Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/MGgoOQOMcssjkC0uzocqtHkCiR4.roa
File: MGgoOQOMcssjkC0uzocqtHkCiR4.roa (raw, json)
Hash identifier: dLvKqULfG7qbJywqErOsoPWj4fUJzI+UQgiGC7HkpEg=
Subject key identifier: 30:68:28:39:03:8C:72:CB:23:90:2D:2E:CE:87:2A:B4:79:02:89:1E
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 018C266634F1E2C2309A10CA0AC9CA308FFB
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/MGgoOQOMcssjkC0uzocqtHkCiR4.roa
Signing time: Fri 01 Dec 2023 17:21:21 +0000
ROA not before: Fri 01 Dec 2023 17:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51659
IP address blocks: 2a12:cc01::/32 maxlen: 32
2a12:cc03::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:26:66:34:f1:e2:c2:30:9a:10:ca:0a:c9:ca:30:8f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Dec 1 17:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30682839038c72cb23902d2ece872ab47902891e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ca:47:29:18:04:ac:1f:a5:4b:48:d3:94:7d:
58:e1:1f:40:a7:8c:74:36:ae:9c:db:77:b5:f7:18:
be:54:9a:cf:6f:1b:cd:ff:c2:62:63:59:8e:17:6e:
13:13:0d:29:6a:41:cc:29:99:eb:bb:b9:4e:22:af:
73:3e:b9:e1:42:38:1b:35:33:19:52:71:4e:4e:99:
4a:5e:58:b0:8a:bf:8b:e8:54:4d:02:b8:e9:cf:72:
87:2e:2b:81:e7:ae:01:9a:23:fc:c2:a0:d2:c9:13:
c1:0a:a6:a7:96:9b:b7:1d:66:cc:69:39:d3:59:18:
1a:26:ae:26:1d:5c:56:72:a5:e7:70:ae:5d:c2:43:
b3:1a:7b:3a:67:48:75:c3:a3:55:60:80:3f:f9:fb:
a3:73:e4:d3:b0:c8:dd:71:b0:d5:af:ea:5f:d1:6c:
0f:21:68:5a:a6:7a:2a:a5:37:51:2d:d9:ef:04:fb:
ab:c7:46:39:40:ae:ad:9c:7d:3a:74:19:9e:13:75:
9b:88:09:48:f4:74:0d:98:bc:0b:26:d8:de:69:76:
89:eb:25:3c:21:d0:44:00:6a:df:8d:76:a3:ca:82:
a6:e8:1b:07:6c:fe:cf:43:de:34:a5:d3:f5:d7:a4:
05:ef:02:7f:33:48:1a:39:fa:3d:c2:8e:06:54:61:
45:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:68:28:39:03:8C:72:CB:23:90:2D:2E:CE:87:2A:B4:79:02:89:1E
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/MGgoOQOMcssjkC0uzocqtHkCiR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:cc01::/32
2a12:cc03::/32
Signature Algorithm: sha256WithRSAEncryption
61:59:f5:84:71:d2:0f:a2:fa:b5:95:93:b0:ea:d1:cd:ae:97:
a9:a4:1d:ad:f8:8c:fc:55:d7:ca:18:eb:7c:49:18:42:db:8e:
51:f5:70:17:33:38:d4:52:60:59:5f:f5:72:65:e4:76:64:db:
0c:16:cf:11:99:69:7e:b3:0e:c3:e2:8f:97:c6:7e:60:34:7c:
5a:43:42:2c:9a:6b:5a:24:e3:ce:b1:9d:8b:23:8f:85:ca:36:
ab:45:0b:72:f4:bd:cf:05:c6:f3:d4:c8:88:75:27:2c:91:49:
b7:79:3c:1d:71:94:46:0d:1b:8f:6c:97:c8:7e:d5:d3:fc:86:
a1:de:37:f9:c6:96:dc:e6:bd:d7:5b:1b:dc:e2:b6:ad:b8:aa:
5d:16:d1:c0:94:37:39:67:04:8d:e2:5a:1b:b7:3f:4d:ac:e1:
a9:d8:90:5b:82:7e:eb:b5:4a:c0:3b:86:59:87:80:7b:cc:bf:
e5:a7:5d:2b:3d:8d:a8:1b:5e:a3:6d:85:51:58:d9:02:83:c8:
26:7d:df:54:2e:d9:fb:55:d4:05:56:c8:10:96:1c:75:6a:62:
2b:c7:5f:b2:d4:27:5d:9f:53:67:fe:1b:d9:df:fb:29:0f:0d:
cb:4f:62:7c:94:a3:c2:60:79:14:9a:9a:02:2d:1c:39:71:f2:
a3:2a:b5:04
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYwmZjTx4sIwmhDKCsnKMI/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjMxMjAxMTcyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDY4MjgzOTAzOGM3MmNiMjM5MDJkMmVjZTg3MmFiNDc5MDI4OTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8pHKRgErB+lS0jTlH1Y4R9Ap4x0
Nq6c23e19xi+VJrPbxvN/8JiY1mOF24TEw0pakHMKZnru7lOIq9zPrnhQjgbNTMZ
UnFOTplKXliwir+L6FRNArjpz3KHLiuB564BmiP8wqDSyRPBCqanlpu3HWbMaTnT
WRgaJq4mHVxWcqXncK5dwkOzGns6Z0h1w6NVYIA/+fujc+TTsMjdcbDVr+pf0WwP
IWhapnoqpTdRLdnvBPurx0Y5QK6tnH06dBmeE3WbiAlI9HQNmLwLJtjeaXaJ6yU8
IdBEAGrfjXajyoKm6BsHbP7PQ940pdP116QF7wJ/M0gaOfo9wo4GVGFF6wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDBoKDkDjHLLI5AtLs6HKrR5AokeMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvTUdnb09RT01jc3Nqa0MwdXpvY3F0SGtDaVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhLMAQMF
ACoSzAMwDQYJKoZIhvcNAQELBQADggEBAGFZ9YRx0g+i+rWVk7Dq0c2ul6mkHa34
jPxV18oY63xJGELbjlH1cBczONRSYFlf9XJl5HZk2wwWzxGZaX6zDsPij5fGfmA0
fFpDQiyaa1ok486xnYsjj4XKNqtFC3L0vc8FxvPUyIh1JyyRSbd5PB1xlEYNG49s
l8h+1dP8hqHeN/nGltzmvddbG9zitq24ql0W0cCUNzlnBI3iWhu3P02s4anYkFuC
fuu1SsA7hlmHgHvMv+WnXSs9jagbXqNthVFY2QKDyCZ931Qu2ftV1AVWyBCWHHVq
YivHX7LUJ12fU2f+G9nf+ykPDctPYnyUo8JgeRSamgItHDlx8qMqtQQ=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:42 2024 by rpki-client on console-fra.rpki-client.org