Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/g9yAy8dCDE0F8L2XltqUsDyZWXM.roa
File: g9yAy8dCDE0F8L2XltqUsDyZWXM.roa (raw, json)
Hash identifier: DwpAjWKBjt8Xyf89azp4+GRlIJdLTk/UBMT/Z9YCMJY=
Subject key identifier: 83:DC:80:CB:C7:42:0C:4D:05:F0:BD:97:96:DA:94:B0:3C:99:59:73
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01925E1861B085AC45D6E6832767EC2E13F0
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/g9yAy8dCDE0F8L2XltqUsDyZWXM.roa
Signing time: Sat 05 Oct 2024 19:11:49 +0000
ROA not before: Sat 05 Oct 2024 19:11:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215427
IP address blocks: 2a0e:a780::/29 maxlen: 29
2a10:9600::/29 maxlen: 29
2a11:ad80::/29 maxlen: 29
2a13:c0c0::/29 maxlen: 29
2a13:c140::/29 maxlen: 29
2a13:d240::/29 maxlen: 29
2a13:d2c0::/29 maxlen: 29
2a13:de40::/29 maxlen: 29
2a14:5740::/29 maxlen: 29
2a14:5840::/29 maxlen: 29
2a14:58c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 21 Oct 2024 20:41:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5e:18:61:b0:85:ac:45:d6:e6:83:27:67:ec:2e:13:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Oct 5 19:11:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83dc80cbc7420c4d05f0bd9796da94b03c995973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:53:5d:68:5b:05:99:e4:1d:9f:85:1d:40:27:
e2:3d:c0:ed:41:45:0c:51:c2:d9:a4:22:30:b2:b9:
96:82:e8:df:76:73:ff:35:bc:31:70:b3:4e:f1:c8:
7d:0f:74:f9:5b:c2:96:a7:f4:6e:42:e9:6f:5a:a2:
39:ad:15:87:86:4f:cf:c0:3d:ef:16:a5:8d:a7:e0:
41:87:7e:a2:06:2c:1a:97:81:5d:b7:6b:1a:8f:27:
d0:df:67:e5:c4:c7:1a:44:8c:ca:67:94:39:39:7f:
b0:1d:70:11:94:a3:a0:c3:55:c8:c5:a7:03:e4:67:
48:69:35:db:6b:76:2f:ac:00:8e:6a:8b:57:8e:51:
7b:01:4a:e9:6b:29:b3:21:02:6f:37:d0:85:1c:69:
6b:fa:90:6e:a7:d4:5d:19:b8:06:92:fb:34:c8:c9:
80:fd:3a:b0:8e:3e:3b:e7:65:23:f4:2c:48:a4:52:
28:27:d9:54:7b:df:e3:92:8d:9b:04:bf:ea:3e:25:
50:8c:a9:9a:ac:42:be:6e:58:18:5b:61:6c:12:f0:
6c:da:a6:36:b2:c1:df:ed:1d:44:f4:eb:58:c4:e4:
0f:d2:a2:ff:ee:50:e9:4d:d1:58:af:2b:85:e0:51:
26:39:86:4d:46:ec:df:3a:0c:d2:c2:2b:c1:04:8e:
93:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DC:80:CB:C7:42:0C:4D:05:F0:BD:97:96:DA:94:B0:3C:99:59:73
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/g9yAy8dCDE0F8L2XltqUsDyZWXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:a780::/29
2a10:9600::/29
2a11:ad80::/29
2a13:c0c0::/29
2a13:c140::/29
2a13:d240::/29
2a13:d2c0::/29
2a13:de40::/29
2a14:5740::/29
2a14:5840::/29
2a14:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
53:6f:18:17:c0:e5:1e:30:7b:cf:3f:91:69:86:94:36:55:fc:
f1:15:c0:1d:88:34:7a:8d:4c:b0:86:36:3e:f8:1e:c8:3b:87:
5e:9b:5e:58:b9:b8:7f:6d:76:39:a5:2d:cf:0a:85:c2:a0:83:
ac:b6:ec:8f:56:da:02:4b:3f:ee:cd:42:bd:31:d4:1c:b5:4c:
73:29:c6:71:67:e5:a6:e3:1c:b3:4b:3e:68:b7:9e:1a:d9:7f:
b2:1a:f0:73:96:9d:db:91:a9:e5:6d:17:ea:e6:93:b1:76:4d:
26:d6:67:04:fd:53:80:0a:1e:79:b3:9e:22:88:59:18:8e:81:
ba:97:07:af:3c:ad:c9:d0:dc:96:cd:1f:ec:b9:72:ee:b4:ff:
95:23:ff:55:7f:90:7c:db:53:09:18:29:ce:98:3a:04:b9:02:
3b:3a:c4:37:6b:cd:aa:cf:6f:76:f5:e8:72:c7:cc:fb:6f:1a:
55:f9:0f:8e:46:d4:f5:12:aa:c9:99:9d:c5:e2:5f:e1:0c:a3:
4e:1e:1c:21:f1:de:aa:5d:4c:eb:39:93:59:b3:21:ef:1e:1a:
05:41:25:4e:e2:46:72:de:14:49:fa:07:fa:3c:4a:6c:43:26:
07:45:75:7f:d0:60:71:d6:2c:b0:1c:81:d9:2e:0a:08:29:59:
c4:ab:b9:a2
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZJeGGGwhaxF1uaDJ2fsLhPwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMDA1MTkxMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2RjODBjYmM3NDIwYzRkMDVmMGJkOTc5NmRhOTRiMDNjOTk1OTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFNdaFsFmeQdn4UdQCfiPcDtQUUM
UcLZpCIwsrmWgujfdnP/NbwxcLNO8ch9D3T5W8KWp/RuQulvWqI5rRWHhk/PwD3v
FqWNp+BBh36iBiwal4Fdt2sajyfQ32flxMcaRIzKZ5Q5OX+wHXARlKOgw1XIxacD
5GdIaTXba3YvrACOaotXjlF7AUrpaymzIQJvN9CFHGlr+pBup9RdGbgGkvs0yMmA
/Tqwjj4752Uj9CxIpFIoJ9lUe9/jko2bBL/qPiVQjKmarEK+blgYW2FsEvBs2qY2
ssHf7R1E9OtYxOQP0qL/7lDpTdFYryuF4FEmOYZNRuzfOgzSwivBBI6TTQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFIPcgMvHQgxNBfC9l5balLA8mVlzMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvZzl5QXk4ZENERTBGOEwyWGx0cVVzRHlaV1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDKg6ngAMF
AyoQlgADBQMqEa2AAwUDKhPAwAMFAyoTwUADBQMqE9JAAwUDKhPSwAMFAyoT3kAD
BQMqFFdAAwUDKhRYQAMFAyoUWMAwDQYJKoZIhvcNAQELBQADggEBAFNvGBfA5R4w
e88/kWmGlDZV/PEVwB2INHqNTLCGNj74Hsg7h16bXli5uH9tdjmlLc8KhcKgg6y2
7I9W2gJLP+7NQr0x1By1THMpxnFn5abjHLNLPmi3nhrZf7Ia8HOWnduRqeVtF+rm
k7F2TSbWZwT9U4AKHnmzniKIWRiOgbqXB688rcnQ3JbNH+y5cu60/5Uj/1V/kHzb
UwkYKc6YOgS5Ajs6xDdrzarPb3b16HLHzPtvGlX5D45G1PUSqsmZncXiX+EMo04e
HCHx3qpdTOs5k1mzIe8eGgVBJU7iRnLeFEn6B/o8SmxDJgdFdX/QYHHWLLAcgdku
CggpWcSruaI=
-----END CERTIFICATE-----
Generated at Tue Oct 22 00:10:52 2024 by rpki-client on console-ams.rpki-client.org