Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/Mhe-DiDiWzO6cNoqCkAD4Ax_M8E.roa
File: Mhe-DiDiWzO6cNoqCkAD4Ax_M8E.roa (raw, json)
Hash identifier: 28fZ5uSVUyB+1QqMleXw+Yp0J930J9CoEZkGIvL8h7Q=
Subject key identifier: 32:17:BE:0E:20:E2:5B:33:BA:70:DA:2A:0A:40:03:E0:0C:7F:33:C1
Certificate issuer: /CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Certificate serial: 018CCA29958C2FC3A2B50DF77E785E812E19
Authority key identifier: D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/Mhe-DiDiWzO6cNoqCkAD4Ax_M8E.roa
Signing time: Tue 02 Jan 2024 12:32:52 +0000
ROA not before: Tue 02 Jan 2024 12:32:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2a11:9c80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:95:8c:2f:c3:a2:b5:0d:f7:7e:78:5e:81:2e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34fa6be3f5c38f4bb7e062b6707747f4961a048
Validity
Not Before: Jan 2 12:32:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3217be0e20e25b33ba70da2a0a4003e00c7f33c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d7:24:ec:3d:8a:7c:f9:69:5e:0b:88:6f:05:
e8:42:82:51:59:60:e1:69:50:bb:c9:75:2b:2a:b0:
90:c5:17:c6:53:43:91:bf:f8:2a:6d:65:28:bf:57:
21:c3:fd:77:00:1d:03:65:ca:f3:36:75:a5:b2:ec:
87:23:5a:df:ee:ab:45:05:d1:db:7b:22:47:80:90:
bf:64:45:1c:e2:6a:3d:62:59:db:5d:e9:0d:1d:98:
0d:a4:03:50:aa:12:bb:fc:c3:b5:2a:1e:c6:b6:ac:
bb:ef:8f:d6:44:77:93:bb:9f:ad:ae:c5:b6:30:16:
06:40:d5:bb:c2:a4:f1:8b:d3:30:c5:f6:5e:a9:e4:
d5:22:2c:40:7e:fa:67:09:ec:3c:ac:c8:00:5a:96:
72:91:b6:55:99:30:fa:d8:3d:41:b2:f9:4e:e6:22:
2d:9d:96:90:ab:3b:76:e8:72:d5:2d:e4:38:85:60:
56:ee:d7:c5:c0:f7:40:9c:ce:d8:e1:43:f8:66:9f:
db:9b:aa:18:45:bf:fc:74:9d:ee:04:06:f7:c5:4b:
da:f8:54:89:9c:70:12:ce:05:2f:1c:82:54:bb:5e:
2a:b2:01:bb:48:27:08:8f:3a:61:ad:c5:73:86:ce:
b4:5e:72:6d:01:69:9b:46:34:06:84:7a:39:d0:62:
43:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:17:BE:0E:20:E2:5B:33:BA:70:DA:2A:0A:40:03:E0:0C:7F:33:C1
X509v3 Authority Key Identifier:
keyid:D3:4F:A6:BE:3F:5C:38:F4:BB:7E:06:2B:67:07:74:7F:49:61:A0:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00-mvj9cOPS7fgYrZwd0f0lhoEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/Mhe-DiDiWzO6cNoqCkAD4Ax_M8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3bc707-76e7-4987-befa-981184dee131/1/00-mvj9cOPS7fgYrZwd0f0lhoEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
a0:41:01:a1:70:a3:2c:02:41:a3:ad:e4:53:a2:e4:e6:be:8f:
41:d6:40:40:c1:a4:c3:b2:9d:8c:2d:99:cb:49:76:f0:96:ee:
d0:9d:b1:ef:ba:54:63:f8:95:bf:98:3a:fa:ef:44:62:65:9a:
57:ab:d0:17:3b:ef:0d:6c:78:f6:cd:2e:f8:4d:92:98:e9:28:
75:5b:0a:bc:22:ef:c8:64:66:df:45:d0:f6:84:49:dd:69:8d:
9b:23:b6:c3:ed:a5:4e:31:ed:4f:de:b2:e6:43:f2:36:d0:af:
7d:b1:ed:ef:c8:d4:97:a8:2f:bd:1f:1b:44:cf:fb:a2:30:d2:
f5:c4:7e:a7:f0:1b:11:ff:d0:b3:df:1e:29:ba:00:8d:f8:1f:
8e:49:6e:ea:01:95:1a:f2:63:48:b7:16:e5:a0:d0:7f:c6:8a:
11:a2:23:a7:73:94:19:a5:5a:d3:52:d4:c3:fa:e2:1b:11:fa:
f9:75:d0:99:94:37:16:f5:06:60:71:e5:6c:00:f3:74:a0:e5:
2d:4a:f6:0e:8e:32:4d:56:c9:50:c3:4b:df:9e:60:87:76:5a:
67:1f:41:7b:38:6c:0c:27:d6:9c:18:f4:0f:8a:9c:8c:05:60:
22:0b:39:22:75:99:2c:9c:51:82:df:3f:88:0a:2a:8d:6f:70:
d5:5d:30:34
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzKKZWML8OitQ33fnhegS4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZhNmJlM2Y1YzM4ZjRiYjdlMDYyYjY3MDc3NDdmNDk2
MWEwNDgwHhcNMjQwMTAyMTIzMjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjE3YmUwZTIwZTI1YjMzYmE3MGRhMmEwYTQwMDNlMDBjN2YzM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNck7D2KfPlpXguIbwXoQoJRWWDh
aVC7yXUrKrCQxRfGU0ORv/gqbWUov1chw/13AB0DZcrzNnWlsuyHI1rf7qtFBdHb
eyJHgJC/ZEUc4mo9YlnbXekNHZgNpANQqhK7/MO1Kh7Gtqy774/WRHeTu5+trsW2
MBYGQNW7wqTxi9MwxfZeqeTVIixAfvpnCew8rMgAWpZykbZVmTD62D1BsvlO5iIt
nZaQqzt26HLVLeQ4hWBW7tfFwPdAnM7Y4UP4Zp/bm6oYRb/8dJ3uBAb3xUva+FSJ
nHASzgUvHIJUu14qsgG7SCcIjzphrcVzhs60XnJtAWmbRjQGhHo50GJD1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDIXvg4g4lszunDaKgpAA+AMfzPBMB8GA1UdIwQY
MBaAFNNPpr4/XDj0u34GK2cHdH9JYaBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEt
OTgxMTg0ZGVlMTMxLzEvTWhlLURpRGlXek82Y05vcUNrQUQ0QXhfTThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zYmM3MDctNzZlNy00OTg3LWJlZmEtOTgxMTg0ZGVlMTMx
LzEvMDAtbXZqOWNPUFM3ZmdZclp3ZDBmMGxob0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGcgDAN
BgkqhkiG9w0BAQsFAAOCAQEAoEEBoXCjLAJBo63kU6Lk5r6PQdZAQMGkw7KdjC2Z
y0l28Jbu0J2x77pUY/iVv5g6+u9EYmWaV6vQFzvvDWx49s0u+E2SmOkodVsKvCLv
yGRm30XQ9oRJ3WmNmyO2w+2lTjHtT96y5kPyNtCvfbHt78jUl6gvvR8bRM/7ojDS
9cR+p/AbEf/Qs98eKboAjfgfjklu6gGVGvJjSLcW5aDQf8aKEaIjp3OUGaVa01LU
w/riGxH6+XXQmZQ3FvUGYHHlbADzdKDlLUr2Do4yTVbJUMNL355gh3ZaZx9Bezhs
DCfWnBj0D4qcjAVgIgs5InWZLJxRgt8/iAoqjW9w1V0wNA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:51:04 2025 by rpki-client