Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/9e-c1QM7hOOuVqcFhT1W-0B_y8I.roa
File: 9e-c1QM7hOOuVqcFhT1W-0B_y8I.roa (raw, json)
Hash identifier: vEWHptGsZmLBaZaCkGqC5n009HHhwYP3+LSg4b0qeuk=
Subject key identifier: F5:EF:9C:D5:03:3B:84:E3:AE:56:A7:05:85:3D:56:FB:40:7F:CB:C2
Certificate issuer: /CN=421cba589920beebb19bc572ae6d501b8cf6bbf0
Certificate serial: 01909682416641BB9BB0D45ACACCE8512DB7
Authority key identifier: 42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/9e-c1QM7hOOuVqcFhT1W-0B_y8I.roa
Signing time: Tue 09 Jul 2024 08:00:37 +0000
ROA not before: Tue 09 Jul 2024 08:00:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214790
IP address blocks: 2a10:c943::/32 maxlen: 32
2a10:c943:100::/48 maxlen: 48
2a10:c943:200::/64 maxlen: 64
Validation: Failed, certificate revoked on Fri 12 Jul 2024 10:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:96:82:41:66:41:bb:9b:b0:d4:5a:ca:cc:e8:51:2d:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=421cba589920beebb19bc572ae6d501b8cf6bbf0
Validity
Not Before: Jul 9 08:00:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5ef9cd5033b84e3ae56a705853d56fb407fcbc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a8:33:e1:c7:b6:ca:2f:b9:6f:fe:cc:47:79:
18:1b:9e:89:71:dd:c5:48:26:db:ab:d5:84:68:9c:
82:7b:6e:97:5c:41:b2:29:5f:7a:06:fb:1a:d3:ee:
26:29:94:10:80:44:f3:85:7c:93:bf:08:d2:a7:86:
5d:b2:a9:3f:6e:b1:b5:81:fe:4c:28:32:72:c0:61:
3f:02:21:e0:c3:74:53:94:84:77:81:fd:7c:e6:27:
60:3d:5b:50:19:f2:41:e1:d3:7f:de:14:b7:e2:af:
25:7c:b1:c4:5f:10:7e:f9:11:6d:d1:86:16:1a:4f:
35:6a:1c:2c:3b:36:7e:e5:1f:f9:ad:32:5c:2a:2a:
80:f9:96:30:10:3f:f9:cd:5a:36:7c:ae:02:14:0d:
db:71:08:e4:c8:88:89:4e:5d:46:b6:0c:58:f8:82:
f4:fb:2b:85:af:bd:f6:ce:5b:88:e3:9b:4c:d1:1c:
29:f9:b9:6e:1d:ad:f3:fb:30:32:b1:9d:b5:ce:52:
32:ef:8a:0d:5f:07:0d:a3:c8:9d:32:f1:c5:a1:59:
6e:c9:d9:c8:be:8c:fc:83:de:4a:64:c3:61:ff:96:
81:46:0f:84:a3:fe:c6:94:2e:4c:d8:77:e3:f7:31:
f6:4d:26:e2:ef:5a:8a:fe:05:d4:31:89:2c:6a:14:
69:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EF:9C:D5:03:3B:84:E3:AE:56:A7:05:85:3D:56:FB:40:7F:CB:C2
X509v3 Authority Key Identifier:
keyid:42:1C:BA:58:99:20:BE:EB:B1:9B:C5:72:AE:6D:50:1B:8C:F6:BB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/9e-c1QM7hOOuVqcFhT1W-0B_y8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1c49eb-4dda-44ef-bf04-ec00e1a27cc8/1/Qhy6WJkgvuuxm8Vyrm1QG4z2u_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:c943::/32
Signature Algorithm: sha256WithRSAEncryption
49:24:0e:b8:78:54:88:66:5e:7d:1e:55:16:4d:93:23:d3:81:
f6:8e:2f:71:bf:cc:24:9e:3e:e5:2a:29:10:b6:49:a3:2f:02:
e0:a9:c3:d9:c5:09:5d:19:10:bd:d2:a5:ad:0c:54:03:c3:ec:
e6:f3:18:71:40:d8:1b:fc:77:5e:be:a1:8a:46:cb:a6:a6:ea:
ed:3b:85:f0:03:d5:3b:bb:5b:a3:a5:06:b1:c0:89:8b:ed:52:
0c:04:79:33:2e:bf:93:69:34:8e:9b:7a:0e:0e:01:d6:91:f9:
f0:9a:ae:c9:84:85:e7:fa:34:8f:10:6a:7b:37:5b:51:14:57:
fa:4d:bd:0a:93:18:b6:c0:89:6a:56:6d:bb:46:90:30:a0:59:
52:07:0c:d4:7b:df:c2:9e:ba:64:16:d7:da:53:77:e0:67:42:
8b:4e:fc:a1:e9:14:f2:35:a3:10:f6:78:42:b9:14:68:23:77:
1e:52:e3:44:25:a2:bc:df:4c:6c:3e:75:f5:40:83:49:a2:0a:
77:e8:b3:98:0a:1f:ec:3f:31:1f:85:11:cb:90:3c:3e:b8:85:
c5:e8:ad:65:b5:a0:22:5b:d5:e6:2a:b5:d5:e7:59:fa:97:2b:
dc:c9:92:7d:5a:cc:18:86:4a:c9:83:17:c8:f9:93:6e:e2:3d:
33:5b:9f:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZCWgkFmQbubsNRayszoUS23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMWNiYTU4OTkyMGJlZWJiMTliYzU3MmFlNmQ1MDFiOGNm
NmJiZjAwHhcNMjQwNzA5MDgwMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWVmOWNkNTAzM2I4NGUzYWU1NmE3MDU4NTNkNTZmYjQwN2ZjYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsagz4ce2yi+5b/7MR3kYG56Jcd3F
SCbbq9WEaJyCe26XXEGyKV96Bvsa0+4mKZQQgETzhXyTvwjSp4Zdsqk/brG1gf5M
KDJywGE/AiHgw3RTlIR3gf185idgPVtQGfJB4dN/3hS34q8lfLHEXxB++RFt0YYW
Gk81ahwsOzZ+5R/5rTJcKiqA+ZYwED/5zVo2fK4CFA3bcQjkyIiJTl1GtgxY+IL0
+yuFr732zluI45tM0Rwp+bluHa3z+zAysZ21zlIy74oNXwcNo8idMvHFoVluydnI
voz8g95KZMNh/5aBRg+Eo/7GlC5M2Hfj9zH2TSbi71qK/gXUMYksahRpawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPXvnNUDO4TjrlanBYU9VvtAf8vCMB8GA1UdIwQY
MBaAFEIculiZIL7rsZvFcq5tUBuM9rvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQt
ZWMwMGUxYTI3Y2M4LzEvOWUtYzFRTTdoT091VnFjRmhUMVctMEJfeThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xYzQ5ZWItNGRkYS00NGVmLWJmMDQtZWMwMGUxYTI3Y2M4
LzEvUWh5NldKa2d2dXV4bThWeXJtMVFHNHoydV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhDJQzAN
BgkqhkiG9w0BAQsFAAOCAQEASSQOuHhUiGZefR5VFk2TI9OB9o4vcb/MJJ4+5Sop
ELZJoy8C4KnD2cUJXRkQvdKlrQxUA8Ps5vMYcUDYG/x3Xr6hikbLpqbq7TuF8APV
O7tbo6UGscCJi+1SDAR5My6/k2k0jpt6Dg4B1pH58JquyYSF5/o0jxBqezdbURRX
+k29CpMYtsCJalZtu0aQMKBZUgcM1Hvfwp66ZBbX2lN34GdCi078oekU8jWjEPZ4
QrkUaCN3HlLjRCWivN9MbD519UCDSaIKd+izmAof7D8xH4URy5A8PriFxeitZbWg
IlvV5iq11edZ+pcr3MmSfVrMGIZKyYMXyPmTbuI9M1uf3A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:18 2025 by rpki-client