Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/pJxzYm4p1929BU4YpF5R9CCcSww.roa
File: pJxzYm4p1929BU4YpF5R9CCcSww.roa (raw, json)
Hash identifier: VyM8OWNXaEH/oo1AlEjjNHPrpYxYn1BvagpowLddAUU=
Subject key identifier: A4:9C:73:62:6E:29:D7:DD:BD:05:4E:18:A4:5E:51:F4:20:9C:4B:0C
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0192B0D00A908E6082DB2BB78FCC0B5B865B
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/pJxzYm4p1929BU4YpF5R9CCcSww.roa
Signing time: Mon 21 Oct 2024 20:41:17 +0000
ROA not before: Mon 21 Oct 2024 20:41:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215210
IP address blocks: 2a10:9600::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 22 Nov 2024 20:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b0:d0:0a:90:8e:60:82:db:2b:b7:8f:cc:0b:5b:86:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Oct 21 20:41:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a49c73626e29d7ddbd054e18a45e51f4209c4b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:67:96:42:1e:b5:fa:31:1e:e6:78:63:4b:08:
63:5b:8c:74:90:73:71:12:72:e6:86:b2:19:87:13:
19:e5:82:7c:5c:18:19:25:2c:9a:c6:1c:dc:69:68:
d5:0c:f8:e3:e3:cb:9b:e7:51:b6:19:d3:79:73:eb:
ee:24:a1:b5:bd:bf:08:4e:33:06:cf:5c:28:d5:29:
29:a0:cd:2d:89:29:94:ac:46:9b:8a:d5:f0:12:50:
e6:79:d7:31:29:c7:7e:96:2b:78:76:a1:49:1c:32:
72:17:7a:07:40:71:21:f8:46:14:f0:8d:13:e6:c1:
ae:aa:08:07:fc:96:33:98:f0:20:13:b4:f6:3a:b9:
fa:23:db:00:1b:3a:82:54:c4:05:9c:f2:54:f0:9f:
18:4b:af:04:e2:ca:8c:28:f2:36:c0:84:45:7e:de:
6f:3f:18:b5:bd:7b:c3:33:f7:65:c7:93:e5:a2:bb:
5b:cc:69:d4:1a:7a:cb:b4:b5:be:a2:95:18:1f:9a:
44:4e:c0:86:c7:16:4e:49:fd:0e:51:c9:13:df:1e:
10:ca:2c:43:24:a7:ed:1a:ac:d9:94:71:04:74:28:
6e:dc:80:36:c3:e1:5d:a6:a8:a2:b2:91:73:83:85:
97:aa:91:f1:c7:63:e6:32:24:ad:49:2c:83:8d:50:
67:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9C:73:62:6E:29:D7:DD:BD:05:4E:18:A4:5E:51:F4:20:9C:4B:0C
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/pJxzYm4p1929BU4YpF5R9CCcSww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9600::/29
Signature Algorithm: sha256WithRSAEncryption
34:75:f4:e2:b8:89:20:ad:fc:75:3e:c1:21:89:55:21:4c:7d:
ed:82:7c:75:4f:2c:7b:7f:e5:d1:db:bf:d4:53:b3:d7:7c:d0:
09:06:e1:cd:2b:29:fc:a4:d3:61:12:b6:6a:d1:ad:ed:cb:c9:
66:21:d8:9c:2f:1e:53:33:0f:5c:ac:2f:57:4e:a6:13:be:b0:
20:a0:b7:64:42:55:a9:36:09:14:18:12:ec:ec:9c:c1:c4:32:
3d:73:a3:98:14:95:13:d7:3c:49:63:15:0c:52:94:66:f0:ae:
b7:df:36:1b:88:ba:76:43:fb:df:61:18:08:72:08:28:42:fa:
6d:28:e0:6b:60:65:82:69:fb:c1:9c:7b:d3:a2:33:ee:c9:cd:
74:af:71:fa:d1:79:c8:20:38:4d:ea:4a:51:99:6c:8f:e7:e4:
8c:9c:d8:88:73:4a:fe:cc:94:95:7c:7f:f0:7a:1c:e6:d2:a3:
fd:ef:7a:2b:f2:1e:96:fb:7b:46:7a:52:6d:3e:a5:63:5a:61:
9a:41:7d:86:64:24:96:32:8a:41:e5:5e:fc:15:74:92:a4:55:
5b:2a:11:d8:59:0e:ee:7b:27:19:9e:d1:5e:7a:36:30:0f:f8:
b4:70:ab:41:c3:2e:28:d6:16:48:37:e3:9a:08:0c:7b:e3:6b:
a2:f0:cb:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZKw0AqQjmCC2yu3j8wLW4ZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMDIxMjA0MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDljNzM2MjZlMjlkN2RkYmQwNTRlMThhNDVlNTFmNDIwOWM0YjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomeWQh61+jEe5nhjSwhjW4x0kHNx
EnLmhrIZhxMZ5YJ8XBgZJSyaxhzcaWjVDPjj48ub51G2GdN5c+vuJKG1vb8ITjMG
z1wo1SkpoM0tiSmUrEabitXwElDmedcxKcd+lit4dqFJHDJyF3oHQHEh+EYU8I0T
5sGuqggH/JYzmPAgE7T2Orn6I9sAGzqCVMQFnPJU8J8YS68E4sqMKPI2wIRFft5v
Pxi1vXvDM/dlx5PlortbzGnUGnrLtLW+opUYH5pETsCGxxZOSf0OUckT3x4QyixD
JKftGqzZlHEEdChu3IA2w+FdpqiispFzg4WXqpHxx2PmMiStSSyDjVBndQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKScc2JuKdfdvQVOGKReUfQgnEsMMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvcEp4elltNHAxOTI5QlU0WXBGNVI5Q0NjU3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhCWADAN
BgkqhkiG9w0BAQsFAAOCAQEANHX04riJIK38dT7BIYlVIUx97YJ8dU8se3/l0du/
1FOz13zQCQbhzSsp/KTTYRK2atGt7cvJZiHYnC8eUzMPXKwvV06mE76wIKC3ZEJV
qTYJFBgS7OycwcQyPXOjmBSVE9c8SWMVDFKUZvCut982G4i6dkP732EYCHIIKEL6
bSjga2Blgmn7wZx706Iz7snNdK9x+tF5yCA4TepKUZlsj+fkjJzYiHNK/syUlXx/
8Hoc5tKj/e96K/Ielvt7RnpSbT6lY1phmkF9hmQkljKKQeVe/BV0kqRVWyoR2FkO
7nsnGZ7RXno2MA/4tHCrQcMuKNYWSDfjmggMe+NrovDLHg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:17:12 2024 by rpki-client on console-fra.rpki-client.org