Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/bumS9iPvGkKMcN4Cgnmo4JuiibE.roa
File: bumS9iPvGkKMcN4Cgnmo4JuiibE.roa (raw, json)
Hash identifier: B14I7tAAdlGZpk6TF9zI98Ka3Tn8KktCdTxuDkpAJm0=
Subject key identifier: 6E:E9:92:F6:23:EF:1A:42:8C:70:DE:02:82:79:A8:E0:9B:A2:89:B1
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019427B6384CBC0D07376D57414FC107285D
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/bumS9iPvGkKMcN4Cgnmo4JuiibE.roa
Signing time: Thu 02 Jan 2025 15:50:40 +0000
ROA not before: Thu 02 Jan 2025 15:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 2a10:17c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 Jan 2025 13:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:38:4c:bc:0d:07:37:6d:57:41:4f:c1:07:28:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 2 15:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ee992f623ef1a428c70de028279a8e09ba289b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8c:c1:6d:50:eb:f4:cc:bc:50:fa:37:c8:0f:
01:6f:b7:97:8f:65:81:cd:71:37:c3:98:22:7b:f4:
36:67:36:fd:95:7e:f1:4e:56:f7:57:07:54:39:5d:
13:c6:77:60:99:e9:e9:dc:e9:bf:ac:c8:3c:1a:c3:
c7:eb:19:5f:c7:1f:7e:0a:f7:f1:02:0b:2b:2a:d4:
84:cd:7c:61:90:b8:0c:6f:dd:b9:23:d9:d6:82:e7:
65:10:bc:aa:a1:a2:72:26:01:23:31:a8:ec:fc:bb:
bb:f4:b9:09:e2:0b:7a:96:86:84:23:b4:f9:47:99:
24:b7:b6:57:5e:2b:46:90:c9:21:a9:3b:9b:3d:52:
ed:49:15:48:95:8d:7b:4f:f8:93:4a:9a:49:51:11:
b3:9a:58:ed:6a:60:a9:d5:89:ca:69:c6:87:22:d8:
ac:5d:17:7b:1a:d2:b7:93:04:cd:3b:20:3b:89:16:
d6:2f:88:39:32:25:df:8c:38:9d:9e:e7:76:4e:e0:
8e:6a:2e:90:9c:57:4f:d1:ec:e8:5b:28:2b:f1:87:
0d:f1:60:f5:1a:4c:a4:e5:b5:c8:03:a8:fb:40:4b:
1f:e9:20:e5:22:dc:62:40:9e:5c:e2:a5:34:7e:23:
f6:4c:8c:62:0a:1a:02:a6:38:87:b1:74:d8:9e:99:
e7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E9:92:F6:23:EF:1A:42:8C:70:DE:02:82:79:A8:E0:9B:A2:89:B1
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/bumS9iPvGkKMcN4Cgnmo4JuiibE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:17c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:04:d6:70:51:4c:01:95:db:da:09:0a:13:9c:44:78:00:d3:
8a:95:14:0c:2e:d7:b3:a1:2d:d7:a0:cf:0a:75:8d:f6:a4:2d:
ee:35:f4:e5:2f:23:3e:14:8e:c9:e2:42:55:05:c2:b1:8e:ad:
9e:a7:51:93:ad:24:54:f9:49:84:5e:95:0e:b3:fc:12:51:d9:
75:b1:d5:88:83:19:94:04:a8:b9:7c:d3:17:e1:a9:f3:1a:83:
74:cb:d2:47:42:45:3e:c4:52:29:2f:9f:3d:ca:55:eb:0c:37:
73:52:ff:3a:31:0d:1b:33:9e:c7:0b:06:8f:72:86:91:74:17:
5e:55:e9:a9:b0:77:e7:22:55:98:52:12:7f:9f:f5:82:7c:3c:
2c:61:7e:9e:4e:6e:ff:ef:a9:6a:8b:77:c6:a1:9d:8c:fd:69:
1d:db:05:3b:40:5b:25:6b:8c:93:b1:3f:7a:c8:4e:19:be:79:
cd:ff:fc:8f:54:29:98:57:5f:2c:12:ce:54:7b:6e:00:c0:79:
7f:3f:9e:45:fe:aa:94:5d:d3:1d:32:4f:68:56:13:ff:6b:38:
cf:08:e1:b6:c6:29:e4:0c:13:d7:47:fc:e2:f6:4c:80:f8:89:
93:b2:e3:2d:10:a1:3e:9c:84:f7:e0:89:66:7a:59:96:f1:12:
04:fd:c2:0c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQntjhMvA0HN21XQU/BByhdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwMTAyMTU1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU5OTJmNjIzZWYxYTQyOGM3MGRlMDI4Mjc5YThlMDliYTI4OWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYzBbVDr9My8UPo3yA8Bb7eXj2WB
zXE3w5gie/Q2Zzb9lX7xTlb3VwdUOV0Txndgmenp3Om/rMg8GsPH6xlfxx9+Cvfx
AgsrKtSEzXxhkLgMb925I9nWgudlELyqoaJyJgEjMajs/Lu79LkJ4gt6loaEI7T5
R5kkt7ZXXitGkMkhqTubPVLtSRVIlY17T/iTSppJURGzmljtamCp1YnKacaHItis
XRd7GtK3kwTNOyA7iRbWL4g5MiXfjDidnud2TuCOai6QnFdP0ezoWygr8YcN8WD1
Gkyk5bXIA6j7QEsf6SDlItxiQJ5c4qU0fiP2TIxiChoCpjiHsXTYnpnn8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG7pkvYj7xpCjHDeAoJ5qOCboomxMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvYnVtUzlpUHZHa0tNY040Q2dubW80SnVpaWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAXwDAN
BgkqhkiG9w0BAQsFAAOCAQEAOgTWcFFMAZXb2gkKE5xEeADTipUUDC7Xs6Et16DP
CnWN9qQt7jX05S8jPhSOyeJCVQXCsY6tnqdRk60kVPlJhF6VDrP8ElHZdbHViIMZ
lASouXzTF+Gp8xqDdMvSR0JFPsRSKS+fPcpV6ww3c1L/OjENGzOexwsGj3KGkXQX
XlXpqbB35yJVmFISf5/1gnw8LGF+nk5u/++paot3xqGdjP1pHdsFO0BbJWuMk7E/
eshOGb55zf/8j1QpmFdfLBLOVHtuAMB5fz+eRf6qlF3THTJPaFYT/2s4zwjhtsYp
5AwT10f84vZMgPiJk7LjLRChPpyE9+CJZnpZlvESBP3CDA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:54 2025 by rpki-client