Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/c7b573-2768-473c-a5c4-57ef7fee759c/1/cabMKH94uPuY3lWJmtq4FbH2IF8.roa
File: cabMKH94uPuY3lWJmtq4FbH2IF8.roa (raw, json)
Hash identifier: xM6jrMDiF2EruWNrJHzUFzpgh+InRTZZafeB0FYLlx4=
Subject key identifier: 71:A6:CC:28:7F:78:B8:FB:98:DE:55:89:9A:DA:B8:15:B1:F6:20:5F
Certificate issuer: /CN=ac9bbf9f623313eb2b1827350b45a9ba1fd9da5f
Certificate serial: 018CC80169B6B2F71F680D618953C39EB74E
Authority key identifier: AC:9B:BF:9F:62:33:13:EB:2B:18:27:35:0B:45:A9:BA:1F:D9:DA:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJu_n2IzE-srGCc1C0Wpuh_Z2l8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/c7b573-2768-473c-a5c4-57ef7fee759c/1/cabMKH94uPuY3lWJmtq4FbH2IF8.roa
Signing time: Tue 02 Jan 2024 02:29:44 +0000
ROA not before: Tue 02 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 2001:67c:6d4::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:69:b6:b2:f7:1f:68:0d:61:89:53:c3:9e:b7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9bbf9f623313eb2b1827350b45a9ba1fd9da5f
Validity
Not Before: Jan 2 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71a6cc287f78b8fb98de55899adab815b1f6205f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c7:3e:96:c4:7a:0c:2e:17:9e:58:10:11:3e:
5e:a1:3a:ad:e7:cf:05:73:ea:7a:76:5b:ba:04:50:
de:03:e7:77:2a:a2:1b:08:2d:20:b8:a5:47:61:4e:
b2:77:ad:37:86:82:8a:43:4b:5f:54:14:9a:cc:14:
8a:70:91:c7:33:fe:0c:ee:a4:77:07:28:12:ab:10:
45:5c:00:55:bc:6a:81:c1:a8:b9:e0:e6:e6:8c:77:
57:bb:1b:82:3c:bf:27:4f:a6:5f:0a:48:ee:cc:1a:
a0:bf:56:dd:20:84:17:d7:e4:0f:c6:60:45:73:5f:
0d:a8:46:39:9c:af:ba:f6:56:05:72:1a:e5:7b:5d:
cb:5a:2f:e6:a6:f0:26:66:34:f7:0d:d2:c6:98:c0:
ad:1d:66:57:a4:6c:1c:d2:6c:75:ab:bf:cb:78:42:
5c:93:89:13:c6:ab:d2:94:d7:b0:c6:9a:75:12:27:
6a:76:5b:f2:dc:c4:a6:af:de:29:4a:a2:65:9a:a0:
1e:29:7b:f8:75:e5:e1:39:50:fc:ff:e5:3e:57:b0:
aa:16:a7:56:ab:2f:df:77:bd:82:db:88:d2:13:c5:
2e:4c:c4:59:2c:12:f4:65:1f:7b:42:4b:db:d8:0a:
1d:2a:e9:ab:82:3d:fb:f0:f8:2c:85:02:20:da:6e:
93:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A6:CC:28:7F:78:B8:FB:98:DE:55:89:9A:DA:B8:15:B1:F6:20:5F
X509v3 Authority Key Identifier:
keyid:AC:9B:BF:9F:62:33:13:EB:2B:18:27:35:0B:45:A9:BA:1F:D9:DA:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJu_n2IzE-srGCc1C0Wpuh_Z2l8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c7b573-2768-473c-a5c4-57ef7fee759c/1/cabMKH94uPuY3lWJmtq4FbH2IF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/c7b573-2768-473c-a5c4-57ef7fee759c/1/rJu_n2IzE-srGCc1C0Wpuh_Z2l8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:6d4::/48
Signature Algorithm: sha256WithRSAEncryption
11:94:48:c6:d2:a7:68:1e:aa:73:8c:62:ae:17:d9:02:7b:01:
0e:6e:22:97:74:1b:70:61:64:1a:da:ab:ef:d3:11:c0:90:73:
ec:88:60:d2:8e:2d:fe:ec:4a:49:c3:59:16:84:54:be:b4:bf:
b1:a7:1c:46:93:0a:7d:13:a1:76:18:c9:ff:bf:ab:f9:53:df:
09:66:12:7f:a9:2c:77:94:13:05:fc:42:1b:1a:b0:f7:5d:d3:
ae:f1:cd:56:58:81:95:d7:2a:90:df:d5:94:aa:3a:84:53:c9:
55:94:ca:79:a9:98:b1:bb:ff:53:16:32:82:57:d7:19:fd:de:
43:d6:98:97:4d:d3:85:f9:72:21:db:c6:8c:7b:ff:c6:94:bf:
53:55:9a:e3:d7:89:10:88:c3:ae:7b:8f:f5:43:d6:fb:39:b4:
f6:95:f6:a6:63:51:e8:b9:7b:ee:40:a2:be:de:0b:cd:e2:fa:
00:ab:cf:31:3b:c7:c6:d5:e3:49:a1:89:39:9a:d6:4c:a4:9b:
1b:41:68:8d:fd:d1:9e:0f:aa:c8:6d:28:91:f3:62:29:4a:e8:
3f:0d:29:38:75:1c:62:ab:54:ad:08:9c:3c:69:34:84:83:a5:
db:ab:b0:6e:c1:ca:6e:52:31:ab:a8:1c:81:ed:28:86:6e:38:
6d:95:ca:fa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAWm2svcfaA1hiVPDnrdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWJiZjlmNjIzMzEzZWIyYjE4MjczNTBiNDVhOWJhMWZk
OWRhNWYwHhcNMjQwMTAyMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWE2Y2MyODdmNzhiOGZiOThkZTU1ODk5YWRhYjgxNWIxZjYyMDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8c+lsR6DC4XnlgQET5eoTqt588F
c+p6dlu6BFDeA+d3KqIbCC0guKVHYU6yd603hoKKQ0tfVBSazBSKcJHHM/4M7qR3
BygSqxBFXABVvGqBwai54ObmjHdXuxuCPL8nT6ZfCkjuzBqgv1bdIIQX1+QPxmBF
c18NqEY5nK+69lYFchrle13LWi/mpvAmZjT3DdLGmMCtHWZXpGwc0mx1q7/LeEJc
k4kTxqvSlNewxpp1Eidqdlvy3MSmr94pSqJlmqAeKXv4deXhOVD8/+U+V7CqFqdW
qy/fd72C24jSE8UuTMRZLBL0ZR97Qkvb2AodKumrgj378PgshQIg2m6TsQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHGmzCh/eLj7mN5ViZrauBWx9iBfMB8GA1UdIwQY
MBaAFKybv59iMxPrKxgnNQtFqbof2dpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckp1X24ySXpFLXNyR0NjMUMwV3B1aF9aMmw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9jN2I1NzMtMjc2OC00NzNjLWE1YzQt
NTdlZjdmZWU3NTljLzEvY2FiTUtIOTR1UHVZM2xXSm10cTRGYkgySUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9jN2I1NzMtMjc2OC00NzNjLWE1YzQtNTdlZjdmZWU3NTlj
LzEvckp1X24ySXpFLXNyR0NjMUMwV3B1aF9aMmw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAbU
MA0GCSqGSIb3DQEBCwUAA4IBAQARlEjG0qdoHqpzjGKuF9kCewEObiKXdBtwYWQa
2qvv0xHAkHPsiGDSji3+7EpJw1kWhFS+tL+xpxxGkwp9E6F2GMn/v6v5U98JZhJ/
qSx3lBMF/EIbGrD3XdOu8c1WWIGV1yqQ39WUqjqEU8lVlMp5qZixu/9TFjKCV9cZ
/d5D1piXTdOF+XIh28aMe//GlL9TVZrj14kQiMOue4/1Q9b7ObT2lfamY1HouXvu
QKK+3gvN4voAq88xO8fG1eNJoYk5mtZMpJsbQWiN/dGeD6rIbSiR82IpSug/DSk4
dRxiq1StCJw8aTSEg6Xbq7BuwcpuUjGrqByB7SiGbjhtlcr6
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:56:15 2025 by rpki-client