Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/wWoEx9pPHykcaT0mz2R-j0IHWfk.roa
File: wWoEx9pPHykcaT0mz2R-j0IHWfk.roa (raw, json)
Hash identifier: iNGUMQjmQrIZpUJEryy/b2i8mzPDfmZiM6VxcqiFao0=
Subject key identifier: C1:6A:04:C7:DA:4F:1F:29:1C:69:3D:26:CF:64:7E:8F:42:07:59:F9
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01959AC978F15BDC4C9658894A072A95EF14
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/wWoEx9pPHykcaT0mz2R-j0IHWfk.roa
Signing time: Sat 15 Mar 2025 17:10:49 +0000
ROA not before: Sat 15 Mar 2025 17:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215310
IP address blocks: 2a10:9600::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 15 Mar 2025 21:38:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9a:c9:78:f1:5b:dc:4c:96:58:89:4a:07:2a:95:ef:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Mar 15 17:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c16a04c7da4f1f291c693d26cf647e8f420759f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:76:9f:7e:8a:19:2c:85:13:9e:50:89:0a:2f:
16:e1:f4:1d:78:03:23:82:7a:78:1f:50:9e:f4:c9:
45:1d:da:d3:7b:19:e3:70:48:fd:f6:dc:d2:7f:70:
c6:a7:ad:4e:28:9c:db:af:ad:a2:61:f0:3e:1b:1c:
57:a6:b1:7c:27:6d:b4:1d:a1:28:6d:2b:da:70:f2:
9a:c9:03:7d:d1:94:de:cb:86:2c:a9:87:2b:7c:c2:
46:49:b3:fe:4e:65:3e:2b:a4:cf:7b:85:9e:9f:57:
b3:6a:03:d6:52:a1:cd:30:1b:5d:0f:1e:35:d9:29:
d8:4f:4a:b7:5f:2b:2f:9b:53:bf:d8:69:d5:73:3c:
ab:97:df:e7:09:ed:4f:f1:89:43:e6:69:85:1b:c4:
3e:01:a0:95:53:20:85:a1:06:0f:b0:bc:47:98:b6:
3a:c3:0c:54:1d:57:65:3c:fe:9d:e5:0f:83:71:71:
45:10:03:41:ed:dd:16:49:41:7f:d7:87:5a:41:16:
d3:b8:aa:87:c3:81:cd:b0:be:94:d1:57:3d:65:ca:
3a:91:16:03:b6:30:35:e8:57:73:fa:03:75:61:c1:
8b:0e:45:63:7b:3d:fa:08:cf:09:58:eb:b1:49:19:
cf:94:4f:5c:c2:3a:e9:1f:c6:a0:72:70:a9:77:9a:
c5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6A:04:C7:DA:4F:1F:29:1C:69:3D:26:CF:64:7E:8F:42:07:59:F9
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/wWoEx9pPHykcaT0mz2R-j0IHWfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:9600::/29
Signature Algorithm: sha256WithRSAEncryption
6d:e0:4d:03:4d:c7:7d:aa:fb:02:57:ea:60:3b:af:87:ee:62:
57:7b:5d:8d:fa:49:a6:8d:dd:ee:9d:a9:fe:ef:0f:8a:42:1d:
6a:6f:0f:22:63:0b:0e:3a:e2:0a:f3:f6:ac:8c:b1:3c:2a:b9:
ca:1b:f1:f4:a4:b8:47:27:02:09:a5:15:74:71:d9:64:74:83:
69:92:39:1c:6a:63:55:ee:34:93:d5:33:d8:86:f0:5b:76:52:
c0:6c:17:fc:95:9b:26:79:47:35:04:39:d9:ea:12:cd:30:ba:
e0:df:fb:68:f9:12:71:d3:ba:ec:27:e4:82:70:bb:3d:b5:46:
2d:9e:88:66:4d:c7:1b:1e:37:3c:cc:f6:5b:90:36:31:a7:14:
87:36:64:72:d0:22:27:84:06:43:3a:d7:73:00:33:c8:9e:41:
5e:69:d7:6b:37:12:4d:12:a8:a9:65:ad:0f:bf:c6:77:c0:e8:
50:9a:f6:33:e6:37:b6:e6:ec:10:0b:ed:10:14:4c:92:58:2a:
98:ac:ad:c1:2a:9a:2c:0b:be:9d:71:c9:67:97:58:25:23:bc:
06:71:9e:68:81:c8:04:3e:97:e0:e0:54:77:2e:02:2f:12:a1:
d1:fd:b5:75:f2:25:5e:a2:92:ea:eb:85:e6:71:13:dc:fe:94:
fd:cd:92:1c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZWayXjxW9xMlliJSgcqle8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwMzE1MTcxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTZhMDRjN2RhNGYxZjI5MWM2OTNkMjZjZjY0N2U4ZjQyMDc1OWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnaffooZLIUTnlCJCi8W4fQdeAMj
gnp4H1Ce9MlFHdrTexnjcEj99tzSf3DGp61OKJzbr62iYfA+GxxXprF8J220HaEo
bSvacPKayQN90ZTey4YsqYcrfMJGSbP+TmU+K6TPe4Wen1ezagPWUqHNMBtdDx41
2SnYT0q3Xysvm1O/2GnVczyrl9/nCe1P8YlD5mmFG8Q+AaCVUyCFoQYPsLxHmLY6
wwxUHVdlPP6d5Q+DcXFFEANB7d0WSUF/14daQRbTuKqHw4HNsL6U0Vc9Zco6kRYD
tjA16Fdz+gN1YcGLDkVjez36CM8JWOuxSRnPlE9cwjrpH8agcnCpd5rFewIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFMFqBMfaTx8pHGk9Js9kfo9CB1n5MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvd1dvRXg5cFBIeWtjYVQwbXoyUi1qMElIV2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhCWADAN
BgkqhkiG9w0BAQsFAAOCAQEAbeBNA03Hfar7AlfqYDuvh+5iV3tdjfpJpo3d7p2p
/u8PikIdam8PImMLDjriCvP2rIyxPCq5yhvx9KS4RycCCaUVdHHZZHSDaZI5HGpj
Ve40k9Uz2IbwW3ZSwGwX/JWbJnlHNQQ52eoSzTC64N/7aPkScdO67CfkgnC7PbVG
LZ6IZk3HGx43PMz2W5A2MacUhzZkctAiJ4QGQzrXcwAzyJ5BXmnXazcSTRKoqWWt
D7/Gd8DoUJr2M+Y3tubsEAvtEBRMklgqmKytwSqaLAu+nXHJZ5dYJSO8BnGeaIHI
BD6X4OBUdy4CLxKh0f21dfIlXqKS6uuF5nET3P6U/c2SHA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:45:53 2025 by rpki-client