Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d397c3-cf6f-44d0-9a0b-2b6f24bdd061/1/IarMo4mGgDOyHxQky1Hj81jDQqg.roa
File: IarMo4mGgDOyHxQky1Hj81jDQqg.roa (raw, json)
Hash identifier: w0s0X1wN5x5H8v0T17N5ICZ9n94J9R5DdFIZQz0gGLg=
Subject key identifier: 21:AA:CC:A3:89:86:80:33:B2:1F:14:24:CB:51:E3:F3:58:C3:42:A8
Certificate issuer: /CN=5a8d85b2e1ec1f21dcac5d5879e69cb342fd1479
Certificate serial: 01951D59C90D74C598EBD2BCAD69763E5C4C
Authority key identifier: 5A:8D:85:B2:E1:EC:1F:21:DC:AC:5D:58:79:E6:9C:B3:42:FD:14:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wo2FsuHsHyHcrF1Yeeacs0L9FHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d397c3-cf6f-44d0-9a0b-2b6f24bdd061/1/IarMo4mGgDOyHxQky1Hj81jDQqg.roa
Signing time: Wed 19 Feb 2025 08:36:18 +0000
ROA not before: Wed 19 Feb 2025 08:36:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213410
IP address blocks: 2a10:b140::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Feb 2025 19:54:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:59:c9:0d:74:c5:98:eb:d2:bc:ad:69:76:3e:5c:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a8d85b2e1ec1f21dcac5d5879e69cb342fd1479
Validity
Not Before: Feb 19 08:36:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21aacca389868033b21f1424cb51e3f358c342a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:79:9d:d5:82:9e:d3:53:d1:ed:56:55:23:c1:
88:5c:b9:9b:98:89:3a:1c:b8:e8:c7:da:99:2d:03:
58:80:ed:64:79:c6:12:31:0b:7c:8f:55:34:f0:98:
1f:96:bd:63:35:11:59:a5:8d:be:14:bc:b9:3f:d5:
f4:f9:05:31:25:6b:1e:df:70:9a:c2:7e:13:3b:75:
b0:0f:3e:cb:24:ee:fa:23:89:25:2b:57:7f:76:70:
ed:df:f6:2e:a9:04:98:af:31:0c:a0:3f:8b:6e:29:
18:f9:43:d1:ba:7a:28:5e:19:49:eb:bc:8e:f5:32:
06:4e:e1:4e:86:16:22:01:93:67:46:81:29:1b:a2:
f3:bc:ba:bd:3e:1d:40:c1:24:58:f3:52:67:02:20:
5c:02:db:8f:5a:2f:39:37:35:bf:54:94:df:9e:5e:
74:3b:ce:63:a9:52:9c:5f:2d:87:fb:c0:fa:ec:fe:
ff:20:9d:f3:e9:48:21:9f:08:c6:e7:cb:d2:8e:5b:
7c:da:03:9a:fc:ef:23:f3:e9:6a:7c:46:cd:8a:0a:
d8:8d:fc:16:ab:cd:34:99:b3:00:e4:b6:61:cf:55:
c2:29:53:30:b8:38:42:ca:b6:4c:3a:39:2c:01:60:
37:ce:ba:99:e6:ba:ad:b4:cf:d8:ed:4b:cc:92:25:
97:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:AA:CC:A3:89:86:80:33:B2:1F:14:24:CB:51:E3:F3:58:C3:42:A8
X509v3 Authority Key Identifier:
keyid:5A:8D:85:B2:E1:EC:1F:21:DC:AC:5D:58:79:E6:9C:B3:42:FD:14:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wo2FsuHsHyHcrF1Yeeacs0L9FHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d397c3-cf6f-44d0-9a0b-2b6f24bdd061/1/IarMo4mGgDOyHxQky1Hj81jDQqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d397c3-cf6f-44d0-9a0b-2b6f24bdd061/1/Wo2FsuHsHyHcrF1Yeeacs0L9FHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:b140::/29
Signature Algorithm: sha256WithRSAEncryption
53:1a:7a:24:17:0e:8c:b7:1d:6c:59:d9:6b:53:e7:48:f7:a6:
e6:b8:ff:f9:56:ee:32:c5:eb:13:e7:a8:9c:5c:71:e1:c3:ce:
be:ed:29:c4:54:3a:bc:a2:03:4f:67:eb:ba:5c:52:9f:2d:46:
b5:aa:82:45:68:a0:c5:53:e4:f5:b4:e7:22:12:a3:3a:39:80:
12:3f:be:4f:23:bc:96:92:82:ea:7f:6b:fc:3d:c3:86:b5:f6:
72:a0:30:96:01:18:4e:18:33:67:76:ea:39:ed:29:ee:87:80:
07:7b:34:78:c8:ae:9e:fd:4d:9e:0a:79:21:1f:93:2e:22:d0:
da:39:1e:95:2e:04:a9:c2:08:64:94:76:77:0a:d4:94:1e:b4:
59:39:e2:b7:c6:36:74:3a:5d:cc:13:7d:0a:bc:41:09:32:05:
3f:78:b8:b0:c4:f5:47:e5:2f:40:03:7b:56:46:3a:bb:e9:8f:
e8:6d:fd:99:49:4e:eb:50:59:a2:8a:35:92:b5:53:71:d1:58:
81:5d:7b:62:0e:21:db:bb:59:77:d2:5d:2a:92:41:f4:bb:28:
f9:e6:fa:54:59:cc:48:3b:35:83:a0:b3:94:16:cc:ee:9a:ef:
07:4d:03:6e:a4:44:65:d8:d3:f5:09:c0:ee:44:50:e9:bc:b4:
75:50:79:34
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZUdWckNdMWY69K8rWl2PlxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOGQ4NWIyZTFlYzFmMjFkY2FjNWQ1ODc5ZTY5Y2IzNDJm
ZDE0NzkwHhcNMjUwMjE5MDgzNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWFhY2NhMzg5ODY4MDMzYjIxZjE0MjRjYjUxZTNmMzU4YzM0MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXmd1YKe01PR7VZVI8GIXLmbmIk6
HLjox9qZLQNYgO1kecYSMQt8j1U08Jgflr1jNRFZpY2+FLy5P9X0+QUxJWse33Ca
wn4TO3WwDz7LJO76I4klK1d/dnDt3/YuqQSYrzEMoD+LbikY+UPRunooXhlJ67yO
9TIGTuFOhhYiAZNnRoEpG6LzvLq9Ph1AwSRY81JnAiBcAtuPWi85NzW/VJTfnl50
O85jqVKcXy2H+8D67P7/IJ3z6UghnwjG58vSjlt82gOa/O8j8+lqfEbNigrYjfwW
q800mbMA5LZhz1XCKVMwuDhCyrZMOjksAWA3zrqZ5rqttM/Y7UvMkiWX/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCGqzKOJhoAzsh8UJMtR4/NYw0KoMB8GA1UdIwQY
MBaAFFqNhbLh7B8h3KxdWHnmnLNC/RR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV28yRnN1SHNIeUhjckYxWWVlYWNzMEw5RkhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kMzk3YzMtY2Y2Zi00NGQwLTlhMGIt
MmI2ZjI0YmRkMDYxLzEvSWFyTW80bUdnRE95SHhRa3kxSGo4MWpEUXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kMzk3YzMtY2Y2Zi00NGQwLTlhMGItMmI2ZjI0YmRkMDYx
LzEvV28yRnN1SHNIeUhjckYxWWVlYWNzMEw5RkhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhCxQDAN
BgkqhkiG9w0BAQsFAAOCAQEAUxp6JBcOjLcdbFnZa1PnSPem5rj/+VbuMsXrE+eo
nFxx4cPOvu0pxFQ6vKIDT2frulxSny1GtaqCRWigxVPk9bTnIhKjOjmAEj++TyO8
lpKC6n9r/D3DhrX2cqAwlgEYThgzZ3bqOe0p7oeAB3s0eMiunv1Nngp5IR+TLiLQ
2jkelS4EqcIIZJR2dwrUlB60WTnit8Y2dDpdzBN9CrxBCTIFP3i4sMT1R+UvQAN7
VkY6u+mP6G39mUlO61BZooo1krVTcdFYgV17Yg4h27tZd9JdKpJB9Lso+eb6VFnM
SDs1g6CzlBbM7prvB00DbqREZdjT9QnA7kRQ6by0dVB5NA==
-----END CERTIFICATE-----
Generated at Mon May 12 03:20:54 2025 by rpki-client