Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2M9xrXKBL9G-ChEdxvaTbQWeMdA.roa
File: 2M9xrXKBL9G-ChEdxvaTbQWeMdA.roa (raw, json)
Hash identifier: hDQkiMNFewWrTE2k9YFbYjdTZySSTH6w1S7m4ngbRkQ=
Subject key identifier: D8:CF:71:AD:72:81:2F:D1:BE:0A:11:1D:C6:F6:93:6D:05:9E:31:D0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0191D76078297B375CA3B26B5C9763E8DE05
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2M9xrXKBL9G-ChEdxvaTbQWeMdA.roa
Signing time: Mon 09 Sep 2024 15:21:49 +0000
ROA not before: Mon 09 Sep 2024 15:21:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214734
IP address blocks: 2a10:3240::/29 maxlen: 29
2a10:3440::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 13 Sep 2024 15:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d7:60:78:29:7b:37:5c:a3:b2:6b:5c:97:63:e8:de:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 9 15:21:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8cf71ad72812fd1be0a111dc6f6936d059e31d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6e:ec:0b:72:f9:f5:8c:85:d5:d0:bb:dd:fe:
f4:cd:5d:4d:f4:60:2e:49:a9:3d:de:61:20:20:e0:
e0:d9:9a:87:3f:a0:29:41:09:8d:3b:aa:66:e5:18:
fc:96:98:01:c8:a0:4b:bc:dc:85:05:71:81:c3:18:
7b:ca:9a:b6:d2:4a:9c:ab:fc:20:26:5a:ef:66:60:
de:35:a5:1a:e3:2d:f0:1b:39:fc:a5:eb:64:0f:cd:
1c:ab:b0:e7:1f:93:1c:65:d9:c4:c4:d4:67:a0:ad:
77:95:b2:f3:33:db:b4:8d:ff:e7:fa:10:fe:dc:03:
79:80:0d:c6:ff:3e:5a:43:4c:3b:77:99:89:68:e5:
ac:de:47:7c:10:7e:a2:b1:02:4b:19:23:44:2c:a4:
9e:f9:76:34:62:68:00:ac:0e:a0:31:d6:7a:de:2d:
66:e8:5a:4a:52:b4:6f:12:63:7a:4d:f8:86:e4:f3:
ab:b7:24:1e:da:70:ca:7c:8f:02:a1:ff:9b:b0:db:
cc:10:8d:e8:9b:15:9e:35:71:39:7f:0d:ff:0b:9f:
b1:ab:f9:4f:65:b0:f0:73:19:df:87:90:4b:ba:44:
88:d5:36:ff:cf:23:8f:4d:70:88:8c:cb:14:c2:51:
dc:92:ac:a3:25:56:f4:27:01:18:ba:1d:1d:cb:8d:
a7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CF:71:AD:72:81:2F:D1:BE:0A:11:1D:C6:F6:93:6D:05:9E:31:D0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2M9xrXKBL9G-ChEdxvaTbQWeMdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3240::/29
2a10:3440::/29
Signature Algorithm: sha256WithRSAEncryption
58:8e:60:3d:5b:d1:57:aa:55:d8:7e:44:c9:cf:1c:9a:42:24:
67:03:2a:42:2d:a6:ec:5a:27:80:d9:bb:3c:dd:03:f3:70:db:
4a:a4:d5:14:4c:91:b8:42:b0:76:85:e3:ee:9f:07:d7:86:37:
1b:c5:24:fd:96:88:02:85:b4:24:5b:d6:9e:9e:b4:dc:8a:9f:
3c:0d:0d:6c:ca:73:5d:9c:64:72:6d:da:85:42:82:b0:a3:4c:
8c:3a:a0:5c:c2:01:e5:b6:da:c6:2d:13:68:b1:b6:7b:94:9f:
8d:1c:53:bc:ad:45:e9:9d:08:7f:f1:7d:62:63:88:44:d4:00:
c4:a0:c2:31:07:7c:d3:97:89:54:e0:55:d7:04:94:b5:50:20:
88:67:35:6d:de:81:32:b7:45:38:23:ab:1b:ef:48:92:2d:f5:
78:f4:4e:c4:a0:52:69:fa:60:07:35:1a:3f:35:f3:ee:22:bd:
33:cb:29:d4:91:66:eb:47:ee:6c:a8:cb:6b:17:d5:09:1e:ba:
4b:be:18:a3:71:95:57:69:8a:92:6a:00:e4:c1:c3:58:94:80:
c2:f1:ca:b4:98:8a:ec:8a:3c:88:5c:44:97:19:cb:ee:6f:65:
e1:8e:cb:20:22:16:7b:de:5c:d8:a5:89:8d:4d:20:1e:b5:7a:
df:52:1f:63
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZHXYHgpezdco7JrXJdj6N4FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTA5MTUyMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGNmNzFhZDcyODEyZmQxYmUwYTExMWRjNmY2OTM2ZDA1OWUzMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW7sC3L59YyF1dC73f70zV1N9GAu
Sak93mEgIODg2ZqHP6ApQQmNO6pm5Rj8lpgByKBLvNyFBXGBwxh7ypq20kqcq/wg
JlrvZmDeNaUa4y3wGzn8petkD80cq7DnH5McZdnExNRnoK13lbLzM9u0jf/n+hD+
3AN5gA3G/z5aQ0w7d5mJaOWs3kd8EH6isQJLGSNELKSe+XY0YmgArA6gMdZ63i1m
6FpKUrRvEmN6TfiG5POrtyQe2nDKfI8Cof+bsNvMEI3omxWeNXE5fw3/C5+xq/lP
ZbDwcxnfh5BLukSI1Tb/zyOPTXCIjMsUwlHckqyjJVb0JwEYuh0dy42nUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNjPca1ygS/RvgoRHcb2k20FnjHQMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMk05eHJYS0JMOUctQ2hFZHh2YVRiUVdlTWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhAyQAMF
AyoQNEAwDQYJKoZIhvcNAQELBQADggEBAFiOYD1b0VeqVdh+RMnPHJpCJGcDKkIt
puxaJ4DZuzzdA/Nw20qk1RRMkbhCsHaF4+6fB9eGNxvFJP2WiAKFtCRb1p6etNyK
nzwNDWzKc12cZHJt2oVCgrCjTIw6oFzCAeW22sYtE2ixtnuUn40cU7ytRemdCH/x
fWJjiETUAMSgwjEHfNOXiVTgVdcElLVQIIhnNW3egTK3RTgjqxvvSJIt9Xj0TsSg
Umn6YAc1Gj818+4ivTPLKdSRZutH7myoy2sX1Qkeuku+GKNxlVdpipJqAOTBw1iU
gMLxyrSYiuyKPIhcRJcZy+5vZeGOyyAiFnveXNiliY1NIB61et9SH2M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:09 2025 by rpki-client