Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/o_mxjddok1dOWiR3SQY5ZW71RAo.roa
File: o_mxjddok1dOWiR3SQY5ZW71RAo.roa (raw, json)
Hash identifier: Qi5Aq5NKfwR6kv6rV++J8b/9wdbTSCLUj/MtuzJ3R/A=
Subject key identifier: A3:F9:B1:8D:D7:68:93:57:4E:5A:24:77:49:06:39:65:6E:F5:44:0A
Certificate issuer: /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Certificate serial: 019027CD25FF932541468DF2A0816E07F18D
Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/o_mxjddok1dOWiR3SQY5ZW71RAo.roa
Signing time: Mon 17 Jun 2024 20:04:34 +0000
ROA not before: Mon 17 Jun 2024 20:04:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 2a05:9bc0::/29 maxlen: 29
2a05:9bc0::/32 maxlen: 32
2a05:9bc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Nov 2024 19:55:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:27:cd:25:ff:93:25:41:46:8d:f2:a0:81:6e:07:f1:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Validity
Not Before: Jun 17 20:04:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3f9b18dd76893574e5a2477490639656ef5440a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:82:a7:ae:6a:ad:62:68:4e:db:2b:14:a8:20:
8e:68:9f:4f:3a:79:13:64:0c:13:9d:71:d6:8b:18:
12:bd:d3:ef:25:84:ce:65:6c:a2:38:33:f8:13:67:
59:4d:c6:fa:ba:1f:30:c6:de:d6:5e:e2:fe:47:aa:
48:0e:11:85:41:37:63:cb:fe:65:73:1f:c7:17:1c:
95:e7:fd:fd:47:14:86:40:ce:cc:f3:31:4d:5e:3d:
9b:4e:5a:f4:cb:9a:34:dd:89:39:f8:b2:92:f5:a1:
c0:08:45:eb:d5:02:47:7d:a6:b7:2d:34:89:86:67:
85:8c:3b:79:aa:bc:c3:9b:0c:10:5b:ea:4b:54:50:
97:40:3d:ba:a9:b3:4f:09:14:4f:e4:9a:48:75:39:
fc:9e:c6:90:b8:21:07:8a:8c:0e:e0:26:fe:6c:8c:
cf:7d:79:9f:bd:7e:8a:04:8b:d7:dc:36:2b:e5:be:
93:d2:0b:92:35:99:e5:c0:6a:2e:6f:0e:2c:05:41:
2b:44:b9:a2:10:89:71:b3:c8:30:b5:82:b3:69:60:
e7:9b:d6:9f:7b:71:5e:ae:4e:d8:ff:97:5a:c6:3a:
bc:43:51:6a:e0:b6:2a:7c:4f:ef:3f:09:5a:4c:42:
c7:b9:d9:f7:0a:8b:41:80:09:ec:c9:9c:08:4d:eb:
8a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:F9:B1:8D:D7:68:93:57:4E:5A:24:77:49:06:39:65:6E:F5:44:0A
X509v3 Authority Key Identifier:
keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/o_mxjddok1dOWiR3SQY5ZW71RAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:5a:b9:49:79:f1:37:ef:89:f3:85:5f:2c:45:e2:77:06:cc:
e7:b6:b4:58:6c:f7:f2:21:8e:f8:92:6f:62:da:15:3d:c2:7a:
49:78:a1:ee:53:aa:13:ea:f1:3a:8f:61:4b:53:f6:0b:7d:1e:
01:37:71:35:86:84:e9:69:5c:90:25:93:eb:20:08:e6:6c:30:
7c:8e:11:f8:c8:db:3f:9b:cd:dc:0c:14:fc:21:79:46:63:01:
42:d0:c4:5e:30:43:6c:c5:52:74:22:4c:a5:ae:94:44:1b:a6:
6f:d9:b1:88:36:fa:7c:17:85:4a:19:d2:16:83:fc:1f:aa:0a:
9c:8b:14:9c:05:cb:3c:e6:de:7f:a2:21:39:48:ae:da:b5:23:
7c:53:d3:75:40:47:ce:89:bb:14:d9:48:67:31:73:7f:b8:5a:
80:ec:19:1b:da:af:27:c5:5a:87:15:97:92:ec:88:a6:26:53:
42:07:32:7d:d9:89:44:eb:60:47:96:13:d7:37:76:94:9c:f9:
06:c8:7a:77:72:da:36:34:a1:4c:ce:74:47:27:3a:f0:ce:9c:
85:83:08:f7:9d:05:72:1c:42:45:c4:1c:b9:9d:63:30:20:e8:
2f:03:27:f1:13:6f:55:22:0c:b4:13:d7:1e:c3:eb:7f:11:58:
77:0d:f3:c8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZAnzSX/kyVBRo3yoIFuB/GNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4
YjM0ZGYwHhcNMjQwNjE3MjAwNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Y5YjE4ZGQ3Njg5MzU3NGU1YTI0Nzc0OTA2Mzk2NTZlZjU0NDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24KnrmqtYmhO2ysUqCCOaJ9POnkT
ZAwTnXHWixgSvdPvJYTOZWyiODP4E2dZTcb6uh8wxt7WXuL+R6pIDhGFQTdjy/5l
cx/HFxyV5/39RxSGQM7M8zFNXj2bTlr0y5o03Yk5+LKS9aHACEXr1QJHfaa3LTSJ
hmeFjDt5qrzDmwwQW+pLVFCXQD26qbNPCRRP5JpIdTn8nsaQuCEHiowO4Cb+bIzP
fXmfvX6KBIvX3DYr5b6T0guSNZnlwGoubw4sBUErRLmiEIlxs8gwtYKzaWDnm9af
e3Ferk7Y/5daxjq8Q1Fq4LYqfE/vPwlaTELHudn3CotBgAnsyZwITeuKOQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKP5sY3XaJNXTlokd0kGOWVu9UQKMB8GA1UdIwQY
MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt
YzJlZmViM2IzMmE1LzEvb19teGpkZG9rMWRPV2lSM1NRWTVaVzcxUkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1
LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWbwDAN
BgkqhkiG9w0BAQsFAAOCAQEAjlq5SXnxN++J84VfLEXidwbM57a0WGz38iGO+JJv
YtoVPcJ6SXih7lOqE+rxOo9hS1P2C30eATdxNYaE6WlckCWT6yAI5mwwfI4R+Mjb
P5vN3AwU/CF5RmMBQtDEXjBDbMVSdCJMpa6URBumb9mxiDb6fBeFShnSFoP8H6oK
nIsUnAXLPObef6IhOUiu2rUjfFPTdUBHzom7FNlIZzFzf7hagOwZG9qvJ8VahxWX
kuyIpiZTQgcyfdmJROtgR5YT1zd2lJz5Bsh6d3LaNjShTM50Ryc68M6chYMI950F
chxCRcQcuZ1jMCDoLwMn8RNvVSIMtBPXHsPrfxFYdw3zyA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:40 2025 by rpki-client