Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-qSgj4Kx2m3UkaIK8db0x6i_k0.roa
File: 1-qSgj4Kx2m3UkaIK8db0x6i_k0.roa (raw, json)
Hash identifier: dB7b5lW4+dM0rEXixNoOS5UNSqc3doURANwtacSWGw8=
Subject key identifier: D7:EA:92:82:3E:0A:C7:69:B7:52:46:88:2B:C7:5B:D3:1E:A2:FE:4D
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0192C26207C1896B2E3CD52710C4E2E3E2E0
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-qSgj4Kx2m3UkaIK8db0x6i_k0.roa
Signing time: Fri 25 Oct 2024 06:34:17 +0000
ROA not before: Fri 25 Oct 2024 06:34:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21738
IP address blocks: 2a10:37c0::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a10:6f00::/29 maxlen: 29
2a10:7100::/29 maxlen: 29
2a10:7300::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 06 Nov 2024 12:25:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:62:07:c1:89:6b:2e:3c:d5:27:10:c4:e2:e3:e2:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 25 06:34:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7ea92823e0ac769b75246882bc75bd31ea2fe4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:8c:0b:28:e8:bf:2f:e6:a5:40:ff:9e:2e:0c:
86:47:08:9b:a9:5b:67:00:c0:8f:fe:f4:69:aa:13:
cb:10:76:d0:38:8a:09:e9:52:3e:79:66:23:3f:ac:
0f:ed:4f:43:ac:ee:15:8e:5a:bb:19:ca:d0:ce:5d:
08:de:84:4a:96:5c:3f:4e:77:f9:c2:c6:53:20:0c:
46:db:af:06:a8:d5:de:05:41:d4:db:e2:98:7b:40:
ce:55:b3:1f:ff:48:63:11:31:44:ff:8f:63:1c:12:
53:f4:67:cd:c5:ec:b5:7f:3b:10:c2:7b:96:0f:d2:
33:83:b8:98:cb:05:3d:5a:10:4a:54:63:d0:d7:96:
68:4c:3e:19:a5:24:e5:1e:da:c9:c1:ae:47:e6:2c:
70:88:6e:a5:00:b0:9f:91:01:b3:84:ed:ae:74:13:
8a:10:87:b8:ed:cd:81:1c:29:d8:65:91:74:9d:5b:
64:8a:24:0d:25:1c:17:48:33:9b:a9:99:6d:9b:07:
ce:67:b3:d5:86:b5:c9:a5:1e:18:8c:81:c3:b1:41:
80:c5:69:73:52:d7:4c:f1:5e:c7:34:99:4c:ef:b5:
4c:94:e4:ae:04:ec:3a:27:cb:00:c2:13:f3:a0:1e:
75:e4:2a:4b:11:97:22:88:7e:9d:36:6a:97:26:d8:
e8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EA:92:82:3E:0A:C7:69:B7:52:46:88:2B:C7:5B:D3:1E:A2:FE:4D
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1-qSgj4Kx2m3UkaIK8db0x6i_k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:37c0::/29
2a10:5200::/29
2a10:6900::/29
2a10:6f00::/29
2a10:7100::/29
2a10:7300::/29
Signature Algorithm: sha256WithRSAEncryption
52:bc:82:b6:b7:8b:3a:e0:ba:b3:74:d6:09:29:5f:0e:d2:f9:
de:87:12:a2:62:8e:8a:be:ff:f8:6e:ee:af:f3:2b:83:74:06:
61:b1:0d:a0:03:80:95:43:c6:bf:74:6d:d5:fc:4a:84:c6:c6:
b9:53:d0:52:c3:6a:fa:c2:83:a8:22:59:4c:d3:5f:0e:6e:d1:
8f:72:11:d7:96:ae:d3:b3:0c:4a:d3:8c:db:e1:5b:f9:1e:dd:
40:1b:88:1e:32:74:d9:e1:c0:5a:67:c4:8b:28:a2:5d:a2:38:
a5:75:67:48:5f:a7:b1:be:1a:07:87:63:48:ec:4d:1f:35:4e:
5f:9b:06:db:8c:00:e4:5d:10:d2:e6:66:a7:3c:ff:07:a6:8c:
90:fa:80:86:9a:61:86:f8:63:22:0f:5e:82:06:0b:90:88:7a:
a6:b6:8f:9e:7c:1e:17:f8:77:bf:c3:f1:ed:0e:4f:1e:e7:53:
8b:e7:63:53:92:29:f2:8d:16:bd:f7:e7:39:a4:b9:c3:35:83:
21:83:eb:44:50:99:a4:61:17:85:58:7b:08:2c:75:ed:10:5a:
38:5f:14:bb:10:29:04:98:76:19:ee:b1:09:d4:11:7c:67:31:
27:c6:ef:32:7a:ec:fc:04:53:f8:d3:26:ca:96:7d:2f:0a:64:
99:0d:fd:b0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZLCYgfBiWsuPNUnEMTi4+LgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMDI1MDYzNDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VhOTI4MjNlMGFjNzY5Yjc1MjQ2ODgyYmM3NWJkMzFlYTJmZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14wLKOi/L+alQP+eLgyGRwibqVtn
AMCP/vRpqhPLEHbQOIoJ6VI+eWYjP6wP7U9DrO4Vjlq7GcrQzl0I3oRKllw/Tnf5
wsZTIAxG268GqNXeBUHU2+KYe0DOVbMf/0hjETFE/49jHBJT9GfNxey1fzsQwnuW
D9Izg7iYywU9WhBKVGPQ15ZoTD4ZpSTlHtrJwa5H5ixwiG6lALCfkQGzhO2udBOK
EIe47c2BHCnYZZF0nVtkiiQNJRwXSDObqZltmwfOZ7PVhrXJpR4YjIHDsUGAxWlz
UtdM8V7HNJlM77VMlOSuBOw6J8sAwhPzoB515CpLEZciiH6dNmqXJtjoYQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNfqkoI+Csdpt1JGiCvHW9Meov5NMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMS1xU2dqNEt4Mm0zVWthSUs4ZGIweDZpX2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhA3wAMF
AyoQUgADBQMqEGkAAwUDKhBvAAMFAyoQcQADBQMqEHMAMA0GCSqGSIb3DQEBCwUA
A4IBAQBSvIK2t4s64LqzdNYJKV8O0vnehxKiYo6Kvv/4bu6v8yuDdAZhsQ2gA4CV
Q8a/dG3V/EqExsa5U9BSw2r6woOoIllM018ObtGPchHXlq7TswxK04zb4Vv5Ht1A
G4geMnTZ4cBaZ8SLKKJdojildWdIX6exvhoHh2NI7E0fNU5fmwbbjADkXRDS5man
PP8HpoyQ+oCGmmGG+GMiD16CBguQiHqmto+efB4X+He/w/HtDk8e51OL52NTkiny
jRa99+c5pLnDNYMhg+tEUJmkYReFWHsILHXtEFo4XxS7ECkEmHYZ7rEJ1BF8ZzEn
xu8yeuz8BFP40ybKln0vCmSZDf2w
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:50 2025 by rpki-client