Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/MH3IVjwW7SJt9MAT4KzPRF7K5MA.roa
File: MH3IVjwW7SJt9MAT4KzPRF7K5MA.roa (raw, json)
Hash identifier: Ht41CZWI8DsICxCLRKyd0Jdy1jxlkb+PLfG0wpfzudw=
Subject key identifier: 30:7D:C8:56:3C:16:ED:22:6D:F4:C0:13:E0:AC:CF:44:5E:CA:E4:C0
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 018CC5013E8082719878F20E401A05F5D332
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/MH3IVjwW7SJt9MAT4KzPRF7K5MA.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5401
IP address blocks: 2001:1440:201::/48 maxlen: 48
2001:1440:202::/48 maxlen: 48
2001:1440:202::/47 maxlen: 47
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3e:80:82:71:98:78:f2:0e:40:1a:05:f5:d3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=307dc8563c16ed226df4c013e0accf445ecae4c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:89:3d:17:ee:a9:82:37:34:b6:69:e4:6b:56:
36:70:44:9e:4e:fa:2e:c0:76:11:f4:fd:59:21:fe:
89:22:16:01:5a:bb:72:2a:82:c6:d7:7d:0c:ea:02:
9f:66:23:b5:2d:84:6a:32:6e:b5:5d:b9:02:44:58:
fa:b1:88:5a:fd:95:a9:92:fd:e9:b7:6b:fa:de:9f:
f2:43:d2:50:33:b5:a2:6e:ba:c9:ea:a0:66:10:92:
d5:b7:7a:e1:5c:f6:09:b8:62:8e:12:b7:47:d9:de:
fc:fa:28:bb:67:30:24:a0:94:c6:86:6c:7e:e4:8b:
42:b9:23:c8:58:c2:86:8a:48:81:2d:64:cc:6d:ee:
1c:67:01:46:50:55:ba:7e:86:fb:a7:c9:dd:b9:09:
c7:ea:61:bd:c0:9f:e9:80:72:c8:1f:16:c9:58:35:
5c:b2:df:36:04:db:a7:6d:05:94:50:13:4d:35:0c:
df:5c:d1:73:ff:0d:a1:53:e0:4c:cd:94:9c:5f:f2:
09:5c:4a:4f:4d:0e:11:76:0b:bb:b4:99:1e:6f:cc:
4e:8f:9e:d3:43:a5:35:5e:86:46:7f:34:7d:73:99:
7c:f4:f4:e3:9c:cc:fe:42:a6:a4:bb:2f:cc:86:04:
d6:ed:8e:83:51:6b:bb:5e:74:e6:55:72:95:b7:49:
ec:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7D:C8:56:3C:16:ED:22:6D:F4:C0:13:E0:AC:CF:44:5E:CA:E4:C0
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/MH3IVjwW7SJt9MAT4KzPRF7K5MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:1440:201::-2001:1440:203:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
18:7c:7b:4d:fa:aa:9d:21:14:18:35:b3:72:2b:8c:57:7f:78:
fb:98:c4:c1:1d:0e:11:4d:18:64:9e:a0:83:08:c1:6a:f0:00:
b8:d9:52:7f:2a:85:e4:40:6a:23:21:ec:42:af:83:6e:d3:06:
56:b7:a5:eb:a7:94:b6:c3:33:82:eb:0f:84:67:a4:e6:a5:e0:
52:83:07:e5:57:5d:3b:35:67:04:24:1d:1a:1d:7a:f2:08:4a:
38:6f:fb:99:2d:ef:ae:a7:4e:21:cb:26:d8:1a:8d:08:c9:b9:
6e:77:c7:f1:14:9f:9c:8b:14:75:e9:38:af:ad:6c:37:4a:a9:
45:9d:0a:4f:f8:23:a9:d3:59:00:23:44:b6:9e:f3:ca:ad:08:
0c:7d:a9:17:1b:57:ce:4f:ca:c7:8c:1d:4b:bb:ca:40:df:6d:
19:0d:66:2c:58:43:50:8f:20:97:be:cb:b7:03:70:4f:c3:4b:
f9:64:c3:75:4c:d8:7f:68:95:75:cc:2c:eb:b4:1f:ce:3b:b6:
5e:ce:43:5c:fe:43:1c:cb:f0:2a:de:b7:eb:96:d0:98:f6:26:
23:fd:a9:44:a1:64:1f:49:e1:8f:4c:4c:8a:8c:b5:38:6c:d1:
83:f3:7f:f7:65:ac:d8:5c:e2:2d:50:b9:ed:a6:e9:75:bf:fd:
0a:39:c6:33
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFAT6AgnGYePIOQBoF9dMyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTNmN2ZhMjM3Zjg5ZDAxMTIzM2JhYzczMjhjMjIxOWJh
N2Q2MmMwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDdkYzg1NjNjMTZlZDIyNmRmNGMwMTNlMGFjY2Y0NDVlY2FlNGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYk9F+6pgjc0tmnka1Y2cESeTvou
wHYR9P1ZIf6JIhYBWrtyKoLG130M6gKfZiO1LYRqMm61XbkCRFj6sYha/ZWpkv3p
t2v63p/yQ9JQM7WibrrJ6qBmEJLVt3rhXPYJuGKOErdH2d78+ii7ZzAkoJTGhmx+
5ItCuSPIWMKGikiBLWTMbe4cZwFGUFW6fob7p8nduQnH6mG9wJ/pgHLIHxbJWDVc
st82BNunbQWUUBNNNQzfXNFz/w2hU+BMzZScX/IJXEpPTQ4Rdgu7tJkeb8xOj57T
Q6U1XoZGfzR9c5l89PTjnMz+Qqakuy/MhgTW7Y6DUWu7XnTmVXKVt0ns4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDB9yFY8Fu0ibfTAE+Csz0ReyuTAMB8GA1UdIwQY
MBaAFPwT9/ojf4nQESM7rHMowiGbp9YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQt
ZDA3NDY0YjliMzc4LzEvTUgzSVZqd1c3U0p0OU1BVDRLelBSRjdLNU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQtZDA3NDY0YjliMzc4
LzEvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwAgARRA
AgEDBwIgARRAAgAwDQYJKoZIhvcNAQELBQADggEBABh8e036qp0hFBg1s3IrjFd/
ePuYxMEdDhFNGGSeoIMIwWrwALjZUn8qheRAaiMh7EKvg27TBla3peunlLbDM4Lr
D4RnpOal4FKDB+VXXTs1ZwQkHRodevIISjhv+5kt766nTiHLJtgajQjJuW53x/EU
n5yLFHXpOK+tbDdKqUWdCk/4I6nTWQAjRLae88qtCAx9qRcbV85PyseMHUu7ykDf
bRkNZixYQ1CPIJe+y7cDcE/DS/lkw3VM2H9olXXMLOu0H847tl7OQ1z+QxzL8Cre
t+uW0Jj2JiP9qUShZB9J4Y9MTIqMtThs0YPzf/dlrNhc4i1Que2m6XW//Qo5xjM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:13:28 2025 by rpki-client