Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MgtcCWz-qvovamYhHULrw6RIVdY.roa
File: MgtcCWz-qvovamYhHULrw6RIVdY.roa (raw, json)
Hash identifier: ivKFFX5tyF1U8vQXLvtbW9SrOCpnRnoFpSdo/JC22vY=
Subject key identifier: 32:0B:5C:09:6C:FE:AA:FA:2F:6A:66:21:1D:42:EB:C3:A4:48:55:D6
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 018D7F94904888F0BE418107F6D60B686302
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MgtcCWz-qvovamYhHULrw6RIVdY.roa
Signing time: Tue 06 Feb 2024 18:00:59 +0000
ROA not before: Tue 06 Feb 2024 18:00:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199742
IP address blocks: 2a0f:b241:34::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 04:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:94:90:48:88:f0:be:41:81:07:f6:d6:0b:68:63:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 6 18:00:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=320b5c096cfeaafa2f6a66211d42ebc3a44855d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:eb:6b:86:db:e9:cf:6e:7f:79:46:b6:89:38:
33:7b:7d:f7:c7:d7:d6:5f:c9:dd:50:ba:ef:b0:82:
1f:5d:28:ba:37:cc:01:68:4b:93:60:94:c3:c7:bd:
fe:bf:6f:fc:12:aa:19:87:83:60:13:a3:c9:96:30:
ec:fd:a9:74:01:ec:1a:17:2e:99:95:be:18:7b:ee:
76:6d:08:21:75:36:d2:b1:30:ca:54:a6:97:36:ac:
aa:4d:0b:fe:18:e3:b6:6c:68:12:18:07:f0:04:00:
4d:ed:3d:1b:8a:61:94:08:7e:fe:84:1d:b6:2a:58:
aa:fe:81:71:05:fa:28:a4:94:2b:ba:4b:f5:77:07:
e9:f6:a6:34:1e:86:34:e2:86:b0:69:c1:15:ee:fa:
e6:8d:03:19:33:c9:2a:c1:cc:ac:22:40:db:7e:a2:
8c:d7:be:61:c4:1a:a6:54:eb:29:ad:c4:ad:30:c2:
48:73:ac:9c:53:e6:9f:0a:ed:62:fb:8c:2f:9c:37:
34:ca:d3:93:19:da:e7:6a:85:f4:46:41:09:f7:3a:
05:72:cc:b8:16:5f:20:c6:43:5b:01:da:98:8a:23:
f9:23:70:96:aa:2c:25:65:8d:63:9c:d7:86:04:d2:
07:f3:b3:9c:d0:f1:dc:8f:50:e6:f9:f7:5f:2c:eb:
c7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0B:5C:09:6C:FE:AA:FA:2F:6A:66:21:1D:42:EB:C3:A4:48:55:D6
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/MgtcCWz-qvovamYhHULrw6RIVdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b241:34::/48
Signature Algorithm: sha256WithRSAEncryption
4d:80:98:9b:bf:c1:8d:36:60:2f:ef:73:e3:d1:d4:ba:7a:5d:
57:f6:a5:b7:5d:b2:61:ed:ea:f0:13:fb:be:be:2b:37:b0:74:
9f:26:4f:56:f4:1a:a6:de:3b:43:4b:f9:cf:70:7d:5c:8a:c8:
26:c7:35:ee:17:95:6c:a9:73:5d:04:a7:ee:a8:52:a5:59:ce:
2e:3a:ba:7b:07:a3:30:f2:5d:cf:5e:99:e6:9b:87:84:f3:ac:
e2:83:38:c9:e2:d2:4e:5d:c5:72:70:39:b0:bb:f1:6f:ec:67:
f0:86:ae:fe:d8:ff:66:28:02:d6:d8:82:56:b5:c9:96:73:b6:
18:e8:14:1a:35:85:dd:8b:8f:b2:7f:38:2f:7a:19:37:6a:d2:
29:98:5f:6c:2f:d0:54:b5:bd:45:59:ef:e7:1e:53:d1:dc:0a:
c8:4d:1f:f7:49:2c:bb:ae:58:51:18:bc:02:65:f5:66:de:2d:
40:69:e9:67:7e:b3:28:96:5a:99:18:0a:a1:7a:04:00:cf:60:
7d:8e:b0:af:ed:50:29:fa:01:3d:4b:19:c2:f2:20:97:cd:43:
aa:bf:3d:45:ff:82:c5:a4:01:36:4f:55:af:ff:17:1c:ca:74:
f4:01:a4:e0:27:e5:8c:cf:3e:3c:20:96:a2:39:ce:25:61:de:
aa:58:fc:11
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY1/lJBIiPC+QYEH9tYLaGMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjQwMjA2MTgwMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBiNWMwOTZjZmVhYWZhMmY2YTY2MjExZDQyZWJjM2E0NDg1NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOtrhtvpz25/eUa2iTgze333x9fW
X8ndULrvsIIfXSi6N8wBaEuTYJTDx73+v2/8EqoZh4NgE6PJljDs/al0AewaFy6Z
lb4Ye+52bQghdTbSsTDKVKaXNqyqTQv+GOO2bGgSGAfwBABN7T0bimGUCH7+hB22
Kliq/oFxBfoopJQrukv1dwfp9qY0HoY04oawacEV7vrmjQMZM8kqwcysIkDbfqKM
175hxBqmVOsprcStMMJIc6ycU+afCu1i+4wvnDc0ytOTGdrnaoX0RkEJ9zoFcsy4
Fl8gxkNbAdqYiiP5I3CWqiwlZY1jnNeGBNIH87Oc0PHcj1Dm+fdfLOvHywIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDILXAls/qr6L2pmIR1C68OkSFXWMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvTWd0Y0NXei1xdm92YW1ZaEhVTHJ3NlJJVmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+yQQA0
MA0GCSqGSIb3DQEBCwUAA4IBAQBNgJibv8GNNmAv73Pj0dS6el1X9qW3XbJh7erw
E/u+vis3sHSfJk9W9Bqm3jtDS/nPcH1cisgmxzXuF5VsqXNdBKfuqFKlWc4uOrp7
B6Mw8l3PXpnmm4eE86zigzjJ4tJOXcVycDmwu/Fv7Gfwhq7+2P9mKALW2IJWtcmW
c7YY6BQaNYXdi4+yfzgvehk3atIpmF9sL9BUtb1FWe/nHlPR3ArITR/3SSy7rlhR
GLwCZfVm3i1AaelnfrMollqZGAqhegQAz2B9jrCv7VAp+gE9SxnC8iCXzUOqvz1F
/4LFpAE2T1Wv/xccynT0AaTgJ+WMzz48IJaiOc4lYd6qWPwR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:11 2024 by rpki-client on console-fra.rpki-client.org