Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Bx3gtA_UiV5iPL9tLcN4dm2kvwo.roa
File: Bx3gtA_UiV5iPL9tLcN4dm2kvwo.roa (raw, json)
Hash identifier: 35S834eeAN1cfdQOBgfytrFqEcMXyb1S3rFtk0f9bQ0=
Subject key identifier: 07:1D:E0:B4:0F:D4:89:5E:62:3C:BF:6D:2D:C3:78:76:6D:A4:BF:0A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018DF9B692F7EE53C166544BC85F09CF99E9
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Bx3gtA_UiV5iPL9tLcN4dm2kvwo.roa
Signing time: Fri 01 Mar 2024 11:11:48 +0000
ROA not before: Fri 01 Mar 2024 11:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 2a13:3b80::/29 maxlen: 29
2a13:4fc0::/29 maxlen: 29
2a13:8580::/29 maxlen: 29
2a13:9340::/29 maxlen: 29
2a13:93c0::/29 maxlen: 29
2a13:ac80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 06 Mar 2024 06:52:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:b6:92:f7:ee:53:c1:66:54:4b:c8:5f:09:cf:99:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 1 11:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=071de0b40fd4895e623cbf6d2dc378766da4bf0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:01:e8:1d:89:0e:56:d6:83:14:2c:68:41:43:
b9:47:db:a4:e2:0f:de:91:2b:b1:55:28:a6:bd:64:
a6:fc:f1:25:fd:54:1f:e1:09:63:54:a6:61:e6:63:
73:d5:b6:54:df:4d:9c:32:57:3b:84:48:d1:ac:5d:
11:19:f3:da:f5:53:43:53:cf:d9:d8:dd:80:55:36:
30:c5:5f:07:b6:41:85:f9:90:71:ea:4b:63:a8:12:
78:fd:3a:d6:88:06:a2:b7:66:c4:2d:40:2f:ad:1a:
4f:a3:46:9c:20:56:63:ae:cd:0a:a3:fd:4a:8d:4e:
34:a1:75:4a:1e:7d:86:1f:ab:f6:ea:ce:b2:d1:31:
5d:4d:9a:f4:2f:31:35:1d:26:46:a8:33:4d:9f:ed:
ef:7a:ed:e6:51:c5:5a:9d:d3:6d:66:04:d4:2b:b8:
d1:aa:a9:36:19:5e:87:85:cf:59:12:61:86:89:1c:
90:5d:6c:b6:dc:69:5b:98:83:3b:c1:56:04:82:1f:
5c:b4:8f:a6:fb:4a:38:4d:5e:db:94:06:e8:91:5a:
fc:56:48:be:4d:fc:bb:ee:5b:83:95:dd:0e:1b:f3:
da:a0:5a:54:67:93:14:1f:dd:8e:d0:d3:8e:b5:ee:
57:0f:2c:49:d0:11:19:22:8e:9e:79:7e:3f:2f:ff:
92:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:1D:E0:B4:0F:D4:89:5E:62:3C:BF:6D:2D:C3:78:76:6D:A4:BF:0A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Bx3gtA_UiV5iPL9tLcN4dm2kvwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3b80::/29
2a13:4fc0::/29
2a13:8580::/29
2a13:9340::/29
2a13:93c0::/29
2a13:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
9e:21:cb:5b:e4:5e:21:ee:8a:9d:99:7b:33:7b:17:eb:0f:0b:
09:ed:e0:97:4b:a7:c1:7e:eb:54:77:df:17:53:e1:65:92:46:
0f:a5:3f:f1:a7:57:a5:4d:dd:8c:1b:b8:34:ed:72:5c:bf:1e:
b7:8b:d0:33:3d:08:11:a4:a4:bc:4a:b7:9c:ed:5f:b2:e6:50:
bb:b0:df:62:72:9a:91:dc:3b:42:a3:86:ee:69:27:f9:c0:36:
bb:35:19:ff:b7:02:7b:74:9a:81:af:f0:83:5f:4d:7c:80:e4:
a6:df:73:1d:09:e9:c1:68:92:f1:73:f1:2a:a0:27:e1:1a:25:
2e:09:eb:7b:e5:71:17:ef:53:3f:35:b4:4c:44:d4:39:1c:bf:
dd:20:f1:c0:1b:bd:29:72:e4:79:a9:17:5b:ef:4e:79:63:b3:
d8:97:f3:8c:dd:e9:76:d5:35:d2:8e:02:d2:6d:fe:f1:c2:40:
e2:ee:48:24:0d:3b:d2:62:42:4e:26:a6:51:79:9b:07:3e:6c:
07:df:57:d9:ee:ea:64:3c:62:db:39:19:d5:46:39:92:b6:24:
7b:cd:b5:1f:98:62:09:3e:63:5b:b0:2a:db:e2:4c:81:71:28:
b7:31:3e:36:32:30:ae:29:66:0d:27:49:68:48:fe:2b:4c:31:
af:50:a3:02
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY35tpL37lPBZlRLyF8Jz5npMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMzAxMTExMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzFkZTBiNDBmZDQ4OTVlNjIzY2JmNmQyZGMzNzg3NjZkYTRiZjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQHoHYkOVtaDFCxoQUO5R9uk4g/e
kSuxVSimvWSm/PEl/VQf4QljVKZh5mNz1bZU302cMlc7hEjRrF0RGfPa9VNDU8/Z
2N2AVTYwxV8HtkGF+ZBx6ktjqBJ4/TrWiAait2bELUAvrRpPo0acIFZjrs0Ko/1K
jU40oXVKHn2GH6v26s6y0TFdTZr0LzE1HSZGqDNNn+3veu3mUcVandNtZgTUK7jR
qqk2GV6Hhc9ZEmGGiRyQXWy23GlbmIM7wVYEgh9ctI+m+0o4TV7blAbokVr8Vki+
Tfy77luDld0OG/PaoFpUZ5MUH92O0NOOte5XDyxJ0BEZIo6eeX4/L/+S0QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAcd4LQP1IleYjy/bS3DeHZtpL8KMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvQngzZ3RBX1VpVjVpUEw5dExjTjRkbTJrdndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhM7gAMF
AyoTT8ADBQMqE4WAAwUDKhOTQAMFAyoTk8ADBQMqE6yAMA0GCSqGSIb3DQEBCwUA
A4IBAQCeIctb5F4h7oqdmXszexfrDwsJ7eCXS6fBfutUd98XU+FlkkYPpT/xp1el
Td2MG7g07XJcvx63i9AzPQgRpKS8Srec7V+y5lC7sN9icpqR3DtCo4buaSf5wDa7
NRn/twJ7dJqBr/CDX018gOSm33MdCenBaJLxc/EqoCfhGiUuCet75XEX71M/NbRM
RNQ5HL/dIPHAG70pcuR5qRdb7055Y7PYl/OM3el21TXSjgLSbf7xwkDi7kgkDTvS
YkJOJqZReZsHPmwH31fZ7upkPGLbORnVRjmStiR7zbUfmGIJPmNbsCrb4kyBcSi3
MT42MjCuKWYNJ0loSP4rTDGvUKMC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:01 2024 by rpki-client on console-fra.rpki-client.org