Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/MbkjVGyibezpTLHEsM9D8aDZEGA.roa
File: MbkjVGyibezpTLHEsM9D8aDZEGA.roa (raw, json)
Hash identifier: /UhrbYi7nw6LgcxsGxoz3+pQiaxn53uaRCMR5ILcayg=
Subject key identifier: 31:B9:23:54:6C:A2:6D:EC:E9:4C:B1:C4:B0:CF:43:F1:A0:D9:10:60
Certificate issuer: /CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Certificate serial: 018A0322C6A0FFC748F3694D0963189F3AED
Authority key identifier: 1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/MbkjVGyibezpTLHEsM9D8aDZEGA.roa
Signing time: Thu 17 Aug 2023 10:55:25 +0000
ROA not before: Thu 17 Aug 2023 10:55:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208022
IP address blocks: 2a11:3786::/32 maxlen: 48
2a11:3784::/32 maxlen: 48
2a11:3782::/32 maxlen: 48
2a11:3780::/32 maxlen: 48
2a0a:281::/32 maxlen: 48
2a11:3783::/32 maxlen: 48
2a11:3785::/32 maxlen: 48
2a12:ef40::/29 maxlen: 48
2a0a:282::/32 maxlen: 48
2a11:3787::/32 maxlen: 48
2a11:3781::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Sep 2023 14:09:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:03:22:c6:a0:ff:c7:48:f3:69:4d:09:63:18:9f:3a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b9f21ba04e5e3077b391e3d48ff5b0a50b3369f
Validity
Not Before: Aug 17 10:55:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31b923546ca26dece94cb1c4b0cf43f1a0d91060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2a:63:2a:eb:f0:15:40:a4:30:ea:06:81:2e:
b6:a4:16:d5:36:89:77:d0:a9:0a:3b:74:1b:55:b6:
76:b6:2b:c5:a4:bc:fa:de:53:b3:ca:ee:38:6d:55:
d2:93:ac:bb:16:cd:a4:15:f5:08:5b:cb:35:b1:11:
e3:87:48:c0:b1:24:9c:55:dc:7f:5a:1e:4d:59:18:
f9:75:2b:bf:8a:80:ec:84:fb:4c:40:b9:d5:1e:d3:
11:e7:73:7e:29:6f:38:9c:dc:7b:4b:23:57:7e:84:
0f:d4:28:b6:73:54:1a:3e:15:66:e8:f5:8c:ea:b6:
f0:5e:5e:fc:7f:29:6c:58:d4:49:95:03:98:9e:bb:
75:46:dc:b4:98:96:90:25:36:a9:ab:c3:40:ad:b2:
88:df:8f:d9:74:1d:05:65:a9:10:80:da:ea:02:9c:
1a:5e:84:29:bd:8b:9b:c6:f9:f5:67:29:01:10:d0:
5b:bd:30:88:63:54:13:13:87:3a:27:28:92:e4:d2:
28:bf:6c:ab:0d:55:d5:2a:7f:26:cd:c1:31:2f:76:
39:3a:cd:f5:49:72:e9:26:c2:71:6f:88:80:37:ee:
0b:f2:55:0d:9b:c6:98:9f:eb:f0:24:fb:34:5c:c9:
e6:77:88:c1:69:c8:8c:c4:af:52:80:27:cb:b0:5d:
79:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B9:23:54:6C:A2:6D:EC:E9:4C:B1:C4:B0:CF:43:F1:A0:D9:10:60
X509v3 Authority Key Identifier:
keyid:1B:9F:21:BA:04:E5:E3:07:7B:39:1E:3D:48:FF:5B:0A:50:B3:36:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G58hugTl4wd7OR49SP9bClCzNp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/MbkjVGyibezpTLHEsM9D8aDZEGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f67a78-183d-494a-995e-f51c5fb3df9a/1/G58hugTl4wd7OR49SP9bClCzNp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:281::-2a0a:282:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3780::/29
2a12:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
a8:e4:1c:53:6c:2d:36:63:bd:8d:49:2f:ff:f3:95:64:c7:ee:
9f:98:d2:c7:a5:f9:a8:99:a2:56:c2:dc:c6:0b:d3:76:20:f3:
71:28:f6:c0:e9:8e:db:b3:fb:58:f5:ee:a9:15:5d:28:64:47:
20:a5:aa:31:c5:1a:97:c7:aa:f0:ed:90:09:c4:71:70:c2:1b:
88:ab:3b:fa:b1:41:92:71:96:46:67:9d:67:f1:d8:6a:38:a2:
cf:1c:a9:fd:80:f7:5e:55:b9:19:c1:3d:61:98:ac:28:53:1a:
7f:57:bb:dd:3e:89:6e:f9:e9:81:63:c8:c5:f1:a0:ee:68:54:
b2:fc:c9:0d:5b:e1:4d:1a:c9:2c:08:65:af:53:42:b6:fc:99:
46:73:30:4a:2a:5f:20:bc:9c:f5:27:a6:e7:c3:03:79:20:d9:
c1:9d:1e:b0:b8:cb:ed:da:10:1a:8d:48:cb:bd:e8:b0:30:3f:
9a:9c:3e:9e:c7:ad:d9:e2:3e:d5:a0:16:6e:1e:77:06:4d:90:
b9:e6:50:e4:28:b4:f1:19:67:11:7b:3e:43:cb:66:fc:01:39:
fb:3d:7d:d7:e5:88:d8:86:18:b1:eb:7f:1e:08:61:78:bb:01:
59:4e:23:0e:0f:d7:fa:6f:1a:01:e3:4f:66:50:88:d5:14:67:
cb:12:4a:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoDIsag/8dI82lNCWMYnzrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiOWYyMWJhMDRlNWUzMDc3YjM5MWUzZDQ4ZmY1YjBhNTBi
MzM2OWYwHhcNMjMwODE3MTA1NTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI5MjM1NDZjYTI2ZGVjZTk0Y2IxYzRiMGNmNDNmMWEwZDkxMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SpjKuvwFUCkMOoGgS62pBbVNol3
0KkKO3QbVbZ2tivFpLz63lOzyu44bVXSk6y7Fs2kFfUIW8s1sRHjh0jAsSScVdx/
Wh5NWRj5dSu/ioDshPtMQLnVHtMR53N+KW84nNx7SyNXfoQP1Ci2c1QaPhVm6PWM
6rbwXl78fylsWNRJlQOYnrt1Rty0mJaQJTapq8NArbKI34/ZdB0FZakQgNrqApwa
XoQpvYubxvn1ZykBENBbvTCIY1QTE4c6JyiS5NIov2yrDVXVKn8mzcExL3Y5Os31
SXLpJsJxb4iAN+4L8lUNm8aYn+vwJPs0XMnmd4jBaciMxK9SgCfLsF15HQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDG5I1Rsom3s6UyxxLDPQ/Gg2RBgMB8GA1UdIwQY
MBaAFBufIboE5eMHezkePUj/WwpQszafMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUt
ZjUxYzVmYjNkZjlhLzEvTWJralZHeWliZXpwVExIRXNNOUQ4YURaRUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9mNjdhNzgtMTgzZC00OTRhLTk5NWUtZjUxYzVmYjNkZjlh
LzEvRzU4aHVnVGw0d2Q3T1I0OVNQOWJDbEN6TnA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeMA4DBQAqCgKB
AwUAKgoCggMFAyoRN4ADBQMqEu9AMA0GCSqGSIb3DQEBCwUAA4IBAQCo5BxTbC02
Y72NSS//85Vkx+6fmNLHpfmomaJWwtzGC9N2IPNxKPbA6Y7bs/tY9e6pFV0oZEcg
paoxxRqXx6rw7ZAJxHFwwhuIqzv6sUGScZZGZ51n8dhqOKLPHKn9gPdeVbkZwT1h
mKwoUxp/V7vdPolu+emBY8jF8aDuaFSy/MkNW+FNGsksCGWvU0K2/JlGczBKKl8g
vJz1J6bnwwN5INnBnR6wuMvt2hAajUjLveiwMD+anD6ex63Z4j7VoBZuHncGTZC5
5lDkKLTxGWcRez5Dy2b8ATn7PX3X5YjYhhix638eCGF4uwFZTiMOD9f6bxoB409m
UIjVFGfLEko8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:06 2024 by rpki-client on console-ams.rpki-client.org