Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/0QXmXxJnj7pvB61XjmfMr7mqyq8.roa
File: 0QXmXxJnj7pvB61XjmfMr7mqyq8.roa (raw, json)
Hash identifier: ot3Wt027W6soszzb2wYePdHGUshhkcokLbp1sfPkmyo=
Subject key identifier: D1:05:E6:5F:12:67:8F:BA:6F:07:AD:57:8E:67:CC:AF:B9:AA:CA:AF
Certificate issuer: /CN=37e751a11c1a7888fa58dbfc32c8959bc946303e
Certificate serial: 01904FBB036C2147DC5BC83741CF1674DD23
Authority key identifier: 37:E7:51:A1:1C:1A:78:88:FA:58:DB:FC:32:C8:95:9B:C9:46:30:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N-dRoRwaeIj6WNv8MsiVm8lGMD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/0QXmXxJnj7pvB61XjmfMr7mqyq8.roa
Signing time: Tue 25 Jun 2024 14:09:34 +0000
ROA not before: Tue 25 Jun 2024 14:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 2a10:9007::/32 maxlen: 32
2a10:9007::/48 maxlen: 48
2a10:9007:1::/48 maxlen: 48
2a10:9007:2::/48 maxlen: 48
2a10:9007:3::/48 maxlen: 48
2a10:9007:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Jun 2024 13:04:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4f:bb:03:6c:21:47:dc:5b:c8:37:41:cf:16:74:dd:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37e751a11c1a7888fa58dbfc32c8959bc946303e
Validity
Not Before: Jun 25 14:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d105e65f12678fba6f07ad578e67ccafb9aacaaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:dc:01:30:89:ee:de:a0:f6:6b:b1:e7:23:1e:
9a:0b:3d:21:a0:65:f4:62:46:67:8b:6b:ff:85:cb:
5d:43:07:5b:7c:2d:bf:eb:04:67:85:a9:68:8e:96:
65:36:6b:df:e6:2a:97:d0:81:fa:0d:d2:79:b6:aa:
21:d8:a7:5b:0b:a7:18:4b:e3:82:01:9f:cc:fc:2c:
39:64:3b:c2:27:cd:d6:e0:cf:b3:78:06:ad:22:95:
80:1b:50:b4:94:2a:04:8d:83:82:79:fa:37:08:87:
6e:03:2e:3d:2b:65:27:df:90:3a:76:8c:36:d4:7c:
99:e1:a0:32:8e:74:1a:14:41:fc:2f:a6:66:c6:8d:
8d:a8:e6:a7:b9:9d:ea:34:95:90:a1:a6:b3:14:42:
70:7e:a1:e3:5b:10:f2:72:39:ac:c1:76:53:9f:7a:
9d:21:c0:c7:9d:94:30:15:4f:6e:52:9a:3c:51:19:
df:1c:07:9e:0b:43:17:d0:38:c2:5c:9a:ae:43:8e:
87:5f:0a:46:c0:53:59:8b:f2:12:48:5e:8b:f9:dc:
b0:29:17:37:7d:34:f3:af:71:bb:e1:56:d7:f1:e7:
32:0f:d0:26:d9:9f:03:9f:76:3e:7e:57:13:6f:ed:
aa:19:7b:04:5d:95:ec:a3:60:60:a2:fe:37:da:f6:
f2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:05:E6:5F:12:67:8F:BA:6F:07:AD:57:8E:67:CC:AF:B9:AA:CA:AF
X509v3 Authority Key Identifier:
keyid:37:E7:51:A1:1C:1A:78:88:FA:58:DB:FC:32:C8:95:9B:C9:46:30:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N-dRoRwaeIj6WNv8MsiVm8lGMD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/0QXmXxJnj7pvB61XjmfMr7mqyq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/6b0344-8229-4d25-b498-8ce7c4fc5e0b/1/N-dRoRwaeIj6WNv8MsiVm8lGMD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9007::/32
Signature Algorithm: sha256WithRSAEncryption
59:3c:c0:7b:00:a5:ed:cb:38:a1:7c:d4:83:78:a0:93:52:3e:
f1:c8:00:db:4d:9c:9a:08:70:d4:f3:be:a0:aa:82:bf:60:e9:
21:93:be:4d:be:ed:6c:8d:93:3e:2d:23:cb:df:17:e3:9b:fd:
cd:9b:5a:d2:7f:0d:5d:eb:7a:cb:85:de:d2:fa:52:a7:49:46:
4e:6a:18:ef:b8:84:e5:4e:66:c0:bf:e5:58:e4:ae:06:34:5b:
b2:23:d7:df:ba:61:a0:cb:dc:c6:65:ef:51:19:15:17:ac:5e:
97:73:83:0e:e3:db:97:e5:3d:8a:65:ac:24:cd:d4:69:53:b1:
d2:59:ad:dc:01:37:de:56:fb:70:f9:e7:7f:38:5c:a3:f9:50:
b8:a5:13:b5:d1:47:17:d8:b5:2a:76:1b:81:21:a4:18:f4:9e:
91:2a:4e:80:23:43:ce:41:01:90:0b:1f:1d:52:07:1d:c7:47:
09:01:57:8c:02:f6:79:0e:c4:40:34:b8:d8:bf:15:c2:05:e6:
2d:9c:3f:2c:ea:55:8e:53:0f:da:cc:a9:46:30:36:94:de:64:
35:49:21:b3:5c:54:4c:90:37:64:58:90:0a:ae:a1:38:a9:49:
81:5e:ae:85:37:f6:09:fc:6d:67:c2:31:4a:fe:37:2b:13:c2:
fe:7e:15:b8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBPuwNsIUfcW8g3Qc8WdN0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZTc1MWExMWMxYTc4ODhmYTU4ZGJmYzMyYzg5NTliYzk0
NjMwM2UwHhcNMjQwNjI1MTQwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA1ZTY1ZjEyNjc4ZmJhNmYwN2FkNTc4ZTY3Y2NhZmI5YWFjYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9wBMInu3qD2a7HnIx6aCz0hoGX0
YkZni2v/hctdQwdbfC2/6wRnhalojpZlNmvf5iqX0IH6DdJ5tqoh2KdbC6cYS+OC
AZ/M/Cw5ZDvCJ83W4M+zeAatIpWAG1C0lCoEjYOCefo3CIduAy49K2Un35A6dow2
1HyZ4aAyjnQaFEH8L6Zmxo2NqOanuZ3qNJWQoaazFEJwfqHjWxDycjmswXZTn3qd
IcDHnZQwFU9uUpo8URnfHAeeC0MX0DjCXJquQ46HXwpGwFNZi/ISSF6L+dywKRc3
fTTzr3G74VbX8ecyD9Am2Z8Dn3Y+flcTb+2qGXsEXZXso2Bgov432vbyQwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNEF5l8SZ4+6bwetV45nzK+5qsqvMB8GA1UdIwQY
MBaAFDfnUaEcGniI+ljb/DLIlZvJRjA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTi1kUm9Sd2FlSWo2V052OE1zaVZtOGxHTUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS82YjAzNDQtODIyOS00ZDI1LWI0OTgt
OGNlN2M0ZmM1ZTBiLzEvMFFYbVh4Sm5qN3B2QjYxWGptZk1yN21xeXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS82YjAzNDQtODIyOS00ZDI1LWI0OTgtOGNlN2M0ZmM1ZTBi
LzEvTi1kUm9Sd2FlSWo2V052OE1zaVZtOGxHTUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhCQBzAN
BgkqhkiG9w0BAQsFAAOCAQEAWTzAewCl7cs4oXzUg3igk1I+8cgA202cmghw1PO+
oKqCv2DpIZO+Tb7tbI2TPi0jy98X45v9zZta0n8NXet6y4Xe0vpSp0lGTmoY77iE
5U5mwL/lWOSuBjRbsiPX37phoMvcxmXvURkVF6xel3ODDuPbl+U9imWsJM3UaVOx
0lmt3AE33lb7cPnnfzhco/lQuKUTtdFHF9i1KnYbgSGkGPSekSpOgCNDzkEBkAsf
HVIHHcdHCQFXjAL2eQ7EQDS42L8VwgXmLZw/LOpVjlMP2sypRjA2lN5kNUkhs1xU
TJA3ZFiQCq6hOKlJgV6uhTf2CfxtZ8IxSv43KxPC/n4VuA==
-----END CERTIFICATE-----
Generated at Wed Jun 26 19:05:28 2024 by rpki-client on console-fra.rpki-client.org