Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/MbXi47jX6KgaQjK2mrx6mm4Sxac.roa
File: MbXi47jX6KgaQjK2mrx6mm4Sxac.roa (raw, json)
Hash identifier: +Febm53wMZM9o7mlGpUbmsIV2XGuWJ1PJJ+NiKjZjWs=
Subject key identifier: 31:B5:E2:E3:B8:D7:E8:A8:1A:42:32:B6:9A:BC:7A:9A:6E:12:C5:A7
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 01857227F4FAA4DB3244625CBEA146A55F36
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/MbXi47jX6KgaQjK2mrx6mm4Sxac.roa
Signing time: Mon 02 Jan 2023 11:04:59 +0000
ROA not before: Mon 02 Jan 2023 11:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42101
IP address blocks: 2a10:4646:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:f4:fa:a4:db:32:44:62:5c:be:a1:46:a5:5f:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 11:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31b5e2e3b8d7e8a81a4232b69abc7a9a6e12c5a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f5:de:1c:61:cd:0a:60:84:6e:d9:9c:67:93:
83:e3:5b:60:4f:15:4c:1c:a1:35:29:58:f3:e0:af:
a7:c0:30:6d:96:a8:f8:22:a5:3f:d9:de:3a:dc:b7:
2c:fb:24:8b:5e:9d:6e:9c:6a:72:4d:ba:7d:21:1c:
0f:a0:1f:16:ac:75:44:c7:10:31:fb:26:46:e1:c4:
84:ce:00:8d:fe:84:85:4a:3b:73:d8:e6:c6:00:f4:
7d:8c:fe:06:86:50:0e:07:3a:b5:09:05:c4:61:64:
da:13:5d:7b:5f:85:a3:6b:ae:ed:c8:68:4d:16:a1:
48:64:45:37:73:4e:3e:b5:ca:2f:cf:8a:94:fe:2e:
b7:fa:cc:f6:ec:09:c4:9f:4a:68:da:6e:58:f8:da:
b0:00:75:fb:ca:df:b3:86:8a:f7:01:7a:3e:a2:1f:
d1:14:57:17:ab:34:e1:da:c2:d6:91:85:e3:2a:2d:
b0:0d:8c:fa:e0:e5:5a:f2:4e:15:bc:8d:ac:20:74:
6a:eb:6f:14:05:5e:4b:06:c3:e2:53:7b:b4:cb:d8:
ac:ec:a7:da:c3:d4:f7:3a:5a:33:8a:88:c9:97:f2:
fc:15:75:5a:ed:29:60:49:c0:e9:08:ad:0e:91:94:
6d:4d:09:76:54:0e:1d:37:56:0d:0b:e7:b2:12:5f:
ea:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B5:E2:E3:B8:D7:E8:A8:1A:42:32:B6:9A:BC:7A:9A:6E:12:C5:A7
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/MbXi47jX6KgaQjK2mrx6mm4Sxac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:3::/48
Signature Algorithm: sha256WithRSAEncryption
d5:49:5f:f0:ba:cc:07:a1:d2:14:27:da:4d:7b:47:fa:e4:e0:
df:62:61:98:10:3a:61:3b:5d:d8:1e:0e:8e:ec:c6:98:4d:14:
4d:c3:4d:11:19:ef:c4:5f:04:2e:2e:da:b3:9d:2a:4d:1b:1f:
5f:d2:09:85:8c:a3:65:56:dd:b7:7e:e5:cc:90:c9:16:1f:45:
e7:ee:a1:d1:2e:fe:39:e1:94:33:d1:77:5c:f5:97:2b:b9:59:
94:86:fe:fd:ac:4a:09:61:de:15:2d:7d:b3:05:c1:59:ed:3a:
28:b6:fa:80:86:44:ad:97:f2:cd:90:0a:69:5f:21:d1:d9:63:
a0:f9:35:26:cd:f0:58:5e:0a:4a:50:d0:58:d8:fe:6d:01:37:
71:12:a5:61:02:be:ba:0b:2e:88:c3:c5:67:5e:2a:84:a2:36:
e0:25:8a:bf:e4:fa:7a:66:09:ee:88:57:22:49:63:92:bd:b8:
21:d2:3e:4d:5f:2a:b7:c9:b8:95:81:73:af:e0:96:5e:2a:b2:
90:cc:e1:76:67:7d:8d:fb:ef:14:26:56:50:81:66:99:5e:d5:
90:82:17:a1:35:08:26:d3:c7:a6:33:cf:d9:72:3d:0f:48:92:
de:8b:86:18:65:51:7f:24:a7:53:0b:4d:9e:5c:55:5a:c7:a7:
80:4d:4d:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVyJ/T6pNsyRGJcvqFGpV82MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjMwMTAyMTEwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI1ZTJlM2I4ZDdlOGE4MWE0MjMyYjY5YWJjN2E5YTZlMTJjNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fXeHGHNCmCEbtmcZ5OD41tgTxVM
HKE1KVjz4K+nwDBtlqj4IqU/2d463Lcs+ySLXp1unGpyTbp9IRwPoB8WrHVExxAx
+yZG4cSEzgCN/oSFSjtz2ObGAPR9jP4GhlAOBzq1CQXEYWTaE117X4Wja67tyGhN
FqFIZEU3c04+tcovz4qU/i63+sz27AnEn0po2m5Y+NqwAHX7yt+zhor3AXo+oh/R
FFcXqzTh2sLWkYXjKi2wDYz64OVa8k4VvI2sIHRq628UBV5LBsPiU3u0y9is7Kfa
w9T3OloziojJl/L8FXVa7SlgScDpCK0OkZRtTQl2VA4dN1YNC+eyEl/qBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDG14uO41+ioGkIytpq8eppuEsWnMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEvTWJYaTQ3alg2S2dhUWpLMm1yeDZtbTRTeGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhBGRgAD
MA0GCSqGSIb3DQEBCwUAA4IBAQDVSV/wuswHodIUJ9pNe0f65ODfYmGYEDphO13Y
Hg6O7MaYTRRNw00RGe/EXwQuLtqznSpNGx9f0gmFjKNlVt23fuXMkMkWH0Xn7qHR
Lv454ZQz0Xdc9ZcruVmUhv79rEoJYd4VLX2zBcFZ7TootvqAhkStl/LNkAppXyHR
2WOg+TUmzfBYXgpKUNBY2P5tATdxEqVhAr66Cy6Iw8VnXiqEojbgJYq/5Pp6Zgnu
iFciSWOSvbgh0j5NXyq3ybiVgXOv4JZeKrKQzOF2Z32N++8UJlZQgWaZXtWQgheh
NQgm08emM8/Zcj0PSJLei4YYZVF/JKdTC02eXFVax6eATU2k
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:43 2024 by rpki-client on console-ams.rpki-client.org