Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/mwtRn5q1q1U4eZVZAJvV8syxZok.roa
File: mwtRn5q1q1U4eZVZAJvV8syxZok.roa (raw, json)
Hash identifier: rXKMnPx/l5HcUNBY47D+/4YFa3zW+Mja65fLTefTtrw=
Subject key identifier: 9B:0B:51:9F:9A:B5:AB:55:38:79:95:59:00:9B:D5:F2:CC:B1:66:89
Certificate issuer: /CN=aa9a164c656412b7daafae8571cc679cc6f587d0
Certificate serial: 018CC7936725D56C667CD5E08447F4DF1F10
Authority key identifier: AA:9A:16:4C:65:64:12:B7:DA:AF:AE:85:71:CC:67:9C:C6:F5:87:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qpoWTGVkErfar66FccxnnMb1h9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/mwtRn5q1q1U4eZVZAJvV8syxZok.roa
Signing time: Tue 02 Jan 2024 00:29:35 +0000
ROA not before: Tue 02 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25145
IP address blocks: 84.252.80.0/22 maxlen: 22
2a09:6080::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:67:25:d5:6c:66:7c:d5:e0:84:47:f4:df:1f:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa9a164c656412b7daafae8571cc679cc6f587d0
Validity
Not Before: Jan 2 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b0b519f9ab5ab5538799559009bd5f2ccb16689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:24:b9:57:cf:83:c6:2f:15:a3:6e:0c:b5:43:
a6:16:16:ee:de:6e:b3:12:91:4d:d5:fe:20:7c:a5:
71:2c:dd:23:05:8b:6f:f3:91:1a:28:3d:62:14:18:
d7:a9:61:45:73:a8:5b:e1:68:fa:5e:2b:ec:6b:2e:
57:c7:3a:e2:7b:d7:45:08:5d:d9:e2:52:c5:66:92:
9c:c4:ac:c0:f2:38:ec:56:ab:68:12:cc:fe:e3:5f:
be:1f:32:a4:bf:c1:70:6a:08:5a:ba:38:fa:53:35:
51:dc:9e:8c:12:15:04:53:c8:ff:bf:22:af:56:b3:
23:05:6b:cc:2a:a8:86:b4:70:61:e3:84:28:b0:03:
97:50:da:7e:d7:9f:ef:60:78:5f:ce:4a:28:5c:fa:
b7:0f:83:6b:b1:d8:7c:75:b3:4e:ba:dd:c7:21:1f:
c2:39:57:bb:c3:fb:cb:03:57:33:28:02:cc:06:62:
61:51:48:fc:38:01:a4:4b:f9:eb:0c:8b:2a:5f:67:
8c:fd:b5:24:c1:f7:fe:83:1f:fb:ce:3b:8b:05:b0:
7d:19:08:55:c8:16:4b:7d:73:fa:1f:0c:8e:70:54:
61:8f:ff:b7:9c:38:49:e1:10:65:c5:e9:3a:d5:6b:
88:a3:22:b9:d9:7f:16:30:f9:f5:8e:dd:38:a1:bc:
fe:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:0B:51:9F:9A:B5:AB:55:38:79:95:59:00:9B:D5:F2:CC:B1:66:89
X509v3 Authority Key Identifier:
keyid:AA:9A:16:4C:65:64:12:B7:DA:AF:AE:85:71:CC:67:9C:C6:F5:87:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qpoWTGVkErfar66FccxnnMb1h9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/mwtRn5q1q1U4eZVZAJvV8syxZok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/afda9a-6630-4a9f-b522-28829c03c69a/1/qpoWTGVkErfar66FccxnnMb1h9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.80.0/22
IPv6:
2a09:6080::/29
Signature Algorithm: sha256WithRSAEncryption
1f:c6:e0:fa:aa:d6:6d:14:e9:38:6f:a7:be:89:5c:02:3f:40:
a0:a7:d5:c3:6e:15:f5:1c:61:0a:a7:5d:0e:13:75:bb:27:b9:
18:ec:20:45:ac:2b:07:ae:43:80:fa:ec:be:64:42:26:b8:5b:
63:c4:e9:09:d8:24:f1:5c:d8:a5:9f:1b:bc:fc:04:b9:73:21:
ff:d8:60:c4:ac:17:3d:68:8f:93:2f:e9:36:c0:bd:2d:11:f0:
e5:ad:d7:d8:86:52:6d:1a:f4:e6:51:0c:f1:f8:56:df:05:65:
be:a7:d8:de:ba:75:63:53:8c:8b:c0:43:96:09:29:21:2a:ae:
14:97:77:1c:f4:54:6d:5c:8e:75:6c:2e:8c:5f:d2:8d:f6:f0:
b4:74:21:0c:3f:d1:41:ef:ed:d9:44:ec:9c:44:3d:50:28:27:
a3:2c:72:32:4a:0b:f1:b9:e6:39:2c:b6:69:3f:07:c9:6b:f2:
38:16:2b:06:ba:97:14:43:b1:76:bb:53:14:24:c8:1d:5a:8c:
89:0b:bc:3f:99:94:2b:4e:45:2b:42:37:03:5a:a0:df:04:d5:
eb:13:07:9e:5c:50:35:82:45:b1:c6:d1:00:b5:d9:21:70:c2:
77:85:e6:ad:0c:5f:d9:83:8f:0f:8f:ad:23:1d:8f:24:be:20:
26:62:ad:8b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk2cl1WxmfNXghEf03x8QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhOWExNjRjNjU2NDEyYjdkYWFmYWU4NTcxY2M2NzljYzZm
NTg3ZDAwHhcNMjQwMTAyMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjBiNTE5ZjlhYjVhYjU1Mzg3OTk1NTkwMDliZDVmMmNjYjE2Njg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSS5V8+Dxi8Vo24MtUOmFhbu3m6z
EpFN1f4gfKVxLN0jBYtv85EaKD1iFBjXqWFFc6hb4Wj6Xivsay5Xxzrie9dFCF3Z
4lLFZpKcxKzA8jjsVqtoEsz+41++HzKkv8Fwaghaujj6UzVR3J6MEhUEU8j/vyKv
VrMjBWvMKqiGtHBh44QosAOXUNp+15/vYHhfzkooXPq3D4Nrsdh8dbNOut3HIR/C
OVe7w/vLA1czKALMBmJhUUj8OAGkS/nrDIsqX2eM/bUkwff+gx/7zjuLBbB9GQhV
yBZLfXP6HwyOcFRhj/+3nDhJ4RBlxek61WuIoyK52X8WMPn1jt04obz+rwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJsLUZ+atatVOHmVWQCb1fLMsWaJMB8GA1UdIwQY
MBaAFKqaFkxlZBK32q+uhXHMZ5zG9YfQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXBvV1RHVmtFcmZhcjY2RmNjeG5uTWIxaDlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9hZmRhOWEtNjYzMC00YTlmLWI1MjIt
Mjg4MjljMDNjNjlhLzEvbXd0Um41cTFxMVU0ZVpWWkFKdlY4c3l4Wm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9hZmRhOWEtNjYzMC00YTlmLWI1MjItMjg4MjljMDNjNjlh
LzEvcXBvV1RHVmtFcmZhcjY2RmNjeG5uTWIxaDlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVPxQMA0E
AgACMAcDBQMqCWCAMA0GCSqGSIb3DQEBCwUAA4IBAQAfxuD6qtZtFOk4b6e+iVwC
P0Cgp9XDbhX1HGEKp10OE3W7J7kY7CBFrCsHrkOA+uy+ZEImuFtjxOkJ2CTxXNil
nxu8/AS5cyH/2GDErBc9aI+TL+k2wL0tEfDlrdfYhlJtGvTmUQzx+FbfBWW+p9je
unVjU4yLwEOWCSkhKq4Ul3cc9FRtXI51bC6MX9KN9vC0dCEMP9FB7+3ZROycRD1Q
KCejLHIySgvxueY5LLZpPwfJa/I4FisGupcUQ7F2u1MUJMgdWoyJC7w/mZQrTkUr
QjcDWqDfBNXrEweeXFA1gkWxxtEAtdkhcMJ3heatDF/Zg48Pj60jHY8kviAmYq2L
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:43 2025 by rpki-client