Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xKINaSHSpeLXw7qxs8GFrlHl_l8.roa
File: xKINaSHSpeLXw7qxs8GFrlHl_l8.roa (raw, json)
Hash identifier: yUOG1JX5NK1WvrSltYfd+7x71a8AG6KN0jcW7vPpaSM=
Subject key identifier: C4:A2:0D:69:21:D2:A5:E2:D7:C3:BA:B1:B3:C1:85:AE:51:E5:FE:5F
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018DC5D7F123140DD6D8AE91B51385C3D9C0
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xKINaSHSpeLXw7qxs8GFrlHl_l8.roa
Signing time: Tue 20 Feb 2024 09:28:00 +0000
ROA not before: Tue 20 Feb 2024 09:28:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212165
IP address blocks: 2a13:3b80::/29 maxlen: 29
2a13:9340::/29 maxlen: 29
2a13:93c0::/29 maxlen: 29
2a13:ac80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 01 Mar 2024 10:53:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:d7:f1:23:14:0d:d6:d8:ae:91:b5:13:85:c3:d9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 20 09:28:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4a20d6921d2a5e2d7c3bab1b3c185ae51e5fe5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:63:09:e1:34:8c:11:10:5f:13:d6:d1:cb:27:
ec:85:a8:50:fc:cb:fd:41:2b:4f:d8:71:aa:d6:94:
0e:14:0c:f2:9a:18:e3:f1:92:e9:74:1f:c6:ff:43:
42:55:2d:ab:b2:c1:8e:15:44:ec:fe:40:2c:af:14:
a8:a1:8d:0a:ea:e0:4e:89:09:5d:af:12:d9:80:70:
56:1a:f5:fb:8f:71:70:85:ff:8a:e2:f2:01:b6:77:
28:4a:9f:46:f0:2c:b3:30:0e:c0:2a:42:24:25:dc:
f9:d8:7b:18:49:f7:54:7d:17:3f:33:11:45:07:e7:
c3:fb:c0:6a:98:c9:f3:77:46:81:de:fb:e5:88:1a:
04:40:34:23:53:44:ed:da:39:85:6d:e7:5a:8a:b2:
a0:d0:07:5d:ff:df:3c:21:9f:ff:b2:59:1e:87:e9:
37:0f:3d:88:31:52:a7:49:19:f8:f6:99:21:6e:a6:
9d:a6:ea:9e:d3:e4:9f:31:23:00:59:41:9a:14:8d:
9d:30:2d:b9:06:8f:c6:dc:46:30:79:bf:91:24:ee:
c5:50:1b:2e:07:63:e3:3d:93:10:ac:bf:4f:58:30:
87:ed:69:95:cd:80:c2:18:44:7a:7f:3d:5f:bb:85:
8e:dc:6d:04:62:43:f8:5b:34:41:5f:7d:e3:a1:74:
ce:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A2:0D:69:21:D2:A5:E2:D7:C3:BA:B1:B3:C1:85:AE:51:E5:FE:5F
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xKINaSHSpeLXw7qxs8GFrlHl_l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3b80::/29
2a13:9340::/29
2a13:93c0::/29
2a13:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
05:71:97:fa:fa:e4:09:d4:74:2c:d4:25:7f:81:07:50:18:44:
bd:3e:0f:5b:3c:4c:7b:a0:0c:a8:ec:a3:81:76:3f:be:63:9c:
c0:73:ff:a1:57:9b:1a:0c:34:d2:35:fe:32:53:a0:a9:11:f7:
11:df:3c:2a:ef:06:e6:c5:74:69:9b:a9:05:d0:49:9d:a4:dc:
6c:77:3a:69:52:66:7e:a5:93:22:06:2c:38:39:7b:26:35:e6:
bc:66:f7:0e:8a:3b:e5:8f:95:d5:38:ab:46:7a:5d:20:f0:25:
d5:67:ca:44:ef:78:94:95:b9:a0:24:97:41:95:b8:bc:43:6a:
9b:9c:8c:15:c8:88:a3:de:01:c7:1f:ed:21:90:7e:17:af:cd:
a7:e8:9c:67:d6:2a:52:9d:5d:0e:48:a2:04:65:c3:e9:ec:2c:
df:ed:c7:66:28:02:3a:a0:aa:c8:96:b3:be:23:42:67:4f:b2:
bf:5f:a4:fc:28:cd:5e:31:ee:3c:b8:d7:be:50:61:58:d2:34:
36:90:0e:82:ab:d6:42:7c:8c:85:47:c4:0e:27:54:e1:dd:6b:
15:0a:6f:68:b4:a8:9c:2c:e8:43:27:4c:c5:48:f6:8f:68:f9:
11:e3:11:fc:26:36:e4:09:a7:c7:1a:de:37:9c:2b:43:05:9b:
ae:c8:f9:bd
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY3F1/EjFA3W2K6RtROFw9nAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMjIwMDkyODAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGEyMGQ2OTIxZDJhNWUyZDdjM2JhYjFiM2MxODVhZTUxZTVmZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2MJ4TSMERBfE9bRyyfshahQ/Mv9
QStP2HGq1pQOFAzymhjj8ZLpdB/G/0NCVS2rssGOFUTs/kAsrxSooY0K6uBOiQld
rxLZgHBWGvX7j3Fwhf+K4vIBtncoSp9G8CyzMA7AKkIkJdz52HsYSfdUfRc/MxFF
B+fD+8BqmMnzd0aB3vvliBoEQDQjU0Tt2jmFbedairKg0Add/988IZ//slkeh+k3
Dz2IMVKnSRn49pkhbqadpuqe0+SfMSMAWUGaFI2dMC25Bo/G3EYweb+RJO7FUBsu
B2PjPZMQrL9PWDCH7WmVzYDCGER6fz1fu4WO3G0EYkP4WzRBX33joXTOswIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMSiDWkh0qXi18O6sbPBha5R5f5fMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEveEtJTmFTSFNwZUxYdzdxeHM4R0ZybEhsX2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhM7gAMF
AyoTk0ADBQMqE5PAAwUDKhOsgDANBgkqhkiG9w0BAQsFAAOCAQEABXGX+vrkCdR0
LNQlf4EHUBhEvT4PWzxMe6AMqOyjgXY/vmOcwHP/oVebGgw00jX+MlOgqRH3Ed88
Ku8G5sV0aZupBdBJnaTcbHc6aVJmfqWTIgYsODl7JjXmvGb3Doo75Y+V1TirRnpd
IPAl1WfKRO94lJW5oCSXQZW4vENqm5yMFciIo94Bxx/tIZB+F6/Np+icZ9YqUp1d
DkiiBGXD6ews3+3HZigCOqCqyJazviNCZ0+yv1+k/CjNXjHuPLjXvlBhWNI0NpAO
gqvWQnyMhUfEDidU4d1rFQpvaLSonCzoQydMxUj2j2j5EeMR/CY25AmnxxreN5wr
QwWbrsj5vQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:14 2025 by rpki-client