Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/MMLW90cQgYkS0b9FapvPCiD1reQ.roa
File: MMLW90cQgYkS0b9FapvPCiD1reQ.roa (raw, json)
Hash identifier: pHsUCTTQ5cM1CWEVI3xKyTxdEtmcN41n8l81lL7oCt0=
Subject key identifier: 30:C2:D6:F7:47:10:81:89:12:D1:BF:45:6A:9B:CF:0A:20:F5:AD:E4
Certificate issuer: /CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302
Certificate serial: 018CC64ABA9D11C3FAFD77069BB35968C818
Authority key identifier: 44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/MMLW90cQgYkS0b9FapvPCiD1reQ.roa
Signing time: Mon 01 Jan 2024 18:30:35 +0000
ROA not before: Mon 01 Jan 2024 18:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202693
IP address blocks: 2a06:c647::/32 maxlen: 32
2a06:c642::/32 maxlen: 32
2a06:c641::/32 maxlen: 32
2a06:c645::/32 maxlen: 32
2a06:c646::/32 maxlen: 32
2a06:c644::/32 maxlen: 32
2a06:c640::/32 maxlen: 32
2a06:c643::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 11 Jan 2024 06:16:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ba:9d:11:c3:fa:fd:77:06:9b:b3:59:68:c8:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44aa813139c06b1dcf1bfe8332b9b801ab3eb302
Validity
Not Before: Jan 1 18:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30c2d6f74710818912d1bf456a9bcf0a20f5ade4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:20:bb:22:b3:07:78:b5:d8:26:a4:48:2e:45:
10:0b:53:f8:f8:d1:96:7d:92:eb:52:b1:98:b0:8c:
a6:31:ad:96:8f:3d:a0:15:82:c0:7a:2b:50:d2:a7:
d9:85:4a:0c:a1:f4:4b:b0:28:01:92:72:98:41:24:
f4:cf:55:88:9d:15:ef:b2:a7:e1:27:ae:4d:5f:30:
93:78:f3:52:18:17:a2:a6:63:ec:03:30:63:82:6d:
dd:36:29:38:be:77:3e:82:cc:78:f9:f3:90:e3:1c:
60:68:06:24:3d:ea:e7:2e:a6:0e:ac:fb:b1:fa:2a:
e7:4c:24:25:08:92:e9:ea:7d:9c:ca:04:e8:91:ca:
9f:a6:22:8c:53:f9:bd:35:86:1d:e2:8a:07:e2:78:
57:fd:93:13:fd:4a:e5:e2:05:51:74:0b:97:3d:d4:
27:db:00:e4:a0:19:77:58:0d:7e:3d:07:f7:e8:47:
87:91:2f:62:89:ec:66:84:f7:55:58:84:2f:1f:42:
df:d1:d8:98:e6:cd:56:23:1e:0d:45:44:bd:e0:99:
f6:9b:1a:14:f0:f1:dd:27:d0:79:ba:74:75:fa:a5:
aa:50:b2:68:96:ed:0d:fc:08:d2:dc:df:28:0a:25:
3a:28:c2:06:ad:59:6f:b7:ac:32:a2:fe:8d:e6:64:
7b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C2:D6:F7:47:10:81:89:12:D1:BF:45:6A:9B:CF:0A:20:F5:AD:E4
X509v3 Authority Key Identifier:
keyid:44:AA:81:31:39:C0:6B:1D:CF:1B:FE:83:32:B9:B8:01:AB:3E:B3:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKqBMTnAax3PG_6DMrm4Aas-swI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/MMLW90cQgYkS0b9FapvPCiD1reQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/535bf7-59ac-45f1-bec5-41dd7f3ea7a4/1/RKqBMTnAax3PG_6DMrm4Aas-swI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:c640::/29
Signature Algorithm: sha256WithRSAEncryption
30:1f:85:2f:63:a0:52:a8:70:d5:a0:4b:11:0b:04:66:39:73:
aa:3e:74:28:45:77:9c:47:5f:f7:ab:51:a0:9b:7b:a6:2f:45:
72:ae:8f:91:cf:1f:22:e0:30:a3:11:d9:a3:2d:43:86:f8:c6:
fe:16:20:5e:bc:fe:28:78:89:04:a4:b1:ed:6d:c5:71:ca:40:
9f:d3:68:d6:45:3d:46:2d:20:73:a6:2a:b2:53:a8:9b:24:9d:
df:1f:d3:18:36:40:c2:cd:9b:e9:87:f7:4e:37:a2:50:3c:84:
2e:38:62:50:40:4a:92:10:51:d8:52:fe:7b:ab:03:2e:57:46:
f6:61:ea:5f:63:e7:04:2b:f9:5d:00:bd:f3:a8:e9:eb:65:4d:
87:84:28:c9:46:9b:98:78:b9:ba:7b:ea:dd:ca:12:74:35:03:
0e:43:44:94:8a:14:cd:43:f4:02:e9:c3:37:08:5e:f7:7a:3c:
09:af:ea:2f:9d:19:ed:b7:21:1b:2a:5d:5c:d4:60:a7:be:d4:
66:bc:e0:84:ac:6d:4e:c9:eb:bc:d4:ed:e3:d4:1d:d9:09:e4:
ff:de:d6:a2:30:f5:b3:88:e1:9a:91:94:0d:46:19:45:db:af:
5a:4f:11:51:21:b3:a4:f1:bb:1e:82:a6:77:01:fb:96:c5:7b:
a7:82:01:e5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGSrqdEcP6/XcGm7NZaMgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YWE4MTMxMzljMDZiMWRjZjFiZmU4MzMyYjliODAxYWIz
ZWIzMDIwHhcNMjQwMTAxMTgzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGMyZDZmNzQ3MTA4MTg5MTJkMWJmNDU2YTliY2YwYTIwZjVhZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSC7IrMHeLXYJqRILkUQC1P4+NGW
fZLrUrGYsIymMa2Wjz2gFYLAeitQ0qfZhUoMofRLsCgBknKYQST0z1WInRXvsqfh
J65NXzCTePNSGBeipmPsAzBjgm3dNik4vnc+gsx4+fOQ4xxgaAYkPernLqYOrPux
+irnTCQlCJLp6n2cygTokcqfpiKMU/m9NYYd4ooH4nhX/ZMT/Url4gVRdAuXPdQn
2wDkoBl3WA1+PQf36EeHkS9iiexmhPdVWIQvH0Lf0diY5s1WIx4NRUS94Jn2mxoU
8PHdJ9B5unR1+qWqULJolu0N/AjS3N8oCiU6KMIGrVlvt6wyov6N5mR7hwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDDC1vdHEIGJEtG/RWqbzwog9a3kMB8GA1UdIwQY
MBaAFESqgTE5wGsdzxv+gzK5uAGrPrMCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUt
NDFkZDdmM2VhN2E0LzEvTU1MVzkwY1FnWWtTMGI5RmFwdlBDaUQxcmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy81MzViZjctNTlhYy00NWYxLWJlYzUtNDFkZDdmM2VhN2E0
LzEvUktxQk1UbkFheDNQR182RE1ybTRBYXMtc3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgbGQDAN
BgkqhkiG9w0BAQsFAAOCAQEAMB+FL2OgUqhw1aBLEQsEZjlzqj50KEV3nEdf96tR
oJt7pi9Fcq6Pkc8fIuAwoxHZoy1DhvjG/hYgXrz+KHiJBKSx7W3FccpAn9No1kU9
Ri0gc6YqslOomySd3x/TGDZAws2b6Yf3TjeiUDyELjhiUEBKkhBR2FL+e6sDLldG
9mHqX2PnBCv5XQC986jp62VNh4QoyUabmHi5unvq3coSdDUDDkNElIoUzUP0AunD
Nwhe93o8Ca/qL50Z7bchGypdXNRgp77UZrzghKxtTsnrvNTt49Qd2Qnk/97WojD1
s4jhmpGUDUYZRduvWk8RUSGzpPG7HoKmdwH7lsV7p4IB5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:07 2024 by rpki-client on console-ams.rpki-client.org