Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MTfWguz6dAy40qDGN61UIqLeDCM.roa
File: MTfWguz6dAy40qDGN61UIqLeDCM.roa (raw, json)
Hash identifier: +q4DAiG6fxKtAGOuN9F3q1iG2M/aKkoetB5PXgKiGXE=
Subject key identifier: 31:37:D6:82:EC:FA:74:0C:B8:D2:A0:C6:37:AD:54:22:A2:DE:0C:23
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC4256B704A06AB21BB4E69006158C40D
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MTfWguz6dAy40qDGN61UIqLeDCM.roa
Signing time: Mon 01 Jan 2024 08:30:35 +0000
ROA not before: Mon 01 Jan 2024 08:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207649
IP address blocks: 2a0b:b87:ffb6::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:6b:70:4a:06:ab:21:bb:4e:69:00:61:58:c4:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3137d682ecfa740cb8d2a0c637ad5422a2de0c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8a:57:39:64:21:6a:76:8d:83:66:c7:b7:31:
db:43:cc:ab:6a:98:a0:09:cf:fd:19:b9:eb:47:92:
91:1b:5b:4e:10:32:c2:56:38:40:70:ab:ff:b9:16:
8a:74:3e:2d:3d:25:8b:88:e5:2f:0a:64:6e:55:29:
6a:0a:b5:62:46:97:e9:83:ec:5f:59:f5:de:50:3e:
ef:ca:7e:da:aa:5d:18:5e:cd:c0:26:54:23:6b:96:
75:18:40:19:27:89:2e:af:e1:b0:35:bb:03:f8:cb:
22:5b:cc:22:ca:d1:bb:2b:b8:12:43:66:a3:8e:e9:
f0:ac:46:38:ed:ce:5a:ff:06:3a:e8:05:5b:49:b7:
b9:8c:e8:55:48:e2:e4:fe:df:a7:ab:7e:92:78:60:
7b:f2:8b:5d:98:5e:9d:f5:6c:04:21:69:3d:2a:85:
5b:f6:47:e2:86:0f:64:82:35:6c:5c:b7:0e:4c:27:
63:ce:72:94:99:a4:8e:75:b6:13:eb:5b:c1:7b:a7:
00:b7:c0:d9:9d:21:30:b4:98:dc:f2:fd:05:97:38:
e8:4f:37:74:52:60:17:53:09:08:8a:bb:90:4c:8a:
65:49:31:e7:0d:4f:b2:0a:bb:0e:11:7a:16:a7:df:
3e:96:01:10:a0:4e:2f:bf:ba:47:e6:d4:b8:2e:1d:
cc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:37:D6:82:EC:FA:74:0C:B8:D2:A0:C6:37:AD:54:22:A2:DE:0C:23
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MTfWguz6dAy40qDGN61UIqLeDCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b87:ffb6::/48
Signature Algorithm: sha256WithRSAEncryption
2f:67:24:e4:4d:ae:fc:13:7b:bf:70:a3:c5:a1:55:9e:4b:b0:
1e:fa:1f:aa:d1:35:d4:e4:f0:08:77:3c:84:f8:fa:b5:95:1f:
16:6a:d8:3a:2b:b6:47:77:29:97:a3:a2:3b:f5:bc:cd:31:ca:
1d:16:67:21:65:d5:13:ff:40:c6:ab:f0:62:fa:73:41:21:ae:
ed:57:b4:e7:c1:93:e7:f2:12:14:67:42:0a:9d:5f:de:a6:17:
65:06:67:de:ef:0b:27:16:fd:1c:67:c8:a6:37:77:7f:fd:44:
ed:73:a4:8c:a6:8a:34:e1:7c:cd:37:f4:a2:ba:fe:ec:3e:37:
55:e5:b7:3e:60:cb:1a:96:9b:fd:7e:42:22:10:ac:12:70:b6:
6d:5f:a5:e9:64:53:03:21:cd:34:54:3e:cf:82:55:72:bf:e8:
c8:96:0b:94:aa:f1:4e:d8:9c:fd:ff:75:29:73:a7:84:82:0a:
7f:55:24:75:1a:56:f5:1d:a9:88:1e:f4:b2:07:ab:3f:ba:ec:
b4:0b:3e:74:18:2c:3a:c0:02:69:f3:a0:a0:c7:10:52:6c:85:
54:a6:4a:f0:82:72:02:e6:e7:4a:0d:4f:3f:81:1c:d4:a7:90:
af:de:bd:d7:2d:8f:46:70:86:1f:ff:12:0d:76:dd:31:41:95:
18:0d:be:4b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzEJWtwSgarIbtOaQBhWMQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM3ZDY4MmVjZmE3NDBjYjhkMmEwYzYzN2FkNTQyMmEyZGUwYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYpXOWQhanaNg2bHtzHbQ8yrapig
Cc/9GbnrR5KRG1tOEDLCVjhAcKv/uRaKdD4tPSWLiOUvCmRuVSlqCrViRpfpg+xf
WfXeUD7vyn7aql0YXs3AJlQja5Z1GEAZJ4kur+GwNbsD+MsiW8wiytG7K7gSQ2aj
junwrEY47c5a/wY66AVbSbe5jOhVSOLk/t+nq36SeGB78otdmF6d9WwEIWk9KoVb
9kfihg9kgjVsXLcOTCdjznKUmaSOdbYT61vBe6cAt8DZnSEwtJjc8v0FlzjoTzd0
UmAXUwkIiruQTIplSTHnDU+yCrsOEXoWp98+lgEQoE4vv7pH5tS4Lh3MuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDE31oLs+nQMuNKgxjetVCKi3gwjMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvTVRmV2d1ejZkQXk0MHFER042MVVJcUxlRENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgsLh/+2
MA0GCSqGSIb3DQEBCwUAA4IBAQAvZyTkTa78E3u/cKPFoVWeS7Ae+h+q0TXU5PAI
dzyE+Pq1lR8Watg6K7ZHdymXo6I79bzNMcodFmchZdUT/0DGq/Bi+nNBIa7tV7Tn
wZPn8hIUZ0IKnV/ephdlBmfe7wsnFv0cZ8imN3d//UTtc6SMpoo04XzNN/Siuv7s
PjdV5bc+YMsalpv9fkIiEKwScLZtX6XpZFMDIc00VD7PglVyv+jIlguUqvFO2Jz9
/3Upc6eEggp/VSR1Glb1HamIHvSyB6s/uuy0Cz50GCw6wAJp86CgxxBSbIVUpkrw
gnIC5udKDU8/gRzUp5Cv3r3XLY9GcIYf/xINdt0xQZUYDb5L
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:16:21 2025 by rpki-client