Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/920dc4-cd3c-4cac-acfc-4c85445a036a/1/Rf2FKejO_kdZr0hTNOJPEQWtdTU.roa
File: Rf2FKejO_kdZr0hTNOJPEQWtdTU.roa (raw, json)
Hash identifier: sw2DsNUE8H9Wt4UbWRLnPhhdJkE9v82M4HjvsULjGZA=
Subject key identifier: 45:FD:85:29:E8:CE:FE:47:59:AF:48:53:34:E2:4F:11:05:AD:75:35
Certificate issuer: /CN=d80b497d51bd9f47b84f693d687fbe8cf6cffb75
Certificate serial: 0194274891F9196EA0E0E4D06D2A315D3604
Authority key identifier: D8:0B:49:7D:51:BD:9F:47:B8:4F:69:3D:68:7F:BE:8C:F6:CF:FB:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AtJfVG9n0e4T2k9aH--jPbP-3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/920dc4-cd3c-4cac-acfc-4c85445a036a/1/Rf2FKejO_kdZr0hTNOJPEQWtdTU.roa
Signing time: Thu 02 Jan 2025 13:50:54 +0000
ROA not before: Thu 02 Jan 2025 13:50:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216325
IP address blocks: 2a13:d940::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Jan 2025 11:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:91:f9:19:6e:a0:e0:e4:d0:6d:2a:31:5d:36:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d80b497d51bd9f47b84f693d687fbe8cf6cffb75
Validity
Not Before: Jan 2 13:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45fd8529e8cefe4759af485334e24f1105ad7535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:71:4d:94:08:63:5c:d3:de:69:2a:a3:cc:
92:4b:fc:c5:02:06:4d:60:30:ce:1f:45:2c:0a:2e:
fe:3a:df:eb:47:45:16:26:56:4e:47:96:ca:0d:0a:
1a:5c:46:6d:db:96:f6:57:04:c2:52:8e:e0:1c:fe:
19:08:e9:2f:e0:d4:13:d5:5f:08:67:95:59:f8:56:
06:79:8c:cf:46:71:d9:74:be:6b:b2:f1:a6:4a:0b:
d5:51:42:ce:58:da:ae:fb:09:89:a9:df:d7:77:8b:
d4:ed:2c:b5:ed:e4:ce:e7:23:d3:db:a6:bf:c0:0f:
ce:54:7b:36:70:1c:07:25:35:ea:24:27:dd:6c:36:
9d:bd:5e:73:31:f7:09:a7:3c:8d:9f:76:d9:e7:f2:
28:53:62:b0:06:25:af:5c:79:60:21:cf:95:57:c3:
eb:8b:c4:27:fa:7e:10:53:22:a0:df:94:77:20:da:
6c:c0:66:5d:67:5a:b3:42:2a:20:e8:29:8b:68:7b:
89:ad:60:98:b2:20:23:1e:29:f7:09:bf:fb:c8:7e:
29:bd:7c:79:94:90:96:07:59:7e:29:66:49:d3:2b:
35:bb:99:9b:90:58:5b:05:b4:ad:7e:85:73:f2:4b:
28:47:ef:c5:f3:26:32:59:91:79:bd:95:f6:98:d4:
d7:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:FD:85:29:E8:CE:FE:47:59:AF:48:53:34:E2:4F:11:05:AD:75:35
X509v3 Authority Key Identifier:
keyid:D8:0B:49:7D:51:BD:9F:47:B8:4F:69:3D:68:7F:BE:8C:F6:CF:FB:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AtJfVG9n0e4T2k9aH--jPbP-3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/920dc4-cd3c-4cac-acfc-4c85445a036a/1/Rf2FKejO_kdZr0hTNOJPEQWtdTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/920dc4-cd3c-4cac-acfc-4c85445a036a/1/2AtJfVG9n0e4T2k9aH--jPbP-3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d940::/29
Signature Algorithm: sha256WithRSAEncryption
93:02:f6:b0:fb:43:52:eb:b2:73:e5:dc:33:81:e4:5c:0e:db:
91:e0:5a:00:26:27:d1:da:18:e0:58:b4:ba:d4:f9:40:77:b9:
df:cb:24:c8:a6:91:9c:bb:2c:d6:13:9a:17:a1:fa:ff:8a:31:
17:24:b8:55:33:42:43:36:83:27:d0:91:99:35:6e:c4:d3:a8:
93:a5:0e:4d:21:b0:8a:30:c0:5e:af:61:a5:0d:ce:c9:db:c0:
0d:87:af:ab:18:2f:d8:90:bd:0d:4a:41:e3:35:65:5c:af:48:
31:f5:a7:4a:24:9e:f3:00:64:73:13:7f:4f:64:31:81:c5:6c:
6d:2a:c2:69:63:0e:22:10:7e:dd:cb:87:3d:5f:6b:cc:ac:24:
2a:ec:7a:a9:07:74:32:16:00:28:7f:02:7c:4c:e0:06:f3:56:
9a:6a:f3:f6:78:1a:d8:6c:c6:cb:70:1b:63:48:54:6b:6e:a2:
b7:87:b9:bf:10:ee:b6:c7:bd:9d:e1:c9:a9:1b:91:d1:92:84:
52:9b:3b:5e:8e:6b:e5:b4:d1:bb:34:54:9b:b8:92:2c:2c:46:
50:c6:1a:80:95:71:70:52:19:5a:8d:2d:5a:63:5b:a8:b1:44:
08:02:51:5b:3e:32:dc:2a:42:ac:b2:75:09:bf:62:ed:08:3a:
a7:09:10:ea
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSJH5GW6g4OTQbSoxXTYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MGI0OTdkNTFiZDlmNDdiODRmNjkzZDY4N2ZiZThjZjZj
ZmZiNzUwHhcNMjUwMTAyMTM1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWZkODUyOWU4Y2VmZTQ3NTlhZjQ4NTMzNGUyNGYxMTA1YWQ3NTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6FxTZQIY1zT3mkqo8ySS/zFAgZN
YDDOH0UsCi7+Ot/rR0UWJlZOR5bKDQoaXEZt25b2VwTCUo7gHP4ZCOkv4NQT1V8I
Z5VZ+FYGeYzPRnHZdL5rsvGmSgvVUULOWNqu+wmJqd/Xd4vU7Sy17eTO5yPT26a/
wA/OVHs2cBwHJTXqJCfdbDadvV5zMfcJpzyNn3bZ5/IoU2KwBiWvXHlgIc+VV8Pr
i8Qn+n4QUyKg35R3INpswGZdZ1qzQiog6CmLaHuJrWCYsiAjHin3Cb/7yH4pvXx5
lJCWB1l+KWZJ0ys1u5mbkFhbBbStfoVz8ksoR+/F8yYyWZF5vZX2mNTXEwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEX9hSnozv5HWa9IUzTiTxEFrXU1MB8GA1UdIwQY
MBaAFNgLSX1RvZ9HuE9pPWh/voz2z/t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkF0SmZWRzluMGU0VDJrOWFILS1qUGJQLTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MjBkYzQtY2QzYy00Y2FjLWFjZmMt
NGM4NTQ0NWEwMzZhLzEvUmYyRktlak9fa2RacjBoVE5PSlBFUVd0ZFRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85MjBkYzQtY2QzYy00Y2FjLWFjZmMtNGM4NTQ0NWEwMzZh
LzEvMkF0SmZWRzluMGU0VDJrOWFILS1qUGJQLTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPZQDAN
BgkqhkiG9w0BAQsFAAOCAQEAkwL2sPtDUuuyc+XcM4HkXA7bkeBaACYn0doY4Fi0
utT5QHe538skyKaRnLss1hOaF6H6/4oxFyS4VTNCQzaDJ9CRmTVuxNOok6UOTSGw
ijDAXq9hpQ3OydvADYevqxgv2JC9DUpB4zVlXK9IMfWnSiSe8wBkcxN/T2QxgcVs
bSrCaWMOIhB+3cuHPV9rzKwkKux6qQd0MhYAKH8CfEzgBvNWmmrz9nga2GzGy3Ab
Y0hUa26it4e5vxDutse9neHJqRuR0ZKEUps7Xo5r5bTRuzRUm7iSLCxGUMYagJVx
cFIZWo0tWmNbqLFECAJRWz4y3CpCrLJ1Cb9i7Qg6pwkQ6g==
-----END CERTIFICATE-----
Generated at Thu May 1 03:06:37 2025 by rpki-client