Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/I0NPopa-GH8x_6VUlQMJ1wUFbrg.roa
File: I0NPopa-GH8x_6VUlQMJ1wUFbrg.roa (raw, json)
Hash identifier: HO3530hrRhuwjWYNZlbGpQ+fRnHipq3VdY73hzEBgCc=
Subject key identifier: 23:43:4F:A2:96:BE:18:7F:31:FF:A5:54:95:03:09:D7:05:05:6E:B8
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01931D2082B13221CDCFA670A9C1EF239FA3
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/I0NPopa-GH8x_6VUlQMJ1wUFbrg.roa
Signing time: Mon 11 Nov 2024 21:28:09 +0000
ROA not before: Mon 11 Nov 2024 21:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213885
IP address blocks: 2a14:6b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 12 Nov 2024 21:19:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1d:20:82:b1:32:21:cd:cf:a6:70:a9:c1:ef:23:9f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Nov 11 21:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23434fa296be187f31ffa554950309d705056eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:05:c0:47:b4:f9:14:c3:54:e4:8b:a1:0a:0a:
dc:fc:ac:9b:b4:28:a8:e5:e0:cf:40:8d:a3:79:6e:
9f:35:75:cd:34:9a:fa:7a:58:25:91:a1:02:04:50:
42:26:65:a9:3c:50:db:05:aa:54:66:f5:73:2d:2b:
2b:71:81:10:2d:c6:02:d4:63:66:ae:b2:5c:5e:0c:
55:33:1e:a2:f9:76:dc:a9:50:f0:c0:8b:e6:87:5b:
56:bd:27:e4:7f:61:fd:c7:7c:bb:4c:8e:b3:51:27:
52:da:57:b2:28:16:c8:d5:25:2a:ec:98:85:26:92:
7d:46:c0:da:bc:2f:bb:b0:4f:d4:ca:33:a3:23:c8:
6a:bb:91:e5:e4:94:6a:81:e8:59:a9:7b:b4:eb:fc:
9c:e0:7b:6b:03:87:16:43:ba:0c:2c:e1:cb:52:a2:
d4:43:0b:cf:65:40:0a:cf:16:17:1c:82:1c:8e:9e:
4c:29:f5:11:64:cd:0c:db:97:fb:80:d9:ba:44:26:
bd:e1:e9:8e:c1:ea:3e:47:ac:2f:30:41:77:3a:5e:
f2:32:7b:96:8e:57:59:8a:34:8b:7f:ad:cd:c1:15:
c2:1c:c8:b8:39:49:7b:b1:56:56:e2:e1:c9:7f:38:
9d:17:c5:4e:84:ae:c3:8a:13:77:61:e8:6c:5a:2f:
8f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:43:4F:A2:96:BE:18:7F:31:FF:A5:54:95:03:09:D7:05:05:6E:B8
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/I0NPopa-GH8x_6VUlQMJ1wUFbrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
1e:70:77:54:c0:60:ab:fd:11:91:ca:9a:cd:64:d7:33:07:35:
f0:49:cf:f1:de:62:86:82:c6:54:da:2e:9f:99:f3:70:7e:bd:
07:ad:b2:20:f2:07:59:aa:a9:6b:59:4f:d8:c7:7f:d9:8a:b0:
61:96:da:89:3b:ee:f4:38:6a:d0:d0:f5:1e:0c:dc:3f:c1:50:
46:52:09:00:7b:9d:89:ef:22:86:8b:30:88:80:73:04:e7:5c:
79:aa:77:ec:b6:fc:9e:59:92:6a:a0:e0:a2:27:16:6d:f9:57:
65:60:78:56:40:12:a4:a6:28:37:6d:3b:f0:3a:22:9b:da:7c:
e5:5f:a8:d7:54:b8:24:b2:1f:61:5c:28:2a:fb:38:ce:cf:05:
5d:36:dd:3e:1c:40:42:af:1f:e8:51:e8:0b:f8:9f:1a:d4:da:
e9:83:6f:4a:1a:22:ea:0f:b8:50:8b:29:53:ae:90:1a:94:14:
6e:cd:44:ad:bb:cb:7e:8c:71:49:de:46:c9:73:6e:86:b9:31:
8e:8d:4f:ab:89:9b:69:ae:24:7f:b7:af:a7:ec:21:b7:d7:b0:
21:73:5e:4e:c2:42:ff:fe:9f:96:a4:6b:c4:02:67:32:5c:9f:
2b:2a:12:23:1f:e4:dc:2a:7e:5c:a5:25:dc:e1:f7:e9:42:0a:
b4:3b:f9:03
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZMdIIKxMiHNz6ZwqcHvI5+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMTExMjEyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQzNGZhMjk2YmUxODdmMzFmZmE1NTQ5NTAzMDlkNzA1MDU2ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAXAR7T5FMNU5IuhCgrc/KybtCio
5eDPQI2jeW6fNXXNNJr6elglkaECBFBCJmWpPFDbBapUZvVzLSsrcYEQLcYC1GNm
rrJcXgxVMx6i+XbcqVDwwIvmh1tWvSfkf2H9x3y7TI6zUSdS2leyKBbI1SUq7JiF
JpJ9RsDavC+7sE/UyjOjI8hqu5Hl5JRqgehZqXu06/yc4HtrA4cWQ7oMLOHLUqLU
QwvPZUAKzxYXHIIcjp5MKfURZM0M25f7gNm6RCa94emOweo+R6wvMEF3Ol7yMnuW
jldZijSLf63NwRXCHMi4OUl7sVZW4uHJfzidF8VOhK7DihN3YehsWi+PPQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCNDT6KWvhh/Mf+lVJUDCdcFBW64MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvSTBOUG9wYS1HSDh4XzZWVWxRTUoxd1VGYnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRrQDAN
BgkqhkiG9w0BAQsFAAOCAQEAHnB3VMBgq/0RkcqazWTXMwc18EnP8d5ihoLGVNou
n5nzcH69B62yIPIHWaqpa1lP2Md/2YqwYZbaiTvu9Dhq0ND1HgzcP8FQRlIJAHud
ie8ihoswiIBzBOdceap37Lb8nlmSaqDgoicWbflXZWB4VkASpKYoN2078Doim9p8
5V+o11S4JLIfYVwoKvs4zs8FXTbdPhxAQq8f6FHoC/ifGtTa6YNvShoi6g+4UIsp
U66QGpQUbs1ErbvLfoxxSd5GyXNuhrkxjo1Pq4mbaa4kf7evp+wht9ewIXNeTsJC
//6flqRrxAJnMlyfKyoSIx/k3Cp+XKUl3OH36UIKtDv5Aw==
-----END CERTIFICATE-----
Generated at Tue Nov 12 23:40:51 2024 by rpki-client on console-ams.rpki-client.org