Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/mPFIb7CiAstEi6vP-3yf1l-DVws.roa
File: mPFIb7CiAstEi6vP-3yf1l-DVws.roa (raw, json)
Hash identifier: XQLDd9qAIZVIDIwm+h+sRDStd6GvNRE2iwRLCrYuWMM=
Subject key identifier: 98:F1:48:6F:B0:A2:02:CB:44:8B:AB:CF:FB:7C:9F:D6:5F:83:57:0B
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 018CC8015DF21F7C12881FDDF64FC60C9E0E
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/mPFIb7CiAstEi6vP-3yf1l-DVws.roa
Signing time: Tue 02 Jan 2024 02:29:41 +0000
ROA not before: Tue 02 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204765
IP address blocks: 2a0c:b641:8b0::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 17:22:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5d:f2:1f:7c:12:88:1f:dd:f6:4f:c6:0c:9e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98f1486fb0a202cb448babcffb7c9fd65f83570b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:07:26:10:e6:be:42:ca:31:da:65:22:18:ab:
b7:c0:94:f3:c1:d4:dc:2e:b3:58:0b:4f:64:d9:41:
30:b7:21:db:cc:1e:b7:2d:a0:d0:2c:03:06:4f:67:
5e:58:fd:57:57:6a:77:72:cb:db:0d:64:16:3e:52:
a2:cd:67:e1:f1:12:c6:43:f9:04:ff:2f:7f:1c:fd:
f7:cc:ad:70:ba:61:3e:6d:5a:ef:6a:7d:2f:1e:24:
c7:b5:d0:b1:16:56:85:40:e8:6e:f0:c5:0d:c7:7d:
8f:53:ff:79:97:f1:c3:97:85:76:c8:5b:de:b8:d8:
be:b3:72:e5:9c:39:f8:d9:98:89:69:20:14:d0:b0:
c5:26:22:e7:64:2b:01:01:9d:ea:9a:a4:83:56:ba:
51:3b:30:9e:c7:9c:bf:c0:59:65:d1:26:54:91:5b:
17:64:25:48:66:c7:98:96:95:e9:0f:0f:05:3f:83:
f0:7b:6c:47:7d:fa:65:d3:59:ab:57:60:9b:ae:3c:
bc:57:2e:db:d1:68:c1:fb:c8:f3:5c:63:bf:2b:6c:
aa:dd:40:06:a2:ca:35:1b:aa:f8:26:64:29:b2:2c:
53:56:76:e4:89:b3:8c:05:c8:e6:26:a7:fc:2e:e5:
de:0e:9d:af:8e:36:13:cd:28:27:eb:71:57:d4:83:
e4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F1:48:6F:B0:A2:02:CB:44:8B:AB:CF:FB:7C:9F:D6:5F:83:57:0B
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/mPFIb7CiAstEi6vP-3yf1l-DVws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b641:8b0::/44
Signature Algorithm: sha256WithRSAEncryption
70:0a:9e:47:42:a0:8c:0d:d5:69:b4:3a:bc:fd:d8:f2:64:4f:
59:c1:ac:67:5e:5c:6f:ee:62:ea:a0:3e:dc:ad:42:d2:36:a6:
35:f0:bb:ec:a2:de:d1:b3:32:6b:8d:0c:e9:bd:b2:d5:51:48:
d7:59:03:b3:ee:1c:28:74:8d:2b:6f:f8:95:1d:4b:74:b0:fa:
37:a3:c0:2f:e8:25:72:04:68:4f:a0:b3:37:1d:94:63:e9:86:
47:ff:d7:9f:f4:76:54:72:fa:ff:79:9f:ab:b5:1c:0c:71:2c:
6d:00:b0:00:4f:ae:f7:73:c7:e1:47:e9:c7:8a:18:de:fb:5a:
76:b2:64:53:3a:27:c1:71:38:49:07:8d:b6:e8:f4:c9:a2:61:
5d:2f:fe:66:f6:d8:ff:11:c2:5d:bf:7a:9e:c3:69:4c:6f:7e:
f3:1a:77:f2:4d:93:c0:72:c1:73:75:eb:df:18:94:0b:f9:3a:
c4:6c:b6:83:3c:95:a6:6c:58:a8:d3:8a:07:c2:6f:aa:b7:12:
09:8e:c1:e0:ca:8a:76:1e:54:54:34:a5:4e:cb:77:b3:51:46:
71:81:6a:63:ea:63:24:69:92:b3:ad:bf:a4:36:c4:be:7e:0e:
6b:ba:97:68:0d:a4:bd:f6:48:69:e3:78:46:04:c4:96:f9:10:
84:2d:35:d7
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAV3yH3wSiB/d9k/GDJ4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGYxNDg2ZmIwYTIwMmNiNDQ4YmFiY2ZmYjdjOWZkNjVmODM1NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAcmEOa+Qsox2mUiGKu3wJTzwdTc
LrNYC09k2UEwtyHbzB63LaDQLAMGT2deWP1XV2p3csvbDWQWPlKizWfh8RLGQ/kE
/y9/HP33zK1wumE+bVrvan0vHiTHtdCxFlaFQOhu8MUNx32PU/95l/HDl4V2yFve
uNi+s3LlnDn42ZiJaSAU0LDFJiLnZCsBAZ3qmqSDVrpROzCex5y/wFll0SZUkVsX
ZCVIZseYlpXpDw8FP4Pwe2xHffpl01mrV2Cbrjy8Vy7b0WjB+8jzXGO/K2yq3UAG
oso1G6r4JmQpsixTVnbkibOMBcjmJqf8LuXeDp2vjjYTzSgn63FX1IPkHwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJjxSG+wogLLRIurz/t8n9Zfg1cLMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvbVBGSWI3Q2lBc3RFaTZ2UC0zeWYxbC1EVndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgy2QQiw
MA0GCSqGSIb3DQEBCwUAA4IBAQBwCp5HQqCMDdVptDq8/djyZE9ZwaxnXlxv7mLq
oD7crULSNqY18Lvsot7RszJrjQzpvbLVUUjXWQOz7hwodI0rb/iVHUt0sPo3o8Av
6CVyBGhPoLM3HZRj6YZH/9ef9HZUcvr/eZ+rtRwMcSxtALAAT673c8fhR+nHihje
+1p2smRTOifBcThJB4226PTJomFdL/5m9tj/EcJdv3qew2lMb37zGnfyTZPAcsFz
devfGJQL+TrEbLaDPJWmbFio04oHwm+qtxIJjsHgyop2HlRUNKVOy3ezUUZxgWpj
6mMkaZKzrb+kNsS+fg5rupdoDaS99khp43hGBMSW+RCELTXX
-----END CERTIFICATE-----
Generated at Wed Jan 10 22:32:55 2024 by rpki-client on console-ams.rpki-client.org