Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/hFkbpR9fJU_VB4rpDVst3D1Tu3U.roa
File: hFkbpR9fJU_VB4rpDVst3D1Tu3U.roa (raw, json)
Hash identifier: 83aVSpvjg7w3Obx5p2ap6SwdzuoglUX353j1DZZZsM0=
Subject key identifier: 84:59:1B:A5:1F:5F:25:4F:D5:07:8A:E9:0D:5B:2D:DC:3D:53:BB:75
Certificate issuer: /CN=246f9be783d73d95ab8aa54619e60f9011c04d67
Certificate serial: 01945BFCF492B11DE281D8BBB8F5A836346D
Authority key identifier: 24:6F:9B:E7:83:D7:3D:95:AB:8A:A5:46:19:E6:0F:90:11:C0:4D:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JG-b54PXPZWriqVGGeYPkBHATWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/hFkbpR9fJU_VB4rpDVst3D1Tu3U.roa
Signing time: Sun 12 Jan 2025 19:28:11 +0000
ROA not before: Sun 12 Jan 2025 19:28:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197937
IP address blocks: 2a13:83c0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 13 Jan 2025 08:14:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5b:fc:f4:92:b1:1d:e2:81:d8:bb:b8:f5:a8:36:34:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=246f9be783d73d95ab8aa54619e60f9011c04d67
Validity
Not Before: Jan 12 19:28:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84591ba51f5f254fd5078ae90d5b2ddc3d53bb75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:57:1d:04:56:40:b7:58:b0:41:c5:14:26:08:
03:2f:9e:c2:38:20:0f:a9:60:cb:6f:19:8c:85:53:
17:9b:43:7e:c3:9b:0e:b3:a5:46:ce:87:44:38:cc:
35:cb:80:1e:44:a2:50:41:b1:aa:75:c7:8a:c8:d6:
82:5a:03:0b:dc:7d:ba:ae:39:ad:c6:86:59:ca:b7:
e0:52:cb:32:ce:b1:82:85:75:a2:94:fa:ae:15:f2:
b7:5c:a5:ab:9b:b0:c7:44:43:0f:49:1f:3b:fc:61:
8c:e7:be:1b:d4:c5:ce:fe:4f:47:2d:91:26:99:6c:
e5:6b:48:f5:c0:e6:35:c2:32:6b:16:61:ae:f5:92:
7d:d8:6f:9c:81:a3:a7:7a:78:e9:eb:f4:bb:d1:ae:
bf:7d:2e:a4:bd:3e:95:3e:2d:b0:ce:c1:b3:15:45:
ac:28:fc:b2:48:a0:e2:b3:f8:e9:ff:e4:ca:19:a3:
aa:d1:95:e4:bf:e8:c2:65:8b:88:c0:65:7f:eb:11:
5b:fa:43:e4:91:bc:a1:d6:d2:e0:6c:ab:2b:10:76:
17:8a:b5:cb:25:8a:db:90:0c:09:d3:5e:04:b1:7d:
fe:7e:27:7f:14:ed:61:7a:52:4e:39:2d:49:71:50:
c7:8b:4f:49:ba:f8:dd:8e:eb:4d:00:7e:f7:65:df:
4f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:59:1B:A5:1F:5F:25:4F:D5:07:8A:E9:0D:5B:2D:DC:3D:53:BB:75
X509v3 Authority Key Identifier:
keyid:24:6F:9B:E7:83:D7:3D:95:AB:8A:A5:46:19:E6:0F:90:11:C0:4D:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JG-b54PXPZWriqVGGeYPkBHATWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/hFkbpR9fJU_VB4rpDVst3D1Tu3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/JG-b54PXPZWriqVGGeYPkBHATWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:61:a9:b6:b1:ca:56:9c:5b:c2:3b:db:d7:f0:54:7f:ad:88:
56:15:c7:65:6d:85:0c:54:77:d8:81:a5:4a:e4:f0:d3:f3:b8:
7e:af:76:82:13:0a:aa:44:85:c2:2f:ed:19:ba:3e:09:5c:f7:
f7:3f:9a:1b:50:24:73:5f:64:6f:d8:56:60:11:e4:27:81:44:
81:5d:64:dd:af:92:f5:f5:b5:95:be:ef:ee:c8:60:38:cc:94:
df:ac:27:54:cb:2d:63:db:ff:72:a5:23:9b:0f:dd:4b:c0:4c:
d3:b4:d9:f3:d2:26:5d:62:83:3c:ac:ef:39:52:45:64:9b:8f:
74:26:f3:82:00:76:32:15:86:3b:45:38:91:23:5f:b3:75:ab:
16:31:9f:65:03:84:b9:f6:3b:39:27:25:7c:c0:78:6b:ab:96:
3f:4f:d8:fd:ca:36:49:db:ae:ef:33:3b:ba:11:22:39:77:af:
d2:92:82:25:6b:0e:f4:09:89:e0:7d:a9:21:a2:9a:89:30:cf:
aa:38:96:90:4c:94:71:1d:a1:a6:a4:2a:69:e5:78:45:56:53:
c1:4a:1b:91:3a:64:43:c9:73:52:a4:57:f8:c3:f4:86:16:74:
1a:1a:8d:80:e5:6c:ae:0c:40:11:36:e5:ce:26:60:5e:6d:05:
92:f8:62:4d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZRb/PSSsR3igdi7uPWoNjRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NmY5YmU3ODNkNzNkOTVhYjhhYTU0NjE5ZTYwZjkwMTFj
MDRkNjcwHhcNMjUwMTEyMTkyODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDU5MWJhNTFmNWYyNTRmZDUwNzhhZTkwZDViMmRkYzNkNTNiYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlcdBFZAt1iwQcUUJggDL57COCAP
qWDLbxmMhVMXm0N+w5sOs6VGzodEOMw1y4AeRKJQQbGqdceKyNaCWgML3H26rjmt
xoZZyrfgUssyzrGChXWilPquFfK3XKWrm7DHREMPSR87/GGM574b1MXO/k9HLZEm
mWzla0j1wOY1wjJrFmGu9ZJ92G+cgaOnenjp6/S70a6/fS6kvT6VPi2wzsGzFUWs
KPyySKDis/jp/+TKGaOq0ZXkv+jCZYuIwGV/6xFb+kPkkbyh1tLgbKsrEHYXirXL
JYrbkAwJ014EsX3+fid/FO1helJOOS1JcVDHi09JuvjdjutNAH73Zd9PYwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIRZG6UfXyVP1QeK6Q1bLdw9U7t1MB8GA1UdIwQY
MBaAFCRvm+eD1z2Vq4qlRhnmD5ARwE1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkctYjU0UFhQWldyaXFWR0dlWVBrQkhBVFdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iYWEzNzItODIzYi00YjA3LTlhYWIt
Y2JiZDAxZjJiOTFjLzEvaEZrYnBSOWZKVV9WQjRycERWc3QzRDFUdTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iYWEzNzItODIzYi00YjA3LTlhYWItY2JiZDAxZjJiOTFj
LzEvSkctYjU0UFhQWldyaXFWR0dlWVBrQkhBVFdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhODwDAN
BgkqhkiG9w0BAQsFAAOCAQEAnWGptrHKVpxbwjvb1/BUf62IVhXHZW2FDFR32IGl
SuTw0/O4fq92ghMKqkSFwi/tGbo+CVz39z+aG1Akc19kb9hWYBHkJ4FEgV1k3a+S
9fW1lb7v7shgOMyU36wnVMstY9v/cqUjmw/dS8BM07TZ89ImXWKDPKzvOVJFZJuP
dCbzggB2MhWGO0U4kSNfs3WrFjGfZQOEufY7OSclfMB4a6uWP0/Y/co2Sduu7zM7
uhEiOXev0pKCJWsO9AmJ4H2pIaKaiTDPqjiWkEyUcR2hpqQqaeV4RVZTwUobkTpk
Q8lzUqRX+MP0hhZ0GhqNgOVsrgxAETblziZgXm0FkvhiTQ==
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:38:49 2025 by rpki-client