Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lAszcHU26ktftw0VkFIjZ9gu1yg.roa
File: lAszcHU26ktftw0VkFIjZ9gu1yg.roa (raw, json)
Hash identifier: cGzjsNBRCY1coVh7osfsqZT8+j6zmSK2Ile3HwV5aoU=
Subject key identifier: 94:0B:33:70:75:36:EA:4B:5F:B7:0D:15:90:52:23:67:D8:2E:D7:28
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01920916028F201DCE5F7D49A7E2643DCC2A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lAszcHU26ktftw0VkFIjZ9gu1yg.roa
Signing time: Thu 19 Sep 2024 07:01:30 +0000
ROA not before: Thu 19 Sep 2024 07:01:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200021
IP address blocks: 2a10:3040::/29 maxlen: 29
2a10:3640::/29 maxlen: 29
2a10:6300::/29 maxlen: 29
2a10:7d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 24 Sep 2024 11:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:16:02:8f:20:1d:ce:5f:7d:49:a7:e2:64:3d:cc:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Sep 19 07:01:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=940b33707536ea4b5fb70d1590522367d82ed728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:ba:25:a7:49:22:46:01:4d:a9:1f:4f:ec:
3c:cc:0c:c2:3f:23:3c:42:01:5a:33:9a:12:ec:93:
c3:2a:8a:25:72:e8:1e:fd:4e:5e:d0:a7:de:e3:11:
a6:56:77:3b:f4:2e:f1:4d:ee:34:ae:ad:b2:8c:9d:
a1:7c:25:1e:94:57:52:86:67:25:c5:ba:48:84:44:
0c:20:0d:4b:b3:75:8e:04:97:69:48:0d:8f:2c:22:
50:da:75:67:64:e0:63:7c:33:8c:e8:30:5a:fa:cf:
ce:5b:a0:7b:46:13:d1:de:30:ec:b9:ac:4e:97:a9:
90:f0:08:bc:01:34:3e:e8:e2:09:73:c9:fe:c1:aa:
e1:88:11:0a:96:03:ba:be:dc:bb:5e:15:8e:1e:72:
4d:92:88:0c:cd:73:b4:2c:46:83:c9:89:b9:a5:a7:
3a:7f:52:02:8e:3c:27:a4:76:90:66:42:a3:08:e6:
66:8c:23:c9:af:16:cd:ed:ea:de:41:7d:02:47:85:
e4:44:f8:d1:85:2c:2e:90:15:5a:0b:8f:02:14:45:
df:bc:f6:ed:30:cb:a6:eb:69:2d:98:9c:7b:a9:cc:
60:ec:65:91:eb:df:e5:29:52:fd:49:06:67:8a:38:
d7:71:6c:57:a7:9d:c1:48:9d:4e:ea:ab:24:d2:a9:
aa:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0B:33:70:75:36:EA:4B:5F:B7:0D:15:90:52:23:67:D8:2E:D7:28
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lAszcHU26ktftw0VkFIjZ9gu1yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3040::/29
2a10:3640::/29
2a10:6300::/29
2a10:7d00::/29
Signature Algorithm: sha256WithRSAEncryption
38:fe:90:8c:c8:ab:80:6d:0c:3f:f6:64:34:f2:c3:61:1d:ed:
38:cb:06:e6:ab:2c:db:6a:8a:b7:99:dc:16:cd:82:0e:66:f6:
03:f5:4c:4e:5f:ca:6b:72:de:96:7d:cb:36:c9:8c:5c:9f:df:
07:ec:a2:ac:0d:d2:ca:59:e2:af:e8:df:4f:e9:79:f0:f0:9c:
08:ee:5f:71:bf:0a:c1:46:7c:b4:2f:6a:d3:d0:fc:dc:e7:cd:
a1:88:fa:e3:d1:5e:7e:1d:0f:4c:06:a2:d7:d5:d7:1d:16:bb:
97:6c:26:d1:d8:13:86:89:e0:aa:a2:df:e7:11:19:ad:a2:63:
e2:ab:49:72:72:b2:79:56:f2:d4:07:c7:5f:35:48:73:7e:8e:
b2:1b:d0:e3:c4:c9:23:46:29:88:05:b2:fb:20:c4:19:d5:46:
25:67:a0:a6:b1:24:61:d0:04:d2:45:8f:77:fe:e3:91:d7:a7:
4c:02:38:fc:22:6e:07:2d:7b:96:fa:a4:4a:f2:1b:52:99:3f:
14:6b:67:3a:f7:9b:ed:f2:ea:84:0e:4c:bb:b3:2c:72:e2:1b:
18:be:65:fc:37:2a:52:d9:d7:ca:ae:16:b6:8b:b7:30:6f:e0:
e0:88:3e:f1:4f:f8:f4:10:3f:07:84:05:a8:03:48:cd:c8:6e:
57:39:fd:b5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZIJFgKPIB3OX31Jp+JkPcwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwOTE5MDcwMTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDBiMzM3MDc1MzZlYTRiNWZiNzBkMTU5MDUyMjM2N2Q4MmVkNzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlO6JadJIkYBTakfT+w8zAzCPyM8
QgFaM5oS7JPDKoolcuge/U5e0Kfe4xGmVnc79C7xTe40rq2yjJ2hfCUelFdShmcl
xbpIhEQMIA1Ls3WOBJdpSA2PLCJQ2nVnZOBjfDOM6DBa+s/OW6B7RhPR3jDsuaxO
l6mQ8Ai8ATQ+6OIJc8n+warhiBEKlgO6vty7XhWOHnJNkogMzXO0LEaDyYm5pac6
f1ICjjwnpHaQZkKjCOZmjCPJrxbN7ereQX0CR4XkRPjRhSwukBVaC48CFEXfvPbt
MMum62ktmJx7qcxg7GWR69/lKVL9SQZnijjXcWxXp53BSJ1O6qsk0qmqfQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJQLM3B1NupLX7cNFZBSI2fYLtcoMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbEFzemNIVTI2a3RmdHcwVmtGSWpaOWd1MXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhAwQAMF
AyoQNkADBQMqEGMAAwUDKhB9ADANBgkqhkiG9w0BAQsFAAOCAQEAOP6QjMirgG0M
P/ZkNPLDYR3tOMsG5qss22qKt5ncFs2CDmb2A/VMTl/Ka3Leln3LNsmMXJ/fB+yi
rA3Sylnir+jfT+l58PCcCO5fcb8KwUZ8tC9q09D83OfNoYj649Fefh0PTAai19XX
HRa7l2wm0dgThongqqLf5xEZraJj4qtJcnKyeVby1AfHXzVIc36OshvQ48TJI0Yp
iAWy+yDEGdVGJWegprEkYdAE0kWPd/7jkdenTAI4/CJuBy17lvqkSvIbUpk/FGtn
Oveb7fLqhA5Mu7MscuIbGL5l/DcqUtnXyq4Wtou3MG/g4Ig+8U/49BA/B4QFqANI
zchuVzn9tQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:06:56 2025 by rpki-client