Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/cym52i4XPCK4n99kwtQ7x8M3XAk.roa
File: cym52i4XPCK4n99kwtQ7x8M3XAk.roa (raw, json)
Hash identifier: 8s0WygGGyMsXFk2N0BoCgcWHhv3VPoGipQNhj81Cfl0=
Subject key identifier: 73:29:B9:DA:2E:17:3C:22:B8:9F:DF:64:C2:D4:3B:C7:C3:37:5C:09
Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612
Certificate serial: 01856E2FAF9A2625A087C49C46009FAD515C
Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/cym52i4XPCK4n99kwtQ7x8M3XAk.roa
Signing time: Sun 01 Jan 2023 16:34:56 +0000
ROA not before: Sun 01 Jan 2023 16:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15510
IP address blocks: 2a10:9903:101::/48 maxlen: 48
2a10:9903:110::/44 maxlen: 44
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:af:9a:26:25:a0:87:c4:9c:46:00:9f:ad:51:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612
Validity
Not Before: Jan 1 16:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7329b9da2e173c22b89fdf64c2d43bc7c3375c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:31:2d:bd:ef:9f:70:51:45:b8:b9:8d:53:9e:
51:77:73:1b:4b:8b:5c:8c:b7:ee:89:0d:56:21:d5:
de:62:58:22:79:89:a9:39:27:e6:ad:8a:ad:4c:d4:
4e:c8:5a:37:29:64:28:d9:93:85:b5:6c:a7:9a:4f:
ac:cc:58:8a:ca:d0:8d:66:d4:57:db:dc:f1:c1:08:
f1:10:c3:cf:ab:ed:d6:40:eb:4f:2b:38:fd:ab:c3:
d5:3b:10:ee:df:23:96:d1:2f:5c:71:87:df:86:05:
c8:b6:9d:fd:a1:f5:4b:24:dd:c9:77:d3:c3:be:c8:
c8:37:d4:05:67:56:0c:39:a7:da:47:e6:ce:d0:04:
9f:27:82:e1:f8:10:1e:ab:3c:80:08:86:1d:4f:ad:
9d:f7:a6:06:7e:7a:0b:85:6d:db:d0:df:ac:7e:24:
db:f3:1a:62:d9:b6:db:db:95:aa:77:62:0d:d9:38:
a6:3f:6b:24:60:fb:78:a1:e8:bc:35:78:63:3a:d2:
b0:bb:fe:d2:0f:8a:2b:da:6e:a6:a7:38:cd:b7:74:
45:cd:ee:51:9a:28:83:ac:00:5b:b5:3b:05:a6:a1:
89:3a:47:b7:8a:66:42:43:51:08:cd:aa:65:d7:2d:
13:cf:bb:f5:64:45:4b:f7:cc:3e:f6:8a:a1:d0:86:
32:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:29:B9:DA:2E:17:3C:22:B8:9F:DF:64:C2:D4:3B:C7:C3:37:5C:09
X509v3 Authority Key Identifier:
keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/cym52i4XPCK4n99kwtQ7x8M3XAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9903:101::/48
2a10:9903:110::/44
Signature Algorithm: sha256WithRSAEncryption
41:b0:d2:7e:fb:17:26:2d:19:ac:fd:7e:af:a8:57:5e:64:34:
1e:dd:12:d8:e9:34:ea:ea:1c:c5:56:eb:13:70:58:89:39:e8:
63:be:2a:3b:45:de:69:cb:4e:59:ee:bf:8d:c9:62:9e:81:f7:
65:28:73:6b:cd:ee:ad:a8:e5:90:ac:7d:50:0e:38:95:11:3a:
48:6d:7e:8a:e5:bb:9e:c2:12:69:25:93:fa:de:2c:08:93:cf:
c1:e5:c8:d7:be:d9:f0:5d:9f:1d:2d:e3:14:e1:a4:dd:f8:58:
52:f5:8d:a7:5c:7c:aa:b3:04:ec:54:df:35:ae:00:72:59:ad:
62:46:24:c3:e1:f4:3f:87:e8:32:9f:b8:3f:6a:a2:85:c6:68:
28:50:b1:b2:b3:9c:fa:43:aa:78:ed:68:14:b6:17:ce:20:d4:
e7:d4:ba:46:fe:7d:63:0a:ef:ff:6c:7a:50:25:f4:38:cd:dc:
da:9e:bb:31:f0:ac:c3:13:88:ee:f8:ff:fc:cf:68:df:c3:b1:
f4:60:fb:8f:fc:6d:98:17:d1:30:02:1d:8f:b7:dd:88:bd:10:
02:d1:7f:48:12:86:69:2f:28:56:62:27:a6:0d:86:aa:83:5a:
89:aa:84:74:d6:dd:08:94:01:fa:6c:33:ab:cd:3c:66:c0:a1:
70:1b:72:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuL6+aJiWgh8ScRgCfrVFcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0
MzI2MTIwHhcNMjMwMTAxMTYzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzI5YjlkYTJlMTczYzIyYjg5ZmRmNjRjMmQ0M2JjN2MzMzc1YzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jEtve+fcFFFuLmNU55Rd3MbS4tc
jLfuiQ1WIdXeYlgieYmpOSfmrYqtTNROyFo3KWQo2ZOFtWynmk+szFiKytCNZtRX
29zxwQjxEMPPq+3WQOtPKzj9q8PVOxDu3yOW0S9ccYffhgXItp39ofVLJN3Jd9PD
vsjIN9QFZ1YMOafaR+bO0ASfJ4Lh+BAeqzyACIYdT62d96YGfnoLhW3b0N+sfiTb
8xpi2bbb25Wqd2IN2TimP2skYPt4oei8NXhjOtKwu/7SD4or2m6mpzjNt3RFze5R
miiDrABbtTsFpqGJOke3imZCQ1EIzapl1y0Tz7v1ZEVL98w+9oqh0IYyhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHMpudouFzwiuJ/fZMLUO8fDN1wJMB8GA1UdIwQY
MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt
MmNkZTY1ZjMxMTJhLzEvY3ltNTJpNFhQQ0s0bjk5a3d0UTd4OE0zWEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh
LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKhCZAwEB
AwcEKhCZAwEQMA0GCSqGSIb3DQEBCwUAA4IBAQBBsNJ++xcmLRms/X6vqFdeZDQe
3RLY6TTq6hzFVusTcFiJOehjvio7Rd5py05Z7r+NyWKegfdlKHNrze6tqOWQrH1Q
DjiVETpIbX6K5buewhJpJZP63iwIk8/B5cjXvtnwXZ8dLeMU4aTd+FhS9Y2nXHyq
swTsVN81rgByWa1iRiTD4fQ/h+gyn7g/aqKFxmgoULGys5z6Q6p47WgUthfOINTn
1LpG/n1jCu//bHpQJfQ4zdzanrsx8KzDE4ju+P/8z2jfw7H0YPuP/G2YF9EwAh2P
t92IvRAC0X9IEoZpLyhWYiemDYaqg1qJqoR01t0IlAH6bDOrzTxmwKFwG3K/
-----END CERTIFICATE-----
Generated at Thu Sep 14 14:14:27 2023 by rpki-client on console-fra.rpki-client.org