Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3-bzEiX1yVDikjh6StzS5jAec5E.roa
File: 3-bzEiX1yVDikjh6StzS5jAec5E.roa (raw, json)
Hash identifier: fHnx470tQrvhGAZ6GSShsrHYxNyzN0xeWp8rZa1GibA=
Subject key identifier: DF:E6:F3:12:25:F5:C9:50:E2:92:38:7A:4A:DC:D2:E6:30:1E:73:91
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5012F62B033FFEA6F427ED82D4FA491
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3-bzEiX1yVDikjh6StzS5jAec5E.roa
Signing time: Mon 01 Jan 2024 12:30:38 +0000
ROA not before: Mon 01 Jan 2024 12:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216022
IP address blocks: 2a10:7403::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2f:62:b0:33:ff:ea:6f:42:7e:d8:2d:4f:a4:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfe6f31225f5c950e292387a4adcd2e6301e7391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b7:6c:0f:9f:a8:4b:f1:1a:5d:c6:ca:4b:ff:
48:60:78:e3:34:cb:e0:e1:52:bf:09:3c:d9:5a:5b:
02:53:be:fb:83:64:c9:0e:54:4e:3b:1f:b7:9a:f7:
b2:79:66:19:e6:01:e6:38:6f:2c:0b:40:55:44:c2:
16:65:9b:6b:5f:ad:3e:ff:61:35:13:7c:70:42:82:
3a:64:0f:54:de:fe:48:f2:c0:90:f7:03:5f:2e:11:
59:9c:11:2b:52:25:10:33:27:32:5c:d7:78:b5:d1:
45:d9:9c:d2:14:ed:34:58:18:89:e8:79:8a:08:7d:
d7:1b:93:6f:22:bd:89:c8:e4:9d:8e:2f:9d:29:77:
ee:74:ac:8d:a6:88:77:f5:31:c4:e2:1d:80:7e:77:
0c:b7:81:90:d9:ba:84:c6:c1:c3:59:48:03:1d:84:
30:5c:d5:6c:8d:e8:ec:7c:90:bd:c3:9e:cb:71:d9:
0e:56:4e:bf:57:1e:a3:a6:1f:41:a4:2f:21:cf:5a:
d0:72:36:28:b5:24:89:d2:c7:32:db:0c:a0:2b:f4:
c9:db:12:1c:75:3b:0c:dd:ab:ab:9f:2e:0a:ec:d2:
16:28:7c:ed:e6:44:47:98:37:bd:73:3a:1a:33:fc:
c2:4f:28:02:3f:0d:95:a8:41:eb:1c:22:70:3e:2f:
02:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E6:F3:12:25:F5:C9:50:E2:92:38:7A:4A:DC:D2:E6:30:1E:73:91
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/3-bzEiX1yVDikjh6StzS5jAec5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:7403::/32
Signature Algorithm: sha256WithRSAEncryption
17:30:7d:63:43:5b:7a:2f:cc:15:e5:29:cf:4c:d2:0b:ce:8a:
81:49:47:61:4f:7c:7b:f6:c2:be:b8:22:d8:a1:8c:c2:41:4b:
19:8a:12:9e:da:63:c9:6a:6b:7b:f9:32:aa:97:5c:21:73:79:
7a:bb:ea:a1:55:5b:8b:6a:a0:f2:84:a0:d5:6e:b0:33:a8:6a:
18:db:8b:ae:d0:ad:f6:01:a8:27:2b:41:b6:b4:47:22:5c:e3:
9d:13:31:f2:ca:9a:c1:f7:54:92:88:8e:f6:94:26:fa:4f:72:
f6:79:5c:ff:4b:22:bb:b6:ff:84:96:89:aa:4e:75:51:8c:30:
f5:30:79:27:38:b3:a5:1f:09:1b:74:46:4c:d9:dc:a9:e0:37:
ed:af:5f:dd:40:03:df:6a:2e:c7:e0:f9:56:8f:01:51:1f:67:
7e:29:80:98:41:1a:39:79:d5:40:22:04:a2:30:93:4d:ea:78:
49:0c:be:4e:47:58:49:8c:1b:8d:7f:c4:6f:a7:5e:c3:76:d6:
a2:eb:c6:9a:2a:14:cc:e8:7d:26:de:bd:97:ba:f7:93:3a:93:
19:b8:f5:14:4c:7b:26:de:91:2e:1f:5f:3f:8d:57:0d:45:db:
6e:b3:6e:16:19:82:b9:06:6e:24:5a:05:c3:dd:c1:76:14:63:
aa:b8:97:51
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAS9isDP/6m9CftgtT6SRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmU2ZjMxMjI1ZjVjOTUwZTI5MjM4N2E0YWRjZDJlNjMwMWU3MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7dsD5+oS/EaXcbKS/9IYHjjNMvg
4VK/CTzZWlsCU777g2TJDlROOx+3mveyeWYZ5gHmOG8sC0BVRMIWZZtrX60+/2E1
E3xwQoI6ZA9U3v5I8sCQ9wNfLhFZnBErUiUQMycyXNd4tdFF2ZzSFO00WBiJ6HmK
CH3XG5NvIr2JyOSdji+dKXfudKyNpoh39THE4h2AfncMt4GQ2bqExsHDWUgDHYQw
XNVsjejsfJC9w57LcdkOVk6/Vx6jph9BpC8hz1rQcjYotSSJ0scy2wygK/TJ2xIc
dTsM3aurny4K7NIWKHzt5kRHmDe9czoaM/zCTygCPw2VqEHrHCJwPi8CCwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFN/m8xIl9clQ4pI4ekrc0uYwHnORMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMy1iekVpWDF5VkRpa2poNlN0elM1akFlYzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhB0AzAN
BgkqhkiG9w0BAQsFAAOCAQEAFzB9Y0Nbei/MFeUpz0zSC86KgUlHYU98e/bCvrgi
2KGMwkFLGYoSntpjyWpre/kyqpdcIXN5ervqoVVbi2qg8oSg1W6wM6hqGNuLrtCt
9gGoJytBtrRHIlzjnRMx8sqawfdUkoiO9pQm+k9y9nlc/0siu7b/hJaJqk51UYww
9TB5JzizpR8JG3RGTNncqeA37a9f3UAD32oux+D5Vo8BUR9nfimAmEEaOXnVQCIE
ojCTTep4SQy+TkdYSYwbjX/Eb6dew3bWouvGmioUzOh9Jt69l7r3kzqTGbj1FEx7
Jt6RLh9fP41XDUXbbrNuFhmCuQZuJFoFw93BdhRjqriXUQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:07 2025 by rpki-client