Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/MOLDfd6vQAlbGb_BlTREXSGtxdo.roa
File: MOLDfd6vQAlbGb_BlTREXSGtxdo.roa (raw, json)
Hash identifier: j8vzmWi/x6bId28yZO+vFS2sWctcaGoJ8eESo9zA4BI=
Subject key identifier: 30:E2:C3:7D:DE:AF:40:09:5B:19:BF:C1:95:34:44:5D:21:AD:C5:DA
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0194221F47266AFEAA8E68F3E74053372D4C
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/MOLDfd6vQAlbGb_BlTREXSGtxdo.roa
Signing time: Wed 01 Jan 2025 13:47:42 +0000
ROA not before: Wed 01 Jan 2025 13:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 Jan 2025 10:21:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:47:26:6a:fe:aa:8e:68:f3:e7:40:53:37:2d:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jan 1 13:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30e2c37ddeaf40095b19bfc19534445d21adc5da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ff:73:d5:8e:43:41:38:fc:4f:2c:69:f3:5e:
fb:8e:dc:ba:44:03:ab:3d:67:73:27:4a:c2:c4:fc:
1d:9b:3f:bf:fc:7d:56:10:ad:e3:ef:4d:8a:50:57:
4d:6d:86:73:32:57:a8:d9:58:9d:37:ef:d0:2d:82:
36:0c:d2:72:22:40:fd:e7:ac:c5:aa:83:2b:35:d1:
79:01:23:2f:a8:b9:c1:54:09:26:3c:cd:cc:44:05:
e7:98:7c:2a:a9:ce:e6:10:ab:d9:d0:93:f1:1f:67:
f1:34:e6:86:a9:0a:a7:fd:1d:ea:47:a5:96:01:f5:
08:22:0b:87:07:94:3f:f1:66:bf:b1:ea:ec:fb:11:
c3:ea:13:fb:ca:ec:d3:ca:da:b1:cf:f3:ad:40:f2:
7a:31:1e:1d:88:7f:ba:1f:a9:b2:82:d3:15:cd:3c:
54:8d:f7:24:96:3a:1b:92:6f:4d:8d:27:44:53:3d:
ff:5f:2c:d1:66:5f:bf:f6:3d:35:7e:46:0f:b9:be:
5d:fe:89:54:b3:a6:96:67:d0:3d:87:00:f7:39:94:
7e:2b:52:07:c0:65:99:80:91:b5:2f:db:82:c2:1c:
d3:78:a6:46:7e:46:9d:f2:64:fd:b0:99:8a:e5:b1:
cb:f7:41:91:91:35:18:93:11:54:55:da:d6:81:f6:
2e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E2:C3:7D:DE:AF:40:09:5B:19:BF:C1:95:34:44:5D:21:AD:C5:DA
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/MOLDfd6vQAlbGb_BlTREXSGtxdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:14:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:5f:3b:0e:11:d0:8e:02:5c:bc:dc:d7:80:f1:58:3e:a6:12:
b9:42:07:11:67:87:c8:59:09:4b:d6:4b:e0:87:7b:5e:6a:6b:
f8:0c:ec:0b:ba:36:53:9d:73:9a:cb:32:a3:da:ae:60:90:2f:
a4:ea:0e:8d:8b:a5:b4:60:71:11:f6:98:24:52:e2:80:87:8c:
28:32:a9:9f:db:66:36:b3:5a:28:74:43:aa:e8:65:1d:ac:cd:
ed:1e:db:8e:88:77:63:0a:f0:e0:80:e8:9a:38:83:fe:0c:d3:
41:86:7d:75:07:10:76:61:9c:1f:ed:3f:90:54:f9:34:6b:12:
c6:9f:d1:6b:41:f7:a1:11:6a:19:8d:41:bf:38:a6:c9:b9:19:
d9:be:0c:1b:79:a4:8e:ad:2f:8d:d0:41:3a:9a:b4:e7:f4:95:
b5:72:f9:e5:a6:c9:62:01:1d:3e:35:be:58:7a:4a:a1:3c:a9:
64:51:bd:d0:bd:cc:43:99:c8:2f:59:3d:79:d5:88:6b:1c:48:
ed:94:c4:ee:f6:6a:09:84:93:25:f2:8b:2a:12:44:85:0d:a2:
65:75:8c:48:03:e1:a4:fe:c8:d7:84:b5:76:a4:be:9d:ca:cc:
15:e8:77:17:83:8c:1f:6a:aa:73:f0:cc:80:36:cb:ea:d1:30:
2a:3b:a9:67
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQiH0cmav6qjmjz50BTNy1MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwMTAxMTM0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGUyYzM3ZGRlYWY0MDA5NWIxOWJmYzE5NTM0NDQ1ZDIxYWRjNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP9z1Y5DQTj8Tyxp8177jty6RAOr
PWdzJ0rCxPwdmz+//H1WEK3j702KUFdNbYZzMleo2VidN+/QLYI2DNJyIkD956zF
qoMrNdF5ASMvqLnBVAkmPM3MRAXnmHwqqc7mEKvZ0JPxH2fxNOaGqQqn/R3qR6WW
AfUIIguHB5Q/8Wa/sers+xHD6hP7yuzTytqxz/OtQPJ6MR4diH+6H6mygtMVzTxU
jfckljobkm9NjSdEUz3/XyzRZl+/9j01fkYPub5d/olUs6aWZ9A9hwD3OZR+K1IH
wGWZgJG1L9uCwhzTeKZGfkad8mT9sJmK5bHL90GRkTUYkxFUVdrWgfYuUwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDDiw33er0AJWxm/wZU0RF0hrcXaMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvTU9MRGZkNnZRQWxiR2JfQmxUUkVYU0d0eGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwAqDdlAABQwDQYJKoZIhvcNAQELBQADggEBAGBfOw4R0I4C
XLzc14DxWD6mErlCBxFnh8hZCUvWS+CHe15qa/gM7Au6NlOdc5rLMqParmCQL6Tq
Do2LpbRgcRH2mCRS4oCHjCgyqZ/bZjazWih0Q6roZR2sze0e246Id2MK8OCA6Jo4
g/4M00GGfXUHEHZhnB/tP5BU+TRrEsaf0WtB96ERahmNQb84psm5Gdm+DBt5pI6t
L43QQTqatOf0lbVy+eWmyWIBHT41vlh6SqE8qWRRvdC9zEOZyC9ZPXnViGscSO2U
xO72agmEkyXyiyoSRIUNomV1jEgD4aT+yNeEtXakvp3KzBXodxeDjB9qqnPwzIA2
y+rRMCo7qWc=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:55:31 2025 by rpki-client