Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/mkBFsmK5U0XkPHMkFbE5IjIKoas.roa
File: mkBFsmK5U0XkPHMkFbE5IjIKoas.roa (raw, json)
Hash identifier: t8UBQg63n1hBZ9+NIsPheVwrOCpAQ1p1GX5V3VzqvbU=
Subject key identifier: 9A:40:45:B2:62:B9:53:45:E4:3C:73:24:15:B1:39:22:32:0A:A1:AB
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 01856D4AEAD92B94DF73C68440A548DAA60F
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/mkBFsmK5U0XkPHMkFbE5IjIKoas.roa
Signing time: Sun 01 Jan 2023 12:25:04 +0000
ROA not before: Sun 01 Jan 2023 12:25:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211452
IP address blocks: 2a07:291b::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:ea:d9:2b:94:df:73:c6:84:40:a5:48:da:a6:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 12:25:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a4045b262b95345e43c732415b13922320aa1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:10:fc:b2:34:d0:69:dc:7a:2d:70:9c:f0:ca:
5e:10:8d:77:4e:51:ee:be:4e:2f:b7:76:71:dc:8d:
e6:55:70:06:f3:03:54:bb:a7:5f:92:e7:a5:f2:d2:
19:0b:ae:70:51:ac:f8:e3:08:f7:8d:a9:fd:9e:c9:
27:e6:d3:7c:b3:c6:d8:a2:a8:9e:59:51:90:eb:50:
f3:e0:f1:75:52:3e:04:e1:35:05:5e:99:61:a3:7b:
84:38:55:90:f1:e7:7c:41:02:c6:e8:79:49:50:b9:
cd:94:fd:fd:ae:da:96:3d:6d:4b:a4:3c:f1:4b:87:
e1:14:2e:9a:fd:bf:ee:bc:fa:9d:5d:1a:07:3f:31:
71:0d:47:43:7f:5d:4c:2f:a7:d7:d7:74:ac:38:96:
3d:71:ba:84:20:51:a9:8c:55:d5:96:81:97:04:64:
5c:fa:fc:04:c2:fe:07:16:d4:dd:be:e8:ee:76:0c:
15:e8:c5:0e:fe:e2:7c:c5:ba:fb:58:9c:10:a5:46:
9f:f4:e4:a9:22:dd:d9:7c:93:ac:55:d7:d1:82:c2:
d6:f2:9e:9c:6b:a2:d8:87:16:4a:ad:d8:26:1a:f1:
57:92:5a:a8:52:b7:d5:a7:f8:9a:42:b2:f1:34:1e:
37:17:b5:f8:e2:63:17:ae:99:50:ec:6a:e6:cf:e1:
9c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:40:45:B2:62:B9:53:45:E4:3C:73:24:15:B1:39:22:32:0A:A1:AB
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/mkBFsmK5U0XkPHMkFbE5IjIKoas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:291b::/32
Signature Algorithm: sha256WithRSAEncryption
0c:4e:db:ea:79:18:e4:91:f0:04:cb:ae:82:7c:8f:1f:d3:ef:
0b:91:3c:b8:44:da:1a:33:9f:5d:ed:b4:0a:50:fb:b9:4c:b2:
cc:a4:26:81:4d:b6:e4:cb:c8:1f:aa:6f:8f:fe:61:08:6f:39:
c0:7c:a1:ce:22:e1:65:f8:15:08:a1:cf:ad:22:39:f8:53:b0:
90:37:4a:1d:3c:62:43:38:43:ee:5f:35:fc:99:f5:16:bf:5d:
35:36:61:32:e9:78:c8:35:24:87:4b:2d:80:4e:87:23:6c:2d:
8d:0b:75:1e:b4:18:94:33:c9:f5:c4:a9:3d:5e:aa:08:ab:e5:
7e:f1:f3:c2:fb:aa:2c:e1:9b:fd:c0:6e:a4:f9:e8:04:52:15:
db:f8:90:c5:9b:f7:e5:46:d8:4e:4e:2d:fd:15:bb:af:14:b9:
94:b4:a3:b3:1b:0a:de:76:20:14:4e:3f:4c:4f:53:e0:65:80:
d3:7d:e8:a6:2b:0b:0b:cd:cc:cf:06:82:71:21:ef:2f:47:1f:
66:7f:c5:51:0c:7a:a7:7d:da:9b:1d:21:d7:1d:f9:00:62:3b:
e8:d6:c2:e5:64:ab:ac:2d:20:10:84:9f:b6:ed:05:c6:07:1f:
da:0e:64:a0:bb:53:8d:bf:de:9e:b4:5c:91:4c:12:d7:28:e9:
e5:f7:a3:59
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVtSurZK5Tfc8aEQKVI2qYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjMwMTAxMTIyNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQwNDViMjYyYjk1MzQ1ZTQzYzczMjQxNWIxMzkyMjMyMGFhMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRD8sjTQadx6LXCc8MpeEI13TlHu
vk4vt3Zx3I3mVXAG8wNUu6dfkuel8tIZC65wUaz44wj3jan9nskn5tN8s8bYoqie
WVGQ61Dz4PF1Uj4E4TUFXplho3uEOFWQ8ed8QQLG6HlJULnNlP39rtqWPW1LpDzx
S4fhFC6a/b/uvPqdXRoHPzFxDUdDf11ML6fX13SsOJY9cbqEIFGpjFXVloGXBGRc
+vwEwv4HFtTdvujudgwV6MUO/uJ8xbr7WJwQpUaf9OSpIt3ZfJOsVdfRgsLW8p6c
a6LYhxZKrdgmGvFXklqoUrfVp/iaQrLxNB43F7X44mMXrplQ7Grmz+Gc1QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJpARbJiuVNF5DxzJBWxOSIyCqGrMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvbWtCRnNtSzVVMFhrUEhNa0ZiRTVJaklLb2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgcpGzAN
BgkqhkiG9w0BAQsFAAOCAQEADE7b6nkY5JHwBMuugnyPH9PvC5E8uETaGjOfXe20
ClD7uUyyzKQmgU225MvIH6pvj/5hCG85wHyhziLhZfgVCKHPrSI5+FOwkDdKHTxi
QzhD7l81/Jn1Fr9dNTZhMul4yDUkh0stgE6HI2wtjQt1HrQYlDPJ9cSpPV6qCKvl
fvHzwvuqLOGb/cBupPnoBFIV2/iQxZv35UbYTk4t/RW7rxS5lLSjsxsK3nYgFE4/
TE9T4GWA033opisLC83MzwaCcSHvL0cfZn/FUQx6p33amx0h1x35AGI76NbC5WSr
rC0gEISftu0Fxgcf2g5koLtTjb/enrRckUwS1yjp5fejWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:54 2024 by rpki-client on console-ams.rpki-client.org