Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/0vBzU4BZEa3R-Sj06h-d9CahMkk.roa
File: 0vBzU4BZEa3R-Sj06h-d9CahMkk.roa (raw, json)
Hash identifier: c9Dvk8uf+s/9GLHV882ZBb/N4m2V0h/HExSA2xktRcU=
Subject key identifier: D2:F0:73:53:80:59:11:AD:D1:F9:28:F4:EA:1F:9D:F4:26:A1:32:49
Certificate issuer: /CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Certificate serial: 018D5AB9C23CCA79C8205052B9E6D20DCDB8
Authority key identifier: 6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/0vBzU4BZEa3R-Sj06h-d9CahMkk.roa
Signing time: Tue 30 Jan 2024 14:15:39 +0000
ROA not before: Tue 30 Jan 2024 14:15:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204033
IP address blocks: 2a13:3d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 12 Feb 2024 22:27:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:b9:c2:3c:ca:79:c8:20:50:52:b9:e6:d2:0d:cd:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cc69c3d7030cec19f8fb66e543bde65595708a2
Validity
Not Before: Jan 30 14:15:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2f07353805911add1f928f4ea1f9df426a13249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f0:31:f3:53:73:65:de:8c:9a:b2:8c:86:4a:
e5:3e:ca:a1:31:2a:5e:f3:14:b7:ad:f0:42:7b:04:
c2:a5:a5:99:cd:b0:a5:bd:e6:a8:98:64:8b:01:1a:
70:f2:69:06:2e:97:7c:44:b1:8a:48:e4:43:38:98:
95:76:b4:a6:7e:90:80:f0:53:5e:85:b4:aa:4a:db:
54:cf:09:68:1e:f7:91:b9:e5:ce:4e:99:20:a8:36:
a3:55:b5:ce:af:00:9c:45:4e:6f:0f:56:99:da:ab:
de:ae:a1:e2:d3:5d:5f:52:4d:71:b8:51:a7:69:97:
67:7c:67:91:df:b7:34:5e:7f:45:b7:05:19:7c:0b:
5e:a2:1c:99:ea:a6:3b:6a:c6:41:1b:2b:cc:b9:bb:
58:61:2d:a7:fe:fc:5e:ae:89:4b:63:68:59:05:ad:
34:fc:53:af:c8:ab:4a:e0:64:ce:4b:8d:f7:70:e1:
ec:54:58:1c:b6:69:4c:47:13:d3:b5:41:4c:c7:e8:
d2:f0:22:8a:ed:47:79:3a:06:b1:19:b0:10:b7:9a:
6a:2a:2d:60:f6:c0:f0:d5:c0:0c:c1:bf:46:67:e0:
51:bc:09:4d:8a:50:2c:2d:bf:d4:11:92:c4:65:83:
5e:be:8f:dc:c6:e7:80:9f:fe:ad:9b:41:f0:e6:fd:
02:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F0:73:53:80:59:11:AD:D1:F9:28:F4:EA:1F:9D:F4:26:A1:32:49
X509v3 Authority Key Identifier:
keyid:6C:C6:9C:3D:70:30:CE:C1:9F:8F:B6:6E:54:3B:DE:65:59:57:08:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bMacPXAwzsGfj7ZuVDveZVlXCKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/0vBzU4BZEa3R-Sj06h-d9CahMkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9ca58e-9e32-428f-8411-1aeb6a4e45ad/1/bMacPXAwzsGfj7ZuVDveZVlXCKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3d00::/29
Signature Algorithm: sha256WithRSAEncryption
5f:5d:6e:a5:65:64:84:6e:9f:63:4e:5c:a4:a8:bf:8d:ea:bf:
80:23:24:35:e7:78:f7:aa:5a:f2:f9:17:32:d8:81:d4:cb:0c:
09:00:cf:36:c6:6a:7a:fd:d0:49:0e:da:6c:75:55:2b:88:5b:
cf:8a:62:f0:92:cb:e3:72:dc:62:0e:81:a3:e1:d8:87:ae:ed:
59:03:b3:5e:9e:1b:2d:06:af:6e:21:b2:87:8d:69:1f:65:48:
01:f1:d5:20:9e:a5:26:c0:4b:e5:c6:d8:63:c6:40:3b:c8:24:
96:57:15:47:14:0c:5a:1d:25:87:6c:f7:c2:68:1a:77:21:4c:
36:65:e3:78:82:86:ff:24:92:5a:6e:00:ed:fb:2a:40:d2:0a:
24:17:a0:a4:af:b7:a2:46:32:26:78:02:23:86:3a:86:ed:16:
76:eb:42:84:82:0e:86:34:88:8d:c8:73:7f:14:db:57:3c:bd:
d0:12:53:0a:77:ab:a6:1a:a0:82:19:77:3d:4d:39:46:32:0a:
26:81:11:48:1b:fc:b9:37:a8:7d:46:f0:b2:bf:8c:6b:e8:08:
89:29:e2:45:64:db:4e:b8:f1:e6:10:5d:18:21:6f:05:a8:f9:
e6:7d:6a:7d:35:99:6d:13:a8:f3:57:26:c1:3c:fe:23:09:51:
af:e6:33:9a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1aucI8ynnIIFBSuebSDc24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYzY5YzNkNzAzMGNlYzE5ZjhmYjY2ZTU0M2JkZTY1NTk1
NzA4YTIwHhcNMjQwMTMwMTQxNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmYwNzM1MzgwNTkxMWFkZDFmOTI4ZjRlYTFmOWRmNDI2YTEzMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofAx81NzZd6MmrKMhkrlPsqhMSpe
8xS3rfBCewTCpaWZzbClveaomGSLARpw8mkGLpd8RLGKSORDOJiVdrSmfpCA8FNe
hbSqSttUzwloHveRueXOTpkgqDajVbXOrwCcRU5vD1aZ2qverqHi011fUk1xuFGn
aZdnfGeR37c0Xn9FtwUZfAteohyZ6qY7asZBGyvMubtYYS2n/vxerolLY2hZBa00
/FOvyKtK4GTOS433cOHsVFgctmlMRxPTtUFMx+jS8CKK7Ud5OgaxGbAQt5pqKi1g
9sDw1cAMwb9GZ+BRvAlNilAsLb/UEZLEZYNevo/cxueAn/6tm0Hw5v0CwwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNLwc1OAWRGt0fko9OofnfQmoTJJMB8GA1UdIwQY
MBaAFGzGnD1wMM7Bn4+2blQ73mVZVwiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEt
MWFlYjZhNGU0NWFkLzEvMHZCelU0QlpFYTNSLVNqMDZoLWQ5Q2FoTWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS85Y2E1OGUtOWUzMi00MjhmLTg0MTEtMWFlYjZhNGU0NWFk
LzEvYk1hY1BYQXd6c0dmajdadVZEdmVaVmxYQ0tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhM9ADAN
BgkqhkiG9w0BAQsFAAOCAQEAX11upWVkhG6fY05cpKi/jeq/gCMkNed496pa8vkX
MtiB1MsMCQDPNsZqev3QSQ7abHVVK4hbz4pi8JLL43LcYg6Bo+HYh67tWQOzXp4b
LQavbiGyh41pH2VIAfHVIJ6lJsBL5cbYY8ZAO8gkllcVRxQMWh0lh2z3wmgadyFM
NmXjeIKG/ySSWm4A7fsqQNIKJBegpK+3okYyJngCI4Y6hu0WdutChIIOhjSIjchz
fxTbVzy90BJTCnerphqgghl3PU05RjIKJoERSBv8uTeofUbwsr+Ma+gIiSniRWTb
Trjx5hBdGCFvBaj55n1qfTWZbROo81cmwTz+IwlRr+Yzmg==
-----END CERTIFICATE-----
Generated at Mon May 12 17:30:40 2025 by rpki-client