Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/cHtMKS3KmXhZCbSlMyRfS2C-Ixw.roa
File: cHtMKS3KmXhZCbSlMyRfS2C-Ixw.roa (raw, json)
Hash identifier: +zQ2gwwmSgqVbdqzwkXb+YpYNwy/6NzmQn4txArvWRk=
Subject key identifier: 70:7B:4C:29:2D:CA:99:78:59:09:B4:A5:33:24:5F:4B:60:BE:23:1C
Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Certificate serial: 018F103DFC43D540FAEE1D9B5981112A7C25
Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/cHtMKS3KmXhZCbSlMyRfS2C-Ixw.roa
Signing time: Wed 24 Apr 2024 13:14:08 +0000
ROA not before: Wed 24 Apr 2024 13:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215568
IP address blocks: 2a13:cd40::/29 maxlen: 29
2a13:d340::/29 maxlen: 29
2a13:d840::/29 maxlen: 29
2a13:df40::/29 maxlen: 29
2a13:e140::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 03 May 2024 12:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:3d:fc:43:d5:40:fa:ee:1d:9b:59:81:11:2a:7c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099
Validity
Not Before: Apr 24 13:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=707b4c292dca99785909b4a533245f4b60be231c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:05:0a:23:71:d0:e9:04:d2:4b:45:b4:54:28:
36:a2:11:d9:3c:c2:a5:5a:80:b4:f1:9d:7c:5d:c3:
fe:88:37:52:06:71:9e:26:3e:48:d2:fe:81:a2:5a:
2d:a9:4d:cc:4a:e9:1c:df:8e:96:70:85:1e:ed:de:
7b:dd:8f:47:00:8b:ac:ed:70:0e:06:2c:49:a9:f6:
33:9d:05:dc:7e:ff:56:78:8d:96:8d:63:44:ea:20:
16:7c:1c:b9:97:32:03:45:42:a1:28:db:9f:f0:32:
f4:33:0d:d0:01:4b:f9:f1:cc:a3:65:79:82:f8:99:
38:64:0e:af:b3:e5:0b:9d:54:ad:92:6c:02:96:86:
e8:a4:82:72:7d:99:5b:69:1a:70:ac:63:d5:ff:bb:
e4:8e:e8:0a:c8:ce:30:48:33:00:3f:19:3d:3a:98:
86:b2:01:b4:d1:07:2a:17:59:e4:00:d4:fd:72:e7:
c7:48:11:9d:ba:c9:6a:b8:02:a5:00:c9:a3:fc:28:
b7:f0:99:6e:d6:ff:b5:08:cc:d2:0f:68:bf:3e:81:
f3:aa:76:da:aa:92:47:6b:0b:4b:14:d8:81:89:cc:
b2:43:01:5a:24:63:c1:2d:56:86:15:47:7a:d0:59:
d3:3a:15:44:72:02:a5:36:a4:12:df:80:8e:19:c4:
53:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7B:4C:29:2D:CA:99:78:59:09:B4:A5:33:24:5F:4B:60:BE:23:1C
X509v3 Authority Key Identifier:
keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/cHtMKS3KmXhZCbSlMyRfS2C-Ixw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:cd40::/29
2a13:d340::/29
2a13:d840::/29
2a13:df40::/29
2a13:e140::/29
Signature Algorithm: sha256WithRSAEncryption
59:2e:24:64:91:25:11:86:77:30:b2:9b:10:d0:e7:63:c8:1c:
9e:55:f9:a6:06:25:7b:8f:5d:5d:d8:b0:5a:83:c9:0b:b0:ec:
55:2e:5d:0e:cc:ab:1e:d3:dd:4b:6a:0d:93:77:9b:c4:87:a3:
80:cd:00:ae:68:e9:29:ed:d1:35:aa:f4:28:43:db:28:62:74:
03:14:01:30:29:31:64:c4:84:2f:5c:74:9e:10:fa:f2:92:66:
71:3d:cd:9a:a7:7d:17:e3:63:f4:f4:c2:35:ef:65:2f:0f:22:
21:1d:5e:b3:f6:b7:d4:09:3d:06:5a:fd:d9:d3:c3:dd:42:06:
ec:93:23:56:0e:e2:c9:6f:be:35:14:1d:8f:4f:26:89:e0:07:
d9:56:28:c0:d9:8f:60:ca:05:0a:d9:1f:1c:5b:1e:12:ad:a3:
53:21:bb:db:a5:f4:32:3b:f4:e3:f5:79:c3:37:5b:78:c7:53:
30:cc:d0:8f:f5:9e:e0:84:6a:9e:4a:27:bb:09:ad:72:a3:49:
10:d5:23:ee:36:4a:95:27:b8:f3:a6:0b:41:1e:f2:11:b7:e6:
5f:06:14:ca:18:b4:8d:c5:d3:11:72:7c:36:21:11:ee:05:97:
7a:34:d5:69:8c:d2:6c:de:6d:e9:ae:55:2b:3e:74:86:8a:69:
d2:1a:97:9b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY8QPfxD1UD67h2bWYERKnwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm
YmUwOTkwHhcNMjQwNDI0MTMxNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdiNGMyOTJkY2E5OTc4NTkwOWI0YTUzMzI0NWY0YjYwYmUyMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwUKI3HQ6QTSS0W0VCg2ohHZPMKl
WoC08Z18XcP+iDdSBnGeJj5I0v6BolotqU3MSukc346WcIUe7d573Y9HAIus7XAO
BixJqfYznQXcfv9WeI2WjWNE6iAWfBy5lzIDRUKhKNuf8DL0Mw3QAUv58cyjZXmC
+Jk4ZA6vs+ULnVStkmwClobopIJyfZlbaRpwrGPV/7vkjugKyM4wSDMAPxk9OpiG
sgG00QcqF1nkANT9cufHSBGduslquAKlAMmj/Ci38Jlu1v+1CMzSD2i/PoHzqnba
qpJHawtLFNiBicyyQwFaJGPBLVaGFUd60FnTOhVEcgKlNqQS34COGcRTPQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHB7TCktypl4WQm0pTMkX0tgviMcMB8GA1UdIwQY
MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt
M2FhMjIyN2JhZGZlLzEvY0h0TUtTM0ttWGhaQ2JTbE15UmZTMkMtSXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl
LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKhPNQAMF
AyoT00ADBQMqE9hAAwUDKhPfQAMFAyoT4UAwDQYJKoZIhvcNAQELBQADggEBAFku
JGSRJRGGdzCymxDQ52PIHJ5V+aYGJXuPXV3YsFqDyQuw7FUuXQ7Mqx7T3UtqDZN3
m8SHo4DNAK5o6Snt0TWq9ChD2yhidAMUATApMWTEhC9cdJ4Q+vKSZnE9zZqnfRfj
Y/T0wjXvZS8PIiEdXrP2t9QJPQZa/dnTw91CBuyTI1YO4slvvjUUHY9PJongB9lW
KMDZj2DKBQrZHxxbHhKto1Mhu9ul9DI79OP1ecM3W3jHUzDM0I/1nuCEap5KJ7sJ
rXKjSRDVI+42SpUnuPOmC0Ee8hG35l8GFMoYtI3F0xFyfDYhEe4Fl3o01WmM0mze
bemuVSs+dIaKadIal5s=
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:43:34 2025 by rpki-client