Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/rSQcTrVV-3IrZUxns-I5aAWx5rw.roa
File: rSQcTrVV-3IrZUxns-I5aAWx5rw.roa (raw, json)
Hash identifier: vt0blu8Ycs/uFgaJNg4nqB6w6idy/rj1D3CgAwnNSoA=
Subject key identifier: AD:24:1C:4E:B5:55:FB:72:2B:65:4C:67:B3:E2:39:68:05:B1:E6:BC
Certificate issuer: /CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Certificate serial: 018AACB88C197EAC7866C0576ECD540E2975
Authority key identifier: 79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/rSQcTrVV-3IrZUxns-I5aAWx5rw.roa
Signing time: Tue 19 Sep 2023 09:14:50 +0000
ROA not before: Tue 19 Sep 2023 09:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 2a10:4bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:b8:8c:19:7e:ac:78:66:c0:57:6e:cd:54:0e:29:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Validity
Not Before: Sep 19 09:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad241c4eb555fb722b654c67b3e2396805b1e6bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3e:52:92:20:3a:6c:ae:30:a6:c8:ad:c1:cf:
ff:66:90:6f:a3:d0:8c:e2:b4:0e:39:9e:f4:b9:c3:
55:1e:f3:16:1d:d5:9b:4c:71:bc:c9:4c:ab:2e:2c:
e3:49:f6:9d:a5:e6:05:a1:66:f9:84:4e:db:4c:c4:
df:a9:00:b0:ae:6f:df:00:92:9a:a3:f1:51:5c:69:
8d:63:bd:fd:5d:4b:34:4b:2c:45:13:61:6c:39:bf:
44:84:77:51:62:76:a4:75:65:b3:3a:cb:c9:54:86:
7b:15:02:95:dc:15:c7:4f:73:29:e2:ef:bd:d8:e5:
b9:fa:2b:a9:b4:87:10:6a:9c:4f:7e:2c:90:33:02:
17:8c:9c:4a:c7:3c:e7:eb:d6:34:ce:1d:84:c9:d2:
00:67:8d:f9:1b:5c:19:d7:eb:2b:3d:d7:48:90:11:
12:ea:c6:fc:b6:dd:29:40:27:a2:3b:e7:ff:55:54:
56:74:56:8e:a9:3a:da:55:de:45:93:c9:1b:e8:fb:
3c:1d:38:d1:09:09:e1:c7:ab:b1:d9:da:92:03:70:
76:3c:66:53:14:f8:a2:8c:49:0a:8b:5a:a3:24:60:
a8:4b:65:fb:a8:37:54:07:6a:e4:ef:13:06:9a:68:
a8:8d:5e:3c:92:e7:41:7d:6e:cf:13:9d:f4:51:f0:
b4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:24:1C:4E:B5:55:FB:72:2B:65:4C:67:B3:E2:39:68:05:B1:E6:BC
X509v3 Authority Key Identifier:
keyid:79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/rSQcTrVV-3IrZUxns-I5aAWx5rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
59:9a:d6:92:e2:c5:20:72:7c:df:fa:b8:fc:4c:23:dd:35:fc:
55:d1:21:b9:8c:1a:31:c2:b0:30:15:b4:8b:98:b2:90:97:5d:
4c:cc:eb:56:8e:3e:29:e1:db:eb:ed:09:d3:95:8a:e8:5c:a3:
84:99:17:f7:b6:d7:d3:ee:55:04:6b:4d:8b:0b:05:de:3d:91:
0e:26:ec:8a:c6:b0:3c:70:bb:22:11:eb:f0:8a:12:46:f9:e3:
18:ce:ab:ad:16:c4:12:9a:47:e7:77:76:44:f7:f9:5a:e6:d1:
16:ab:47:0e:c7:c4:0b:36:55:db:89:9e:90:56:56:70:08:7b:
f9:9f:4c:b1:62:3f:b1:00:93:b0:37:35:df:8c:46:fc:a0:5c:
71:3b:0d:a5:60:d3:ab:9b:9c:b3:bc:ed:04:8a:c7:bd:8f:87:
60:ee:34:15:55:0f:df:5e:51:85:68:3e:7a:cd:75:53:c5:df:
d3:22:b0:c5:9e:0a:7e:8d:00:82:6a:db:37:b7:db:50:68:a4:
ba:c2:c9:b9:28:6c:e0:f8:38:77:7a:ea:13:76:1f:89:71:84:
f4:ab:3c:d0:d3:73:52:f0:1f:a5:b2:99:e4:93:31:7e:d1:ec:
6b:b0:33:fc:c0:8f:6a:c9:ca:84:d3:10:7c:91:21:d2:21:ff:
2c:1c:bc:fc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqsuIwZfqx4ZsBXbs1UDil1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTg0M2QzYTY3YmYyMDJkMGFlMjNkZjk1ZTE0ZWE4NzFk
OGYxNWQwHhcNMjMwOTE5MDkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDI0MWM0ZWI1NTVmYjcyMmI2NTRjNjdiM2UyMzk2ODA1YjFlNmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj5SkiA6bK4wpsitwc//ZpBvo9CM
4rQOOZ70ucNVHvMWHdWbTHG8yUyrLizjSfadpeYFoWb5hE7bTMTfqQCwrm/fAJKa
o/FRXGmNY739XUs0SyxFE2FsOb9EhHdRYnakdWWzOsvJVIZ7FQKV3BXHT3Mp4u+9
2OW5+iuptIcQapxPfiyQMwIXjJxKxzzn69Y0zh2EydIAZ435G1wZ1+srPddIkBES
6sb8tt0pQCeiO+f/VVRWdFaOqTraVd5Fk8kb6Ps8HTjRCQnhx6ux2dqSA3B2PGZT
FPiijEkKi1qjJGCoS2X7qDdUB2rk7xMGmmiojV48kudBfW7PE530UfC0hQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK0kHE61VftyK2VMZ7PiOWgFsea8MB8GA1UdIwQY
MBaAFHmoQ9Ome/IC0K4j35XhTqhx2PFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEt
YjRkZDIyNzU4OTUxLzEvclNRY1RyVlYtM0lyWlV4bnMtSTVhQVd4NXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEtYjRkZDIyNzU4OTUx
LzEvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhBLwDAN
BgkqhkiG9w0BAQsFAAOCAQEAWZrWkuLFIHJ83/q4/Ewj3TX8VdEhuYwaMcKwMBW0
i5iykJddTMzrVo4+KeHb6+0J05WK6FyjhJkX97bX0+5VBGtNiwsF3j2RDibsisaw
PHC7IhHr8IoSRvnjGM6rrRbEEppH53d2RPf5WubRFqtHDsfECzZV24mekFZWcAh7
+Z9MsWI/sQCTsDc134xG/KBccTsNpWDTq5ucs7ztBIrHvY+HYO40FVUP315RhWg+
es11U8Xf0yKwxZ4Kfo0AgmrbN7fbUGikusLJuShs4Pg4d3rqE3YfiXGE9Ks80NNz
UvAfpbKZ5JMxftHsa7Az/MCPasnKhNMQfJEh0iH/LBy8/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:15 2024 by rpki-client on console-fra.rpki-client.org