMWMt
MzA1NWNiNzI5YmNmLzEvM3JwbGwxV3pmUVBFTHVfa3lUZFI0SGNSTkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lYzU1ODQtNjYxOC00YjEyLWExMWMtMzA1NWNiNzI5YmNm
LzEvVER1SXpiRV9QckVxbS1WS3NadXFrRldiT1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOgwDAN
BgkqhkiG9w0BAQsFAAOCAQEACjG50bwr8uV+U+TczlA//0O40xA/jAum+cckubEG
0QEn1zRo2CKN4Iy1ThozR/xT4NJelXqM4+YOU1QQzeCzPnLDqb0MIl7qgeKqjhvW
NsSYzOw3trgBOZFq3U/sqX8XcgFu8Rwx+VX0xOrbHxLXC12p1bW7QIgiI3Ie52cz
DySP0Uzlz9gujHXUvqi8iWK2bgsOJIAQKJcjHWOyzaYa0ctYN2hSDnHiOeBTZAVr
rp8vbHYbAR9In0lGZaVrYw6sRxUUHB5WxLV11w5ovJ/GIt+933kzIMIk92jJLF9K
on4lFmn+x+oBaoPkgDjxfKQfDzTjW6+jffbk9fg6PhLgqg==
-----END CERTIFICATE-----
Generated at Tue May 6 01:11:52 2025 by rpki-client