Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/MkzG--2rTwyLpl6_5vv-DUApGqU.roa
File: MkzG--2rTwyLpl6_5vv-DUApGqU.roa (raw, json)
Hash identifier: fgeBKeICwmFkWjKdFYuS71BGh2z3DJulH4/XZiHJ6eM=
Subject key identifier: 32:4C:C6:FB:ED:AB:4F:0C:8B:A6:5E:BF:E6:FB:FE:0D:40:29:1A:A5
Certificate issuer: /CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Certificate serial: 0190A971041CDD2814289ECCAD4D2C106282
Authority key identifier: CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/MkzG--2rTwyLpl6_5vv-DUApGqU.roa
Signing time: Sat 13 Jul 2024 00:14:34 +0000
ROA not before: Sat 13 Jul 2024 00:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a14:7640::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 13 Jul 2024 03:35:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a9:71:04:1c:dd:28:14:28:9e:cc:ad:4d:2c:10:62:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd1f73345794ce4817ea99e8d8cfcea71bd78367
Validity
Not Before: Jul 13 00:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=324cc6fbedab4f0c8ba65ebfe6fbfe0d40291aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:83:99:b3:07:1f:2f:ae:19:61:ec:2d:dc:d0:
28:a6:dd:1b:12:8f:ce:ae:7c:f9:c4:bc:7a:ed:3f:
9a:f5:da:f4:d9:5f:a6:f9:ce:22:91:bb:fc:70:21:
7d:ed:27:fb:f5:75:11:6b:0e:c0:12:d1:f2:ac:d1:
c8:2d:a5:c5:fc:87:5e:63:5f:3c:47:22:3b:5d:55:
9a:17:95:c0:8a:0a:3a:e1:e0:0d:d2:2d:57:5f:fa:
88:62:c3:59:5b:20:87:60:c4:4d:bd:0c:4e:51:e8:
f4:fd:18:89:ab:78:8f:f0:39:41:a3:34:be:e7:07:
bb:0b:19:29:78:5f:03:ce:40:74:4a:1f:af:97:f5:
db:4e:70:d6:5c:8a:58:29:c0:65:e8:f1:e7:88:7e:
9a:7c:84:fa:26:df:f9:47:1b:6f:66:0d:36:e2:8f:
85:ec:87:92:d8:6a:56:38:a5:28:ee:21:24:cd:1c:
fb:4e:c1:10:62:34:72:ff:6c:76:11:23:79:42:93:
16:13:52:33:d4:05:dc:f8:9b:08:29:85:26:77:b4:
83:7f:e8:c4:73:85:e6:b9:94:bd:57:4a:1e:2c:d5:
0f:c6:77:a4:2a:75:f2:18:18:47:0e:4d:1f:d1:c1:
fc:ba:e9:a3:78:5e:fe:6d:d9:67:10:64:5d:db:f4:
e8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4C:C6:FB:ED:AB:4F:0C:8B:A6:5E:BF:E6:FB:FE:0D:40:29:1A:A5
X509v3 Authority Key Identifier:
keyid:CD:1F:73:34:57:94:CE:48:17:EA:99:E8:D8:CF:CE:A7:1B:D7:83:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zR9zNFeUzkgX6pno2M_OpxvXg2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/MkzG--2rTwyLpl6_5vv-DUApGqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/901170-e606-4fd1-8504-7f0d07ba4af3/1/zR9zNFeUzkgX6pno2M_OpxvXg2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7640::/48
Signature Algorithm: sha256WithRSAEncryption
0b:e8:0a:1e:8f:e8:15:9b:42:53:1d:60:ee:30:e2:9d:ed:30:
d1:74:50:7f:fc:d9:ae:c6:de:21:ab:75:e5:9e:b0:12:37:43:
c2:24:11:ae:32:3b:3a:bc:68:9e:7b:c7:32:28:46:91:10:54:
75:85:fe:22:2d:d2:7d:38:c5:8f:bf:de:77:92:da:9c:73:9b:
96:35:c4:63:cb:62:42:e4:a8:43:18:0c:60:91:be:73:54:1d:
d3:42:b8:20:05:f6:d4:2e:ea:5c:39:12:6c:85:b8:0f:66:1b:
0b:20:e0:26:93:e0:81:48:fa:0b:94:79:e5:e4:90:92:62:58:
b5:79:93:10:f9:3f:ff:9b:80:10:7a:3e:e0:52:75:84:1f:67:
d5:f8:8c:00:70:f5:e3:98:cd:c3:4e:14:4c:d4:69:c9:77:43:
e5:6e:8f:4a:d1:cd:02:70:98:5c:c9:32:a4:b3:d1:0a:67:e8:
2d:e7:18:70:97:ad:4d:d5:b0:a8:5d:4a:7d:85:4d:ad:5d:20:
b1:0d:d8:6d:e6:66:5e:00:cc:73:8a:d1:c8:c4:37:9b:1f:02:
d0:30:e8:4b:f3:47:f7:73:8e:b6:c8:56:3c:f4:c7:61:90:77:
a1:4a:8f:60:08:11:dc:d1:11:5f:d8:81:6b:d7:c8:f1:cd:63:
dd:af:b3:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZCpcQQc3SgUKJ7MrU0sEGKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMWY3MzM0NTc5NGNlNDgxN2VhOTllOGQ4Y2ZjZWE3MWJk
NzgzNjcwHhcNMjQwNzEzMDAxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRjYzZmYmVkYWI0ZjBjOGJhNjVlYmZlNmZiZmUwZDQwMjkxYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYOZswcfL64ZYewt3NAopt0bEo/O
rnz5xLx67T+a9dr02V+m+c4ikbv8cCF97Sf79XURaw7AEtHyrNHILaXF/IdeY188
RyI7XVWaF5XAigo64eAN0i1XX/qIYsNZWyCHYMRNvQxOUej0/RiJq3iP8DlBozS+
5we7CxkpeF8DzkB0Sh+vl/XbTnDWXIpYKcBl6PHniH6afIT6Jt/5RxtvZg024o+F
7IeS2GpWOKUo7iEkzRz7TsEQYjRy/2x2ESN5QpMWE1Iz1AXc+JsIKYUmd7SDf+jE
c4XmuZS9V0oeLNUPxnekKnXyGBhHDk0f0cH8uumjeF7+bdlnEGRd2/To0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDJMxvvtq08Mi6Zev+b7/g1AKRqlMB8GA1UdIwQY
MBaAFM0fczRXlM5IF+qZ6NjPzqcb14NnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQt
N2YwZDA3YmE0YWYzLzEvTWt6Ry0tMnJUd3lMcGw2XzV2di1EVUFwR3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MDExNzAtZTYwNi00ZmQxLTg1MDQtN2YwZDA3YmE0YWYz
LzEvelI5ek5GZVV6a2dYNnBubzJNX09weHZYZzJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR2QAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAL6Aoej+gVm0JTHWDuMOKd7TDRdFB//Nmuxt4h
q3XlnrASN0PCJBGuMjs6vGiee8cyKEaREFR1hf4iLdJ9OMWPv953ktqcc5uWNcRj
y2JC5KhDGAxgkb5zVB3TQrggBfbULupcORJshbgPZhsLIOAmk+CBSPoLlHnl5JCS
Yli1eZMQ+T//m4AQej7gUnWEH2fV+IwAcPXjmM3DThRM1GnJd0Plbo9K0c0CcJhc
yTKks9EKZ+gt5xhwl61N1bCoXUp9hU2tXSCxDdht5mZeAMxzitHIxDebHwLQMOhL
80f3c462yFY89MdhkHehSo9gCBHc0RFf2IFr18jxzWPdr7NT
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:46 2025 by rpki-client