Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/12lel2t-blf96QwYaXYEMyFeBOY.roa
File: 12lel2t-blf96QwYaXYEMyFeBOY.roa (raw, json)
Hash identifier: fzTAWSsJJmKZ2GMVjK8Sw4/wTLlFZmGaVemwt60KD80=
Subject key identifier: D7:69:5E:97:6B:7E:6E:57:FD:E9:0C:18:69:76:04:33:21:5E:04:E6
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019355798FBC9B62B6494A15B8A8F6534536
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/12lel2t-blf96QwYaXYEMyFeBOY.roa
Signing time: Fri 22 Nov 2024 20:04:10 +0000
ROA not before: Fri 22 Nov 2024 20:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a10:6c40::/29 maxlen: 29
2a10:9600::/29 maxlen: 29
2a13:8000::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 07 Dec 2024 19:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:79:8f:bc:9b:62:b6:49:4a:15:b8:a8:f6:53:45:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Nov 22 20:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7695e976b7e6e57fde90c1869760433215e04e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4a:77:d3:dd:72:14:77:73:79:50:65:c5:00:
68:00:ca:92:09:c8:93:dc:ce:a2:25:aa:b5:40:7d:
e5:2d:84:8d:62:5d:18:59:52:ec:7d:94:6b:b7:c2:
78:22:77:1d:c7:a4:11:18:06:17:fb:61:8c:ab:b3:
86:07:2c:69:2e:12:39:8e:ba:21:bd:45:cd:39:0b:
b6:4b:fe:f0:9e:bf:aa:47:b7:d7:02:f0:cc:79:1b:
ec:b4:ad:98:2c:0f:48:a6:42:cf:e8:55:d4:28:1f:
75:0b:2a:32:e2:56:d1:bb:3a:27:4b:c8:7a:b3:8f:
61:98:d8:39:e3:ca:f1:bd:20:50:03:a3:ef:cb:20:
cf:0c:09:04:59:68:3f:c7:20:e3:27:6a:82:57:f9:
ca:84:7c:fc:c6:a1:3b:9f:c4:97:b5:21:72:77:17:
ba:a5:d2:90:f2:bc:fa:19:31:95:31:4d:21:5e:d9:
f4:5f:f6:27:d8:c0:ef:c5:4c:89:cf:fa:37:c1:d9:
4f:e7:98:2e:da:18:85:cf:6c:be:e6:b5:de:53:45:
eb:a5:75:b0:91:b1:19:d4:59:bc:38:11:f7:d3:2d:
f5:2f:f7:5c:4c:a9:36:4d:e3:70:57:e1:72:a0:d1:
41:69:bc:05:59:e7:5c:e1:2a:3c:73:47:15:8b:62:
4a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:69:5E:97:6B:7E:6E:57:FD:E9:0C:18:69:76:04:33:21:5E:04:E6
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/12lel2t-blf96QwYaXYEMyFeBOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:6c40::/29
2a10:9600::/29
2a13:8000::/29
Signature Algorithm: sha256WithRSAEncryption
40:b4:c2:81:4d:9b:4a:23:03:85:50:d8:0b:4b:12:1a:ce:a8:
64:d4:66:ce:01:c0:d3:d5:ec:6d:7d:46:b3:bd:93:10:a6:a2:
52:ea:f0:f9:d4:b6:5a:a4:65:fc:25:12:2f:7d:41:25:67:81:
13:35:ea:df:2f:88:da:18:c8:a4:d6:88:e8:6d:36:2c:66:90:
56:6e:21:94:d9:a6:49:fd:fe:7a:01:37:94:34:7c:02:92:2b:
17:14:70:e5:ce:a7:04:cd:43:b1:f7:84:67:f9:05:01:67:ab:
37:b2:5b:de:16:2f:c6:1c:3a:d1:b0:e1:da:71:e1:1c:c6:6e:
7f:da:09:7c:5f:46:32:38:da:7e:46:dd:58:ce:97:a2:9b:c7:
eb:f0:d4:91:ea:fd:2d:56:ed:4e:99:87:58:33:47:52:2b:25:
2a:0d:d4:a9:2a:b5:86:91:b7:a7:11:86:4b:bf:65:f7:79:da:
8c:89:cc:09:81:b2:bf:a4:45:51:f1:50:26:b7:08:20:a5:b7:
91:6e:30:9f:43:27:68:f9:30:e0:20:13:c1:0d:81:8d:c4:40:
a5:ec:3e:88:e8:2c:69:c5:57:c0:0a:77:bb:0a:82:c1:1b:22:
75:60:09:60:f8:9c:49:94:35:d7:4e:d9:87:02:27:08:61:32:
04:5e:8f:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNVeY+8m2K2SUoVuKj2U0U2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMTIyMjAwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzY5NWU5NzZiN2U2ZTU3ZmRlOTBjMTg2OTc2MDQzMzIxNWUwNGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUp3091yFHdzeVBlxQBoAMqSCciT
3M6iJaq1QH3lLYSNYl0YWVLsfZRrt8J4Incdx6QRGAYX+2GMq7OGByxpLhI5jroh
vUXNOQu2S/7wnr+qR7fXAvDMeRvstK2YLA9IpkLP6FXUKB91Cyoy4lbRuzonS8h6
s49hmNg548rxvSBQA6PvyyDPDAkEWWg/xyDjJ2qCV/nKhHz8xqE7n8SXtSFydxe6
pdKQ8rz6GTGVMU0hXtn0X/Yn2MDvxUyJz/o3wdlP55gu2hiFz2y+5rXeU0XrpXWw
kbEZ1Fm8OBH30y31L/dcTKk2TeNwV+FyoNFBabwFWedc4So8c0cVi2JKNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNdpXpdrfm5X/ekMGGl2BDMhXgTmMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvMTJsZWwydC1ibGY5NlF3WWFYWUVNeUZlQk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKhBsQAMF
AyoQlgADBQMqE4AAMA0GCSqGSIb3DQEBCwUAA4IBAQBAtMKBTZtKIwOFUNgLSxIa
zqhk1GbOAcDT1extfUazvZMQpqJS6vD51LZapGX8JRIvfUElZ4ETNerfL4jaGMik
1ojobTYsZpBWbiGU2aZJ/f56ATeUNHwCkisXFHDlzqcEzUOx94Rn+QUBZ6s3slve
Fi/GHDrRsOHaceEcxm5/2gl8X0YyONp+Rt1Yzpeim8fr8NSR6v0tVu1OmYdYM0dS
KyUqDdSpKrWGkbenEYZLv2X3edqMicwJgbK/pEVR8VAmtwggpbeRbjCfQydo+TDg
IBPBDYGNxECl7D6I6CxpxVfACne7CoLBGyJ1YAlg+JxJlDXXTtmHAicIYTIEXo9S
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:24:53 2025 by rpki-client