Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ITLbbhhWUXIws7FZEvsuNxT5iK0.roa
File: ITLbbhhWUXIws7FZEvsuNxT5iK0.roa (raw, json)
Hash identifier: qqqz8uHiBs3UtJP4Qxqodku/dK/6ashy/ZERfTSIsGs=
Subject key identifier: 21:32:DB:6E:18:56:51:72:30:B3:B1:59:12:FB:2E:37:14:F9:88:AD
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0193FD7230A4F5CD4BA157389C85EBF52797
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ITLbbhhWUXIws7FZEvsuNxT5iK0.roa
Signing time: Wed 25 Dec 2024 10:52:19 +0000
ROA not before: Wed 25 Dec 2024 10:52:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2a10:6c40::/29 maxlen: 29
2a10:9600::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fd:72:30:a4:f5:cd:4b:a1:57:38:9c:85:eb:f5:27:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Dec 25 10:52:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2132db6e1856517230b3b15912fb2e3714f988ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:19:4c:1a:08:4c:b9:42:4c:75:85:44:d9:1d:
c4:2d:f6:8f:b4:d7:08:f9:27:cd:ec:16:55:ca:5d:
1e:33:b2:23:1e:14:38:39:ee:fe:04:24:b4:1a:27:
ff:ef:92:81:2a:ef:f2:ff:c8:d4:0c:65:0a:b2:9f:
e1:c1:7d:4e:cb:f3:81:95:ec:d3:8d:5f:42:62:2e:
97:cf:a1:aa:07:8b:43:f3:89:e7:b1:73:11:d7:6e:
a2:cf:7b:f7:9a:24:53:24:1c:9b:53:c8:99:9a:de:
33:f4:93:33:b2:d3:08:6b:8f:33:cc:8a:08:f5:8c:
37:6c:b6:e7:39:13:c9:23:d4:9b:95:c0:8d:c5:a5:
d2:d1:d1:5d:55:4e:e3:3f:d5:06:01:c3:45:e2:a8:
a9:34:42:06:21:67:b0:c9:64:bb:7d:7a:08:64:c2:
08:05:7a:26:9e:62:86:e6:a6:7a:54:53:7d:ea:13:
a8:a2:ac:56:74:d1:9e:b6:d1:75:99:50:74:53:18:
55:50:09:ab:4d:dc:88:21:3b:d7:7d:72:fa:2a:f4:
58:ed:37:13:f2:ab:81:30:86:5f:a3:4d:dd:d9:ea:
41:9f:8b:e7:b0:4e:b3:33:68:38:23:20:aa:84:d9:
fb:d7:3b:2d:da:a1:0c:4a:d5:16:ee:d6:66:bb:cc:
f9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:32:DB:6E:18:56:51:72:30:B3:B1:59:12:FB:2E:37:14:F9:88:AD
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ITLbbhhWUXIws7FZEvsuNxT5iK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:6c40::/29
2a10:9600::/29
Signature Algorithm: sha256WithRSAEncryption
47:23:42:b4:1d:5d:00:6e:66:cf:80:83:78:a5:1c:4d:3e:b9:
14:56:9f:a6:9f:28:40:17:4a:e1:c3:1e:8c:07:b0:2d:d9:4b:
08:44:75:79:b0:8c:f3:f5:d9:8e:77:8a:ed:34:21:95:6a:2e:
51:93:f3:33:79:25:11:a8:07:8c:07:f1:a2:e1:d2:77:4d:0c:
37:36:78:01:d7:64:71:36:15:bd:26:5d:6c:56:c0:b6:39:4d:
86:cb:ce:43:19:2e:1e:4e:26:10:28:82:61:7b:45:46:5a:a0:
88:1d:bd:84:63:4d:4c:eb:d0:5f:c1:89:82:84:25:53:2f:80:
62:ca:37:15:e8:3d:0d:45:cd:f6:c6:4c:b8:6d:6d:ca:53:2e:
fa:e6:db:07:be:54:12:42:db:d5:25:f2:5e:70:0b:96:d5:d7:
73:c3:b1:6b:b7:a5:76:74:f3:03:88:ac:0f:83:94:0d:50:2c:
a0:53:1b:b3:68:ea:09:42:bd:a7:ed:16:43:b3:6a:e9:2e:bc:
7d:4e:56:af:52:ce:18:65:85:52:bc:67:6e:ad:b2:1a:46:de:
6a:3a:fe:c2:a6:49:00:08:70:55:2c:86:37:d8:81:f7:44:ff:
f1:2b:91:f5:fb:a8:d0:27:bf:bf:db:f1:0e:5e:49:34:73:43:
9d:9c:24:fa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZP9cjCk9c1LoVc4nIXr9SeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMjI1MTA1MjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTMyZGI2ZTE4NTY1MTcyMzBiM2IxNTkxMmZiMmUzNzE0Zjk4OGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBlMGghMuUJMdYVE2R3ELfaPtNcI
+SfN7BZVyl0eM7IjHhQ4Oe7+BCS0Gif/75KBKu/y/8jUDGUKsp/hwX1Oy/OBlezT
jV9CYi6Xz6GqB4tD84nnsXMR126iz3v3miRTJBybU8iZmt4z9JMzstMIa48zzIoI
9Yw3bLbnORPJI9SblcCNxaXS0dFdVU7jP9UGAcNF4qipNEIGIWewyWS7fXoIZMII
BXomnmKG5qZ6VFN96hOooqxWdNGettF1mVB0UxhVUAmrTdyIITvXfXL6KvRY7TcT
8quBMIZfo03d2epBn4vnsE6zM2g4IyCqhNn71zst2qEMStUW7tZmu8z5fQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCEy224YVlFyMLOxWRL7LjcU+YitMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvSVRMYmJoaFdVWEl3czdGWkV2c3VOeFQ1aUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhBsQAMF
AyoQlgAwDQYJKoZIhvcNAQELBQADggEBAEcjQrQdXQBuZs+Ag3ilHE0+uRRWn6af
KEAXSuHDHowHsC3ZSwhEdXmwjPP12Y53iu00IZVqLlGT8zN5JRGoB4wH8aLh0ndN
DDc2eAHXZHE2Fb0mXWxWwLY5TYbLzkMZLh5OJhAogmF7RUZaoIgdvYRjTUzr0F/B
iYKEJVMvgGLKNxXoPQ1FzfbGTLhtbcpTLvrm2we+VBJC29Ul8l5wC5bV13PDsWu3
pXZ08wOIrA+DlA1QLKBTG7No6glCvaftFkOzaukuvH1OVq9SzhhlhVK8Z26tshpG
3mo6/sKmSQAIcFUshjfYgfdE//ErkfX7qNAnv7/b8Q5eSTRzQ52cJPo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:57:53 2025 by rpki-client