Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/x8KrjTQC86LXsC04T0UXOyJs_qE.roa
File: x8KrjTQC86LXsC04T0UXOyJs_qE.roa (raw, json)
Hash identifier: 3Eno0YJhErjSi0vV2AeU79RP4dHOcBJOk7dTYJ4N+wI=
Subject key identifier: C7:C2:AB:8D:34:02:F3:A2:D7:B0:2D:38:4F:45:17:3B:22:6C:FE:A1
Certificate issuer: /CN=14a63359e84e00c0f9e2a203ead2781a26d904e6
Certificate serial: 0192423D56B255A1847F87B6517A8D8AD624
Authority key identifier: 14:A6:33:59:E8:4E:00:C0:F9:E2:A2:03:EA:D2:78:1A:26:D9:04:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FKYzWehOAMD54qID6tJ4GibZBOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/x8KrjTQC86LXsC04T0UXOyJs_qE.roa
Signing time: Mon 30 Sep 2024 09:22:48 +0000
ROA not before: Mon 30 Sep 2024 09:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200203
IP address blocks: 2a13:d800::/32 maxlen: 32
2a13:d800:1000::/36 maxlen: 36
2a13:d800:2000::/36 maxlen: 36
2a13:d800:3000::/36 maxlen: 36
2a13:d800:4000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:3d:56:b2:55:a1:84:7f:87:b6:51:7a:8d:8a:d6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14a63359e84e00c0f9e2a203ead2781a26d904e6
Validity
Not Before: Sep 30 09:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7c2ab8d3402f3a2d7b02d384f45173b226cfea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8b:40:76:27:47:56:42:be:3e:18:8e:c4:66:
79:a4:af:69:25:1d:3d:48:1c:25:39:06:d3:d5:ad:
db:25:8e:e4:d5:eb:eb:18:d1:04:d0:11:09:2b:aa:
7c:77:cd:e4:2b:cb:8f:4d:7d:f0:82:a8:fe:4d:76:
eb:dd:ea:16:5e:5a:a4:48:a5:34:de:f0:da:40:aa:
e6:38:5e:f3:f2:05:fb:82:49:a2:97:3e:f7:22:4d:
8f:93:47:dd:18:27:01:72:c5:1a:20:17:64:ee:45:
a1:8e:6e:7c:fd:05:4b:a1:66:08:3b:1c:b4:d7:3a:
cb:67:de:2c:00:9a:8e:b1:ac:40:7c:fa:c8:1c:b9:
57:2d:df:36:23:a6:ce:64:8c:f2:78:10:01:6b:9d:
b0:cc:e4:52:7e:6b:20:c8:7e:13:60:7e:32:36:58:
ba:73:d0:91:f3:26:50:ce:20:c7:03:8d:21:85:58:
21:e5:bc:c1:77:4a:ca:ca:ce:4f:61:d1:95:6e:35:
e8:8a:4b:6b:d9:d9:6e:b3:51:a3:c1:ac:7c:88:0e:
ce:2f:5f:da:41:57:2d:56:f4:c1:d8:41:d9:95:4f:
86:e9:25:42:c1:85:27:64:dc:85:29:d4:39:1c:1e:
db:c0:aa:c4:cd:f2:1d:43:2a:3a:78:89:fa:7f:9c:
75:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C2:AB:8D:34:02:F3:A2:D7:B0:2D:38:4F:45:17:3B:22:6C:FE:A1
X509v3 Authority Key Identifier:
keyid:14:A6:33:59:E8:4E:00:C0:F9:E2:A2:03:EA:D2:78:1A:26:D9:04:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKYzWehOAMD54qID6tJ4GibZBOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/x8KrjTQC86LXsC04T0UXOyJs_qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/1b6b21-5eb2-4bf8-b55d-9f171597ae78/1/FKYzWehOAMD54qID6tJ4GibZBOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d800::/32
Signature Algorithm: sha256WithRSAEncryption
35:82:ca:58:c2:98:7c:b4:a5:ee:53:18:ef:f0:30:7a:02:de:
b3:b6:d4:41:26:9b:ad:65:85:7a:31:d1:81:4c:5c:c7:1d:d6:
66:d0:4d:09:dc:2e:2a:75:52:99:61:f5:b0:17:f7:c0:10:25:
6f:55:c0:97:b5:87:19:54:f5:54:48:c8:50:7b:a9:13:f4:2d:
19:83:2e:4f:04:e5:8c:8b:34:77:91:7a:3c:13:07:a3:9f:70:
35:6d:0a:f6:e4:77:37:ad:2d:43:ef:b2:c1:8c:3f:93:9a:bc:
e3:63:ce:f2:44:f6:14:fe:59:71:e9:74:44:aa:e5:77:d8:28:
55:36:7a:3e:88:14:67:57:be:02:8b:6d:89:46:5e:55:ed:4f:
ab:72:e4:c9:76:f1:5c:59:b1:9a:b6:d2:61:57:96:15:85:e9:
13:29:8d:f0:91:8f:bf:5f:05:f7:a6:5b:9a:5a:0a:eb:16:6f:
e5:45:1c:53:4f:e1:15:c6:b9:17:66:40:45:9e:27:5e:e3:4e:
b7:09:99:bc:e6:69:2b:8b:06:c4:a5:28:a7:43:c1:55:4b:f0:
91:e5:ed:b5:9a:dd:60:8d:08:b8:3a:ab:70:01:77:7d:14:76:
7b:4b:68:e0:3e:bb:54:95:d2:0a:48:5f:30:89:f2:72:6e:db:
c0:4f:87:39
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZJCPVayVaGEf4e2UXqNitYkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YTYzMzU5ZTg0ZTAwYzBmOWUyYTIwM2VhZDI3ODFhMjZk
OTA0ZTYwHhcNMjQwOTMwMDkyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2MyYWI4ZDM0MDJmM2EyZDdiMDJkMzg0ZjQ1MTczYjIyNmNmZWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYtAdidHVkK+PhiOxGZ5pK9pJR09
SBwlOQbT1a3bJY7k1evrGNEE0BEJK6p8d83kK8uPTX3wgqj+TXbr3eoWXlqkSKU0
3vDaQKrmOF7z8gX7gkmilz73Ik2Pk0fdGCcBcsUaIBdk7kWhjm58/QVLoWYIOxy0
1zrLZ94sAJqOsaxAfPrIHLlXLd82I6bOZIzyeBABa52wzORSfmsgyH4TYH4yNli6
c9CR8yZQziDHA40hhVgh5bzBd0rKys5PYdGVbjXoiktr2dlus1Gjwax8iA7OL1/a
QVctVvTB2EHZlU+G6SVCwYUnZNyFKdQ5HB7bwKrEzfIdQyo6eIn6f5x1lwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMfCq400AvOi17AtOE9FFzsibP6hMB8GA1UdIwQY
MBaAFBSmM1noTgDA+eKiA+rSeBom2QTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRktZeldlaE9BTUQ1NHFJRDZ0SjRHaWJaQk9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xYjZiMjEtNWViMi00YmY4LWI1NWQt
OWYxNzE1OTdhZTc4LzEveDhLcmpUUUM4NkxYc0MwNFQwVVhPeUpzX3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xYjZiMjEtNWViMi00YmY4LWI1NWQtOWYxNzE1OTdhZTc4
LzEvRktZeldlaE9BTUQ1NHFJRDZ0SjRHaWJaQk9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhPYADAN
BgkqhkiG9w0BAQsFAAOCAQEANYLKWMKYfLSl7lMY7/AwegLes7bUQSabrWWFejHR
gUxcxx3WZtBNCdwuKnVSmWH1sBf3wBAlb1XAl7WHGVT1VEjIUHupE/QtGYMuTwTl
jIs0d5F6PBMHo59wNW0K9uR3N60tQ++ywYw/k5q842PO8kT2FP5Zcel0RKrld9go
VTZ6PogUZ1e+AottiUZeVe1Pq3LkyXbxXFmxmrbSYVeWFYXpEymN8JGPv18F96Zb
mloK6xZv5UUcU0/hFca5F2ZARZ4nXuNOtwmZvOZpK4sGxKUop0PBVUvwkeXttZrd
YI0IuDqrcAF3fRR2e0to4D67VJXSCkhfMInycm7bwE+HOQ==
-----END CERTIFICATE-----
Generated at Sun May 11 10:33:07 2025 by rpki-client