Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/mkoBZZlfGbs9OmXjIQeLixYtTKE.roa
File: mkoBZZlfGbs9OmXjIQeLixYtTKE.roa (raw, json)
Hash identifier: NLXhXFLtyI6J9X6Vwd4AMjZ6Bn96mOZtMuSnzC6t8ao=
Subject key identifier: 9A:4A:01:65:99:5F:19:BB:3D:3A:65:E3:21:07:8B:8B:16:2D:4C:A1
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 01904876DD0A5D2C71EAC8B46F2F4C28A8DF
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/mkoBZZlfGbs9OmXjIQeLixYtTKE.roa
Signing time: Mon 24 Jun 2024 04:17:47 +0000
ROA not before: Mon 24 Jun 2024 04:17:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60262
IP address blocks: 2a11:cc0::/29 maxlen: 29
2a11:1900::/29 maxlen: 29
2a11:23c0::/29 maxlen: 29
2a11:3ac0::/29 maxlen: 29
2a11:4f40::/29 maxlen: 29
2a11:79c0::/29 maxlen: 29
2a11:8dc0::/29 maxlen: 29
2a11:9500::/29 maxlen: 29
2a11:9b80::/29 maxlen: 29
2a11:a200::/29 maxlen: 29
2a11:b7c0::/29 maxlen: 29
2a11:b800::/29 maxlen: 29
2a11:c400::/29 maxlen: 29
2a11:e500::/29 maxlen: 29
2a11:f5c0::/29 maxlen: 29
2a12:2a00::/29 maxlen: 29
2a12:3100::/29 maxlen: 29
2a12:5180::/29 maxlen: 29
2a12:7a00::/29 maxlen: 29
2a12:9a80::/29 maxlen: 29
2a12:cb00::/29 maxlen: 29
2a12:da80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:48:76:dd:0a:5d:2c:71:ea:c8:b4:6f:2f:4c:28:a8:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Jun 24 04:17:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a4a0165995f19bb3d3a65e321078b8b162d4ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:49:f1:53:09:02:30:df:0b:bc:1f:01:aa:6b:
dc:e8:12:f2:e9:76:6f:0c:3e:50:12:c7:1a:f9:24:
40:fa:e3:3c:c4:cf:f7:cd:b8:d2:97:b7:90:d8:69:
74:c7:2b:b4:73:fe:01:39:f1:4a:20:ea:66:a6:a6:
26:71:6f:40:a9:83:bc:2c:ce:92:98:46:36:47:04:
30:d7:eb:7e:96:40:01:8a:6e:7b:46:1d:81:04:0d:
98:a7:72:f3:cc:5e:61:50:88:75:66:c5:91:45:10:
89:eb:cf:83:f7:c2:b4:b9:6c:ac:90:2f:ca:cb:5e:
59:82:ff:17:a9:ff:5b:33:68:5f:a9:34:4d:1d:59:
21:71:c1:ca:bb:73:54:d4:f7:58:bd:a6:11:fd:8f:
36:2c:d4:97:a1:a1:69:47:b9:c9:b1:e0:cd:f1:fc:
1c:3e:a1:cc:f2:a0:78:70:65:a5:db:46:2a:56:ce:
b2:1e:99:8e:24:75:19:14:3b:88:b4:45:a1:a2:f8:
a4:73:53:30:58:c9:35:d3:33:57:9a:43:e9:3c:67:
34:1c:9c:41:62:f6:9a:27:15:6c:ab:6e:f0:f9:2b:
25:ca:5e:6f:30:cc:d3:77:db:aa:f8:52:22:70:3f:
02:bb:65:b7:ad:70:64:4b:51:fd:8e:af:f4:e2:33:
e5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:4A:01:65:99:5F:19:BB:3D:3A:65:E3:21:07:8B:8B:16:2D:4C:A1
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/mkoBZZlfGbs9OmXjIQeLixYtTKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:cc0::/29
2a11:1900::/29
2a11:23c0::/29
2a11:3ac0::/29
2a11:4f40::/29
2a11:79c0::/29
2a11:8dc0::/29
2a11:9500::/29
2a11:9b80::/29
2a11:a200::/29
2a11:b7c0::/29
2a11:b800::/29
2a11:c400::/29
2a11:e500::/29
2a11:f5c0::/29
2a12:2a00::/29
2a12:3100::/29
2a12:5180::/29
2a12:7a00::/29
2a12:9a80::/29
2a12:cb00::/29
2a12:da80::/29
Signature Algorithm: sha256WithRSAEncryption
d2:11:39:57:7c:33:32:2c:fe:1b:b3:fb:48:44:08:8f:6b:9e:
56:70:b8:2b:9d:34:bc:05:41:a0:3f:06:e8:06:9d:04:c0:27:
3b:6e:89:8d:d7:85:b5:5b:2f:18:4d:83:3d:77:ec:83:fa:59:
32:6f:ec:77:0b:29:5e:44:1e:cb:91:47:51:67:d9:12:4a:6a:
f7:bb:c0:4b:cb:4d:6c:1b:ba:3f:89:81:55:72:14:46:44:84:
6f:f7:cd:25:3e:33:e3:2a:a5:cd:4f:58:7e:26:67:bf:73:2c:
6f:d0:2f:49:73:25:ee:1d:96:ff:46:3b:5e:41:e1:43:a7:a8:
82:67:01:9a:92:81:bc:8e:1a:db:63:14:29:e7:e9:81:05:33:
8c:2c:3c:80:b1:7f:ee:96:72:f3:ac:e6:c2:f9:70:28:13:62:
c1:31:4a:69:4c:2c:d4:88:03:1e:f2:62:1f:af:dc:23:76:9e:
9b:a6:3e:f3:86:0e:31:e6:88:91:9b:b3:28:00:34:22:33:4e:
35:c8:13:4b:0a:82:38:4c:69:09:37:39:0f:bf:34:bc:d1:81:
e0:af:79:36:80:49:33:a5:13:bd:af:93:ee:53:3d:2d:ee:80:
fe:5e:e7:31:04:80:63:43:57:5c:71:f2:07:0d:13:01:4e:cb:
13:52:1e:5c
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZBIdt0KXSxx6si0by9MKKjfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjQwNjI0MDQxNzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTRhMDE2NTk5NWYxOWJiM2QzYTY1ZTMyMTA3OGI4YjE2MmQ0Y2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqknxUwkCMN8LvB8Bqmvc6BLy6XZv
DD5QEsca+SRA+uM8xM/3zbjSl7eQ2Gl0xyu0c/4BOfFKIOpmpqYmcW9AqYO8LM6S
mEY2RwQw1+t+lkABim57Rh2BBA2Yp3LzzF5hUIh1ZsWRRRCJ68+D98K0uWyskC/K
y15Zgv8Xqf9bM2hfqTRNHVkhccHKu3NU1PdYvaYR/Y82LNSXoaFpR7nJseDN8fwc
PqHM8qB4cGWl20YqVs6yHpmOJHUZFDuItEWhovikc1MwWMk10zNXmkPpPGc0HJxB
YvaaJxVsq27w+Sslyl5vMMzTd9uq+FIicD8Cu2W3rXBkS1H9jq/04jPlXQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFJpKAWWZXxm7PTpl4yEHi4sWLUyhMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvbWtvQlpabGZHYnM5T21YaklRZUxpeFl0VEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAIwgZoDBQMq
EQzAAwUDKhEZAAMFAyoRI8ADBQMqETrAAwUDKhFPQAMFAyoRecADBQMqEY3AAwUD
KhGVAAMFAyoRm4ADBQMqEaIAAwUDKhG3wAMFAyoRuAADBQMqEcQAAwUDKhHlAAMF
AyoR9cADBQMqEioAAwUDKhIxAAMFAyoSUYADBQMqEnoAAwUDKhKagAMFAyoSywAD
BQMqEtqAMA0GCSqGSIb3DQEBCwUAA4IBAQDSETlXfDMyLP4bs/tIRAiPa55WcLgr
nTS8BUGgPwboBp0EwCc7bomN14W1Wy8YTYM9d+yD+lkyb+x3CyleRB7LkUdRZ9kS
Smr3u8BLy01sG7o/iYFVchRGRIRv980lPjPjKqXNT1h+Jme/cyxv0C9JcyXuHZb/
RjteQeFDp6iCZwGakoG8jhrbYxQp5+mBBTOMLDyAsX/ulnLzrObC+XAoE2LBMUpp
TCzUiAMe8mIfr9wjdp6bpj7zhg4x5oiRm7MoADQiM041yBNLCoI4TGkJNzkPvzS8
0YHgr3k2gEkzpRO9r5PuUz0t7oD+XucxBIBjQ1dccfIHDRMBTssTUh5c
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:25 2025 by rpki-client