Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/M9uny4rY1hRqvDOjZqUkW-qwl-k.roa
File: M9uny4rY1hRqvDOjZqUkW-qwl-k.roa (raw, json)
Hash identifier: IKbC1Rmx1suyRe0qCGXus0whW/gNpvE1d6Jqa78CaiA=
Subject key identifier: 33:DB:A7:CB:8A:D8:D6:14:6A:BC:33:A3:66:A5:24:5B:EA:B0:97:E9
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 018CC64B79BE46A9D4753917995B79A4542B
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/M9uny4rY1hRqvDOjZqUkW-qwl-k.roa
Signing time: Mon 01 Jan 2024 18:31:24 +0000
ROA not before: Mon 01 Jan 2024 18:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138987
IP address blocks: 2a0d:1a40:faf::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:79:be:46:a9:d4:75:39:17:99:5b:79:a4:54:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 1 18:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33dba7cb8ad8d6146abc33a366a5245beab097e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a8:eb:51:b0:76:d2:fa:75:18:f2:76:5a:ce:
4e:93:50:e1:0e:aa:29:90:f9:45:88:bf:fe:05:9a:
56:31:8c:1e:23:a2:a0:b7:44:69:04:47:12:a3:49:
c4:3d:ec:2a:7c:9c:a0:49:cd:be:0c:a0:bd:c4:4d:
e3:5c:b7:94:7d:fd:91:e9:f2:1a:16:a0:05:1a:cf:
92:5b:31:09:2e:66:ea:47:da:d4:98:16:f5:81:08:
df:de:79:a6:c8:f5:b5:1b:7d:08:0a:f6:c0:56:c3:
e6:fa:a2:be:d7:70:bc:08:de:23:cc:e9:11:99:b5:
a8:b8:0c:72:e9:31:12:3f:d2:5a:f9:67:b6:b5:53:
43:b1:a7:5c:2e:f4:9c:06:c3:81:45:ff:50:25:a2:
96:33:84:7f:04:88:0a:63:3f:82:e8:e8:17:cc:b5:
78:8d:22:a8:8d:e5:1b:29:f1:ba:66:9b:3f:3f:0b:
38:1a:9b:6f:8d:50:f4:ae:ee:c9:bc:9e:73:04:e4:
b5:98:39:f7:69:9c:c6:16:c4:d5:d7:1e:46:55:77:
85:7e:62:11:be:ed:9d:c9:ed:ef:69:bf:40:ea:3c:
c0:4e:54:8c:14:a4:9f:a3:a2:1e:80:97:d0:02:f8:
3d:b4:9a:4d:5b:55:82:b2:4c:98:92:b7:a8:bd:d8:
93:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DB:A7:CB:8A:D8:D6:14:6A:BC:33:A3:66:A5:24:5B:EA:B0:97:E9
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/M9uny4rY1hRqvDOjZqUkW-qwl-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:1a40:faf::/48
Signature Algorithm: sha256WithRSAEncryption
5c:33:0d:f0:1f:11:12:4a:39:17:7e:1d:ef:04:89:1d:9d:2c:
b2:6b:1c:0a:89:60:d9:c6:6a:24:b3:79:47:e4:16:59:66:1c:
7f:c9:1d:c8:48:5d:ce:d5:8e:dd:93:c3:02:69:b8:cc:7c:d9:
3d:57:a3:8e:54:03:29:1b:5b:f5:93:48:a2:9e:44:b4:ca:d8:
a2:68:59:10:b3:ef:98:36:54:76:19:26:8b:cb:7c:6e:d4:bf:
fd:56:87:b4:7a:9c:46:91:b6:19:78:e2:f5:bb:16:ac:68:1a:
9e:d3:4f:a2:7b:a2:cb:be:48:85:b4:92:80:ab:0c:3f:5f:26:
40:1b:05:32:65:61:ad:2b:a3:61:6b:b5:1c:77:5e:a9:51:85:
84:54:20:0d:64:0b:85:d7:ef:3a:9c:97:69:79:e6:00:e8:fd:
67:01:32:69:ee:aa:af:0f:a2:67:0c:57:db:c1:cf:48:a4:d5:
2a:52:30:4f:62:de:e0:67:47:15:c6:0e:a7:6b:46:b3:b1:b6:
16:96:11:10:65:46:f6:35:93:75:80:52:a2:9b:67:c9:e7:ec:
d6:48:6b:08:2a:af:0e:bb:bc:d7:ab:32:cd:be:02:8d:6c:71:
6f:a4:a7:46:53:ab:29:32:e3:08:c2:9c:32:11:6c:00:64:50:
94:13:cd:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzGS3m+RqnUdTkXmVt5pFQrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjQwMTAxMTgzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RiYTdjYjhhZDhkNjE0NmFiYzMzYTM2NmE1MjQ1YmVhYjA5N2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKjrUbB20vp1GPJ2Ws5Ok1DhDqop
kPlFiL/+BZpWMYweI6Kgt0RpBEcSo0nEPewqfJygSc2+DKC9xE3jXLeUff2R6fIa
FqAFGs+SWzEJLmbqR9rUmBb1gQjf3nmmyPW1G30ICvbAVsPm+qK+13C8CN4jzOkR
mbWouAxy6TESP9Ja+We2tVNDsadcLvScBsOBRf9QJaKWM4R/BIgKYz+C6OgXzLV4
jSKojeUbKfG6Zps/Pws4GptvjVD0ru7JvJ5zBOS1mDn3aZzGFsTV1x5GVXeFfmIR
vu2dye3vab9A6jzATlSMFKSfo6IegJfQAvg9tJpNW1WCskyYkreovdiTTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDPbp8uK2NYUarwzo2alJFvqsJfpMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEvTTl1bnk0clkxaFJxdkRPalpxVWtXLXF3bC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg0aQA+v
MA0GCSqGSIb3DQEBCwUAA4IBAQBcMw3wHxESSjkXfh3vBIkdnSyyaxwKiWDZxmok
s3lH5BZZZhx/yR3ISF3O1Y7dk8MCabjMfNk9V6OOVAMpG1v1k0iinkS0ytiiaFkQ
s++YNlR2GSaLy3xu1L/9Voe0epxGkbYZeOL1uxasaBqe00+ie6LLvkiFtJKAqww/
XyZAGwUyZWGtK6Nha7Ucd16pUYWEVCANZAuF1+86nJdpeeYA6P1nATJp7qqvD6Jn
DFfbwc9IpNUqUjBPYt7gZ0cVxg6na0azsbYWlhEQZUb2NZN1gFKim2fJ5+zWSGsI
Kq8Ou7zXqzLNvgKNbHFvpKdGU6spMuMIwpwyEWwAZFCUE82l
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:41:40 2025 by rpki-client