Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mtbHbfFlrSGvNcas_c7SBYPPG1E.roa
File: mtbHbfFlrSGvNcas_c7SBYPPG1E.roa (raw, json)
Hash identifier: MOsI9JewLjUjQtL0hxac8UkhBycGGw1B3SkTOtAvYgc=
Subject key identifier: 9A:D6:C7:6D:F1:65:AD:21:AF:35:C6:AC:FD:CE:D2:05:83:CF:1B:51
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0195684D6FFD90862714E18B65C478B45A2B
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mtbHbfFlrSGvNcas_c7SBYPPG1E.roa
Signing time: Wed 05 Mar 2025 21:54:20 +0000
ROA not before: Wed 05 Mar 2025 21:54:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213705
IP address blocks: 2a06:5fc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 22 Mar 2025 18:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:68:4d:6f:fd:90:86:27:14:e1:8b:65:c4:78:b4:5a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 5 21:54:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ad6c76df165ad21af35c6acfdced20583cf1b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:98:4b:a9:f1:76:49:4c:b6:f9:17:24:ed:01:
d4:28:bc:d4:23:5e:67:02:e6:fe:07:25:23:7f:34:
8c:ef:8f:25:48:40:3b:8b:24:75:74:de:07:5f:ab:
c2:57:5c:29:2e:65:ef:41:b9:67:ed:36:54:5b:17:
71:69:35:e4:ad:41:93:41:9d:f5:51:5d:1c:09:ff:
49:50:20:bd:b1:82:f6:4b:da:1f:00:8e:83:18:1a:
07:64:4d:81:64:8c:32:e2:82:59:fb:88:c6:d5:92:
1b:56:c7:86:83:9f:9c:93:9b:4c:e1:5f:b3:12:ff:
2a:b7:f2:3f:f3:67:29:06:58:e9:17:b4:f4:1e:83:
56:a9:53:54:6b:51:3e:5b:88:d6:35:fb:82:45:5c:
83:4e:35:1b:b5:19:b6:24:87:c3:14:8f:57:53:eb:
04:01:b9:16:a9:11:24:53:99:80:b5:50:79:b8:32:
8c:af:54:bd:7c:60:bb:ff:88:2a:28:4c:c2:87:53:
ff:6a:b3:44:ea:ef:81:65:33:03:e6:a5:85:22:74:
e5:da:a2:93:b9:5d:63:9c:3a:8b:55:64:8e:74:ad:
2b:02:24:9f:fd:5a:69:3b:8c:f9:d8:a0:ce:e1:fe:
75:10:3f:87:9f:de:dc:53:15:6c:cb:24:8e:83:6e:
81:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D6:C7:6D:F1:65:AD:21:AF:35:C6:AC:FD:CE:D2:05:83:CF:1B:51
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mtbHbfFlrSGvNcas_c7SBYPPG1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5fc0::/29
Signature Algorithm: sha256WithRSAEncryption
03:c5:6a:12:ae:d6:80:ae:e7:51:9d:f4:a4:6b:3c:0a:19:7e:
29:d4:5a:70:96:7c:b2:32:fc:14:37:f9:16:65:9d:ac:69:88:
91:a7:aa:99:6e:3c:92:73:56:e7:18:a2:f1:8e:5a:eb:1d:6d:
cc:06:41:15:59:cd:01:ee:1f:06:d7:7e:89:0b:3f:9d:82:dc:
85:8d:5a:df:51:89:1b:7e:7e:72:83:c1:4b:2d:bd:26:22:29:
1c:e0:e5:71:f6:7f:62:ef:38:45:d1:d4:57:01:ea:a1:30:56:
d3:06:3e:2c:41:27:c1:ea:f0:38:b7:d0:86:28:6d:1a:5c:03:
5e:22:36:0f:ab:c7:4e:f9:84:35:22:e1:ec:c4:ed:58:26:c0:
a4:36:14:4a:43:fa:80:c0:bb:eb:8d:0b:07:ad:a3:d6:be:27:
a3:ea:94:f4:76:f5:a2:f9:56:a4:b3:35:d0:33:b2:df:b1:1c:
54:55:47:a8:9d:38:7a:07:9b:22:37:15:cb:ca:aa:79:d1:78:
5d:6b:a4:e3:93:e7:ab:cf:f7:bb:d8:5d:5c:3b:b8:66:29:d8:
4e:f3:ed:e3:73:67:84:dd:a8:ff:3c:df:aa:f8:50:e3:cb:4c:
16:a5:05:4d:50:a3:5e:1d:85:46:f2:1a:2e:2c:a7:43:84:15:
af:eb:b4:bc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZVoTW/9kIYnFOGLZcR4tForMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMzA1MjE1NDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ2Yzc2ZGYxNjVhZDIxYWYzNWM2YWNmZGNlZDIwNTgzY2YxYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArphLqfF2SUy2+Rck7QHUKLzUI15n
Aub+ByUjfzSM748lSEA7iyR1dN4HX6vCV1wpLmXvQbln7TZUWxdxaTXkrUGTQZ31
UV0cCf9JUCC9sYL2S9ofAI6DGBoHZE2BZIwy4oJZ+4jG1ZIbVseGg5+ck5tM4V+z
Ev8qt/I/82cpBljpF7T0HoNWqVNUa1E+W4jWNfuCRVyDTjUbtRm2JIfDFI9XU+sE
AbkWqREkU5mAtVB5uDKMr1S9fGC7/4gqKEzCh1P/arNE6u+BZTMD5qWFInTl2qKT
uV1jnDqLVWSOdK0rAiSf/VppO4z52KDO4f51ED+Hn97cUxVsyySOg26B9QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJrWx23xZa0hrzXGrP3O0gWDzxtRMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbXRiSGJmRmxyU0d2TmNhc19jN1NCWVBQRzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgZfwDAN
BgkqhkiG9w0BAQsFAAOCAQEAA8VqEq7WgK7nUZ30pGs8Chl+KdRacJZ8sjL8FDf5
FmWdrGmIkaeqmW48knNW5xii8Y5a6x1tzAZBFVnNAe4fBtd+iQs/nYLchY1a31GJ
G35+coPBSy29JiIpHODlcfZ/Yu84RdHUVwHqoTBW0wY+LEEnwerwOLfQhihtGlwD
XiI2D6vHTvmENSLh7MTtWCbApDYUSkP6gMC7640LB62j1r4no+qU9Hb1ovlWpLM1
0DOy37EcVFVHqJ04egebIjcVy8qqedF4XWuk45Pnq8/3u9hdXDu4ZinYTvPt43Nn
hN2o/zzfqvhQ48tMFqUFTVCjXh2FRvIaLiynQ4QVr+u0vA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:33:14 2025 by rpki-client