Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/z10qvFIgKxQXc_1VRXzQlfDT9ww.roa
File: z10qvFIgKxQXc_1VRXzQlfDT9ww.roa (raw, json)
Hash identifier: IyaXBTDv1UjH/98CWxLvyFgQRnuTF59ljVa0zgBZeDI=
Subject key identifier: CF:5D:2A:BC:52:20:2B:14:17:73:FD:55:45:7C:D0:95:F0:D3:F7:0C
Certificate issuer: /CN=8e3f1663996be1707611fdce1ddea8920dd398a3
Certificate serial: 01930E8D9B5A0C06B9E996B1732FA6500C00
Authority key identifier: 8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/z10qvFIgKxQXc_1VRXzQlfDT9ww.roa
Signing time: Sat 09 Nov 2024 01:33:01 +0000
ROA not before: Sat 09 Nov 2024 01:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a01:e300::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0e:8d:9b:5a:0c:06:b9:e9:96:b1:73:2f:a6:50:0c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e3f1663996be1707611fdce1ddea8920dd398a3
Validity
Not Before: Nov 9 01:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf5d2abc52202b141773fd55457cd095f0d3f70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:33:ed:50:b8:ec:7c:e8:b4:57:9b:05:79:5a:
06:1b:55:62:9c:4d:c0:a5:02:33:96:78:ca:c4:fe:
02:e9:68:5d:77:e5:fc:7a:59:dd:9e:53:84:09:a6:
c3:02:94:e4:02:db:86:07:61:9a:5b:01:d2:2d:02:
d3:ac:ec:c2:4c:d8:5a:af:c4:e4:88:18:2b:01:50:
57:9e:cb:23:b2:aa:b1:b7:35:d7:6e:ba:93:f3:09:
36:57:94:26:7e:fc:80:74:44:3f:f7:67:89:98:87:
b6:15:2c:d4:35:96:c4:9e:3c:eb:ec:36:3f:e7:e2:
81:61:a3:19:f6:3c:16:85:81:01:a4:83:44:71:bb:
94:bd:72:e1:a9:f3:e8:e3:32:2b:d3:b5:84:82:e8:
7d:5a:80:c1:b2:80:a2:a3:24:9f:46:9e:6b:cb:ae:
e3:ae:d7:f9:1c:91:13:21:73:20:d7:e6:3d:b2:3c:
62:49:c5:55:87:26:53:20:5a:fc:a3:7b:ba:2d:df:
90:72:13:38:ef:1f:91:27:2b:ef:81:84:6b:ad:0e:
30:be:25:b4:ef:e4:f8:3e:d0:98:5d:b1:7c:2f:cb:
db:74:e2:c1:46:1d:80:a1:8e:ef:74:75:0f:35:1d:
f4:4c:37:fe:3b:59:d3:11:90:55:9d:12:7f:58:6a:
bf:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5D:2A:BC:52:20:2B:14:17:73:FD:55:45:7C:D0:95:F0:D3:F7:0C
X509v3 Authority Key Identifier:
keyid:8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/z10qvFIgKxQXc_1VRXzQlfDT9ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e300::/29
Signature Algorithm: sha256WithRSAEncryption
eb:e0:69:5d:d4:39:6a:0b:59:dc:2c:f9:22:79:77:e3:9b:71:
8d:71:6d:75:7f:c5:29:a6:48:69:8f:b1:1e:57:a2:fb:19:f7:
a1:9b:7c:37:e8:8c:34:a9:38:32:17:46:b4:67:c2:0d:b3:99:
55:7a:11:95:58:55:8d:a0:1e:33:d7:bc:41:b1:87:6f:19:62:
c0:06:bd:20:d1:05:72:ef:aa:1f:71:3b:e4:bc:c5:1a:9e:ea:
f1:dd:00:5a:aa:7f:77:41:ba:8b:f0:2d:94:aa:b4:d2:8f:96:
b1:0e:87:9e:bd:3e:31:0b:d6:b2:46:ce:e6:b2:1e:c9:40:12:
88:71:cb:b2:e5:d4:63:54:de:69:29:6d:6f:7e:99:f9:f5:64:
31:67:e7:2e:a9:a6:1a:fa:c5:ae:50:bf:2c:02:a7:84:48:77:
39:58:1e:52:ae:ca:49:0a:53:8f:de:41:5f:b6:fd:a3:4c:38:
f8:ae:42:0c:27:c6:bb:a5:f7:98:bd:d5:3e:db:0d:ae:f0:86:
05:13:9b:63:9b:37:3a:81:04:68:78:a8:6c:f2:64:e1:9d:33:
fc:0c:a4:40:ea:67:b2:04:3c:94:40:1b:1f:6b:16:cf:bc:c6:
6d:91:03:f6:51:b1:29:e0:60:b4:87:6a:2d:55:b4:98:e7:9e:
d2:49:6c:11
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMOjZtaDAa56Zaxcy+mUAwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlM2YxNjYzOTk2YmUxNzA3NjExZmRjZTFkZGVhODkyMGRk
Mzk4YTMwHhcNMjQxMTA5MDEzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjVkMmFiYzUyMjAyYjE0MTc3M2ZkNTU0NTdjZDA5NWYwZDNmNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzPtULjsfOi0V5sFeVoGG1VinE3A
pQIzlnjKxP4C6Whdd+X8elndnlOECabDApTkAtuGB2GaWwHSLQLTrOzCTNhar8Tk
iBgrAVBXnssjsqqxtzXXbrqT8wk2V5QmfvyAdEQ/92eJmIe2FSzUNZbEnjzr7DY/
5+KBYaMZ9jwWhYEBpINEcbuUvXLhqfPo4zIr07WEguh9WoDBsoCioySfRp5ry67j
rtf5HJETIXMg1+Y9sjxiScVVhyZTIFr8o3u6Ld+QchM47x+RJyvvgYRrrQ4wviW0
7+T4PtCYXbF8L8vbdOLBRh2AoY7vdHUPNR30TDf+O1nTEZBVnRJ/WGq/xQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM9dKrxSICsUF3P9VUV80JXw0/cMMB8GA1UdIwQY
MBaAFI4/FmOZa+FwdhH9zh3eqJIN05ijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzkt
YzhmOWJlN2QxOWRmLzEvejEwcXZGSWdLeFFYY18xVlJYelFsZkRUOXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzktYzhmOWJlN2QxOWRm
LzEvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgHjADAN
BgkqhkiG9w0BAQsFAAOCAQEA6+BpXdQ5agtZ3Cz5Inl345txjXFtdX/FKaZIaY+x
Hlei+xn3oZt8N+iMNKk4MhdGtGfCDbOZVXoRlVhVjaAeM9e8QbGHbxliwAa9INEF
cu+qH3E75LzFGp7q8d0AWqp/d0G6i/AtlKq00o+WsQ6Hnr0+MQvWskbO5rIeyUAS
iHHLsuXUY1TeaSltb36Z+fVkMWfnLqmmGvrFrlC/LAKnhEh3OVgeUq7KSQpTj95B
X7b9o0w4+K5CDCfGu6X3mL3VPtsNrvCGBRObY5s3OoEEaHiobPJk4Z0z/AykQOpn
sgQ8lEAbH2sWz7zGbZED9lGxKeBgtIdqLVW0mOee0klsEQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:37 2025 by rpki-client