Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/10SWRhn_5-yzw5uPHKCi1-Ts9VQ.roa
File: 10SWRhn_5-yzw5uPHKCi1-Ts9VQ.roa (raw, json)
Hash identifier: onIT8FvkAvS2XEH3P6Yt3e6KAg9sGgZcqCKapqUrEmQ=
Subject key identifier: D7:44:96:46:19:FF:E7:EC:B3:C3:9B:8F:1C:A0:A2:D7:E4:EC:F5:54
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 01856D540B52FAB02E4528DD85678BB71DD3
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/10SWRhn_5-yzw5uPHKCi1-Ts9VQ.roa
Signing time: Sun 01 Jan 2023 12:35:02 +0000
ROA not before: Sun 01 Jan 2023 12:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60251
IP address blocks: 192.42.253.0/24 maxlen: 24
2a0f:6b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:54:0b:52:fa:b0:2e:45:28:dd:85:67:8b:b7:1d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 1 12:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d744964619ffe7ecb3c39b8f1ca0a2d7e4ecf554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a0:5b:4b:a4:e7:b1:37:00:2d:cd:60:37:3d:
db:e6:71:ab:05:1b:ac:ef:72:7f:e8:11:78:82:5d:
da:25:48:fd:ee:f8:a7:a0:97:5c:64:15:52:7a:89:
ed:a7:e3:1b:af:a9:3a:49:c1:be:29:96:e6:1a:ea:
50:52:f6:e3:c3:0c:af:c3:41:70:29:23:58:a2:a3:
f6:2e:3c:15:ad:2b:e9:d5:22:7f:aa:c4:86:56:74:
c7:8f:d8:f9:18:a9:71:57:c6:22:97:fe:99:8a:44:
a4:20:07:f9:05:c8:74:a5:20:f9:fe:1b:46:2c:95:
1b:18:91:6e:f3:ee:a5:8a:8d:c9:7b:5e:91:81:58:
28:a5:ae:f5:52:b4:27:64:83:d9:d9:59:8c:28:b0:
4c:52:52:f0:b0:31:2f:4d:50:d2:53:7f:1b:93:b1:
f6:ed:6f:6e:b4:23:fe:fa:18:36:6b:d1:0e:ba:f0:
f9:a0:0f:5d:61:56:95:3c:04:be:8b:52:5b:5e:0c:
98:9b:9e:9b:aa:3c:b8:e4:dd:44:12:95:33:36:bf:
2e:b7:1f:d1:72:a4:54:29:b4:50:49:e5:30:63:3d:
70:0b:90:d3:72:97:df:19:5b:35:4f:f9:11:2c:d0:
a9:a4:76:52:6b:db:43:cd:e2:d3:6a:17:d5:b0:24:
f1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:44:96:46:19:FF:E7:EC:B3:C3:9B:8F:1C:A0:A2:D7:E4:EC:F5:54
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/10SWRhn_5-yzw5uPHKCi1-Ts9VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.42.253.0/24
IPv6:
2a0f:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
03:dd:f4:ae:89:f9:45:1d:5c:cf:81:a6:46:37:89:ce:b2:cb:
6c:54:2c:97:d9:f9:83:df:7e:8b:ce:6f:b4:57:e1:7f:4e:81:
11:d2:cc:e9:71:f7:9d:59:39:4e:e1:35:87:80:fc:1e:44:3c:
26:ad:e2:a8:cb:1c:8e:18:15:6b:c4:a1:c5:af:51:9d:bc:e2:
e4:d9:6c:16:de:2d:f7:a1:48:4a:04:7f:95:8d:e7:e9:8a:79:
19:eb:1a:86:e3:64:8c:76:e2:a3:d0:c8:4c:c1:60:02:10:04:
08:3a:6a:52:48:1f:7b:1d:cc:22:e4:29:be:ba:61:1b:08:d3:
b3:04:d4:d5:71:82:39:4d:e4:c3:9a:c4:25:80:8e:71:a5:65:
06:fc:e9:b1:4e:5e:c6:e6:15:ac:4e:2d:34:f5:74:68:cf:41:
32:42:93:08:cd:39:19:00:13:c3:8e:6c:2a:13:33:ed:5d:67:
b4:3b:3e:02:59:89:bb:13:6b:56:48:7b:4f:e8:58:48:7f:fd:
9a:11:e0:28:b6:64:e9:82:38:63:3b:dd:cc:33:20:bd:c2:2c:
3d:e9:e1:7d:6d:72:da:a3:d4:73:69:d6:18:fd:04:73:dc:1e:
80:b4:5a:48:26:04:98:90:8c:fd:d5:cd:df:7a:0b:b7:fb:ad:
35:ef:18:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtVAtS+rAuRSjdhWeLtx3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjMwMTAxMTIzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ0OTY0NjE5ZmZlN2VjYjNjMzliOGYxY2EwYTJkN2U0ZWNmNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKBbS6TnsTcALc1gNz3b5nGrBRus
73J/6BF4gl3aJUj97vinoJdcZBVSeontp+Mbr6k6ScG+KZbmGupQUvbjwwyvw0Fw
KSNYoqP2LjwVrSvp1SJ/qsSGVnTHj9j5GKlxV8Yil/6ZikSkIAf5Bch0pSD5/htG
LJUbGJFu8+6lio3Je16RgVgopa71UrQnZIPZ2VmMKLBMUlLwsDEvTVDSU38bk7H2
7W9utCP++hg2a9EOuvD5oA9dYVaVPAS+i1JbXgyYm56bqjy45N1EEpUzNr8utx/R
cqRUKbRQSeUwYz1wC5DTcpffGVs1T/kRLNCppHZSa9tDzeLTahfVsCTxrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNdElkYZ/+fss8Objxygotfk7PVUMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvMTBTV1Jobl81LXl6dzV1UEhLQ2kxLVRzOVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwCr9MA0E
AgACMAcDBQMqD2tAMA0GCSqGSIb3DQEBCwUAA4IBAQAD3fSuiflFHVzPgaZGN4nO
sstsVCyX2fmD336Lzm+0V+F/ToER0szpcfedWTlO4TWHgPweRDwmreKoyxyOGBVr
xKHFr1GdvOLk2WwW3i33oUhKBH+VjefpinkZ6xqG42SMduKj0MhMwWACEAQIOmpS
SB97Hcwi5Cm+umEbCNOzBNTVcYI5TeTDmsQlgI5xpWUG/OmxTl7G5hWsTi009XRo
z0EyQpMIzTkZABPDjmwqEzPtXWe0Oz4CWYm7E2tWSHtP6FhIf/2aEeAotmTpgjhj
O93MMyC9wiw96eF9bXLao9RzadYY/QRz3B6AtFpIJgSYkIz91c3fegu3+6017xhG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:37 2024 by rpki-client on console-fra.rpki-client.org