Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/19sL4On1lDJrBWcBG6drD9pF760.roa
File: 19sL4On1lDJrBWcBG6drD9pF760.roa (raw, json)
Hash identifier: n1buoNXdqYzezZnGF9SFDskIHaNHv8dxoJX+qYDgrmo=
Subject key identifier: D7:DB:0B:E0:E9:F5:94:32:6B:05:67:01:1B:A7:6B:0F:DA:45:EF:AD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01917462443C03DCC27E4491D5194B2711C9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/19sL4On1lDJrBWcBG6drD9pF760.roa
Signing time: Wed 21 Aug 2024 10:01:22 +0000
ROA not before: Wed 21 Aug 2024 10:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200021
IP address blocks: 2a10:3640::/29 maxlen: 29
2a10:6300::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 30 Aug 2024 10:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:74:62:44:3c:03:dc:c2:7e:44:91:d5:19:4b:27:11:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 21 10:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7db0be0e9f594326b0567011ba76b0fda45efad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e6:8d:f3:d2:41:29:c7:5c:8e:e3:33:7d:2c:
45:f1:38:cc:b6:0f:5c:0d:bf:ab:80:9e:a6:09:98:
fa:91:67:fd:25:c6:c3:9f:62:eb:17:29:7f:22:70:
dd:2c:d3:96:12:6a:69:46:4f:e0:58:39:df:59:5e:
ce:f5:03:4e:46:ae:9b:07:ac:a6:09:20:c8:96:ed:
56:09:2a:0c:90:31:81:5f:6d:08:6e:4a:b6:6f:0c:
be:e0:11:e9:85:e4:72:e7:15:f7:87:ca:0a:75:90:
64:c3:57:ad:63:8e:e6:37:ea:ac:f1:24:11:55:f1:
7b:0f:25:f3:85:be:ac:fd:00:7d:96:7a:a0:e8:f1:
07:86:22:4e:8d:1f:59:48:08:dd:a3:bb:f2:97:c7:
3e:7b:dc:5e:d8:a7:03:1e:54:ad:07:bf:ad:eb:c7:
0b:72:0e:9b:62:3a:6f:03:27:04:2c:d6:26:83:9a:
42:92:62:b0:eb:7d:61:3a:f4:98:b7:0a:c3:24:ad:
42:5d:d6:95:07:20:12:b6:62:7f:d0:08:ee:90:f4:
87:03:25:da:12:2e:f4:8a:97:66:36:4e:e2:fd:5b:
6f:67:97:86:14:d8:db:d0:21:ee:9c:fb:18:87:86:
69:0d:48:e3:bf:be:5a:b3:f4:24:ac:dd:9e:d2:ee:
28:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:DB:0B:E0:E9:F5:94:32:6B:05:67:01:1B:A7:6B:0F:DA:45:EF:AD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/19sL4On1lDJrBWcBG6drD9pF760.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3640::/29
2a10:6300::/29
Signature Algorithm: sha256WithRSAEncryption
1f:45:5b:a7:a7:fc:a1:63:fe:ff:7b:fe:24:2c:bc:a0:b9:0a:
b1:34:b5:64:81:99:c4:54:16:7a:8a:6f:ae:cb:9f:ab:16:ad:
15:49:02:e1:0f:de:2e:1f:de:2b:73:ca:24:69:9f:dd:8e:e5:
07:63:3d:c7:b5:61:1c:b5:07:8e:87:45:95:c6:af:1a:a0:27:
38:f6:25:02:08:31:4b:e3:f2:2e:8e:cd:18:c0:41:41:90:90:
fa:80:3d:1b:61:35:8d:c8:ba:29:3a:64:8e:f2:62:18:86:e9:
6b:b9:25:51:8b:6b:10:a3:a4:f3:2a:aa:f2:e7:50:c9:51:ea:
32:c7:60:bc:26:54:00:8c:29:4e:d3:b8:d7:50:8b:45:f1:43:
d4:67:ac:6a:96:6a:e3:a1:cb:18:97:c0:a6:4b:e7:64:9c:97:
5b:7d:91:43:21:a1:84:09:ff:5e:9b:3c:39:82:81:92:11:91:
7d:fa:ef:1d:b7:91:37:d8:33:ea:ca:c5:5e:ce:10:2f:f4:ed:
0b:d0:85:0a:2b:65:9a:ba:fb:f7:0b:19:33:ac:ec:f8:01:e6:
d6:a5:c9:bc:39:c2:71:57:1b:72:54:13:a7:35:31:9f:8a:3c:
04:5c:25:d8:22:48:82:68:a5:40:99:4e:a5:bd:1a:e3:17:cc:
76:00:94:81
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZF0YkQ8A9zCfkSR1RlLJxHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwODIxMTAwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2RiMGJlMGU5ZjU5NDMyNmIwNTY3MDExYmE3NmIwZmRhNDVlZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseaN89JBKcdcjuMzfSxF8TjMtg9c
Db+rgJ6mCZj6kWf9JcbDn2LrFyl/InDdLNOWEmppRk/gWDnfWV7O9QNORq6bB6ym
CSDIlu1WCSoMkDGBX20Ibkq2bwy+4BHpheRy5xX3h8oKdZBkw1etY47mN+qs8SQR
VfF7DyXzhb6s/QB9lnqg6PEHhiJOjR9ZSAjdo7vyl8c+e9xe2KcDHlStB7+t68cL
cg6bYjpvAycELNYmg5pCkmKw631hOvSYtwrDJK1CXdaVByAStmJ/0AjukPSHAyXa
Ei70ipdmNk7i/VtvZ5eGFNjb0CHunPsYh4ZpDUjjv75as/QkrN2e0u4oeQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNfbC+Dp9ZQyawVnARunaw/aRe+tMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMTlzTDRPbjFsREpyQldjQkc2ZHJEOXBGNzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhA2QAMF
AyoQYwAwDQYJKoZIhvcNAQELBQADggEBAB9FW6en/KFj/v97/iQsvKC5CrE0tWSB
mcRUFnqKb67Ln6sWrRVJAuEP3i4f3itzyiRpn92O5QdjPce1YRy1B46HRZXGrxqg
Jzj2JQIIMUvj8i6OzRjAQUGQkPqAPRthNY3Iuik6ZI7yYhiG6Wu5JVGLaxCjpPMq
qvLnUMlR6jLHYLwmVACMKU7TuNdQi0XxQ9RnrGqWauOhyxiXwKZL52Scl1t9kUMh
oYQJ/16bPDmCgZIRkX367x23kTfYM+rKxV7OEC/07QvQhQorZZq6+/cLGTOs7PgB
5talybw5wnFXG3JUE6c1MZ+KPARcJdgiSIJopUCZTqW9GuMXzHYAlIE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:01:07 2025 by rpki-client