Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/mhYzuENz08SguUdeP7TyHCdVk_Q.roa
File: mhYzuENz08SguUdeP7TyHCdVk_Q.roa (raw, json)
Hash identifier: 1no9nYGKkRIHe0w9vbnk+KZl9WBkwh2oXs/Ao9U0HKY=
Subject key identifier: 9A:16:33:B8:43:73:D3:C4:A0:B9:47:5E:3F:B4:F2:1C:27:55:93:F4
Certificate issuer: /CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Certificate serial: 0193DE61AE94C3F040FCB9EEA9869CC7C6CC
Authority key identifier: 34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/mhYzuENz08SguUdeP7TyHCdVk_Q.roa
Signing time: Thu 19 Dec 2024 10:06:03 +0000
ROA not before: Thu 19 Dec 2024 10:06:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43465
IP address blocks: 2a03:e140:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:de:61:ae:94:c3:f0:40:fc:b9:ee:a9:86:9c:c7:c6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3472b553f0cb0b13900d4c2e0e6c779aca03e3b1
Validity
Not Before: Dec 19 10:06:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a1633b84373d3c4a0b9475e3fb4f21c275593f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ae:bf:99:00:12:9d:8b:16:bb:7a:04:d2:a1:
36:6f:89:c6:10:41:d0:2d:1b:8b:01:d3:ce:67:cc:
9b:36:5b:fb:35:58:7b:5c:d5:1c:d8:e6:a9:e7:72:
ff:5f:ff:a9:29:f2:a2:0c:70:0a:93:da:01:ed:d2:
84:f8:2e:ba:e7:fa:b3:f6:72:54:42:8d:7e:54:9c:
f4:e5:9b:b0:a5:41:dd:21:c3:9d:2c:c0:ee:a3:65:
4f:b5:49:23:7b:0a:4a:ad:fa:b1:93:98:bd:2f:d5:
e9:60:b0:d5:73:bb:28:6c:73:9f:2e:75:f2:9f:6d:
46:23:bc:6d:9d:e2:35:06:88:ed:2f:f2:66:8d:4c:
20:67:e5:1a:12:88:fe:f6:92:08:1c:bd:93:3b:35:
c2:a3:9c:fd:14:da:e7:9a:52:b2:61:06:16:b0:62:
11:de:7d:ad:85:d9:83:36:26:c1:7a:fa:f9:05:c3:
15:e2:57:d1:30:78:b7:be:1c:5c:97:97:e4:11:b6:
46:ba:1f:47:8a:ae:a7:d7:ca:a5:2f:88:c1:cd:32:
b8:c9:63:a0:d4:b3:5e:36:bf:e8:f7:89:76:5d:36:
d4:f8:35:15:ac:88:dc:4a:54:6a:90:74:29:67:95:
9f:60:be:ad:28:20:11:7f:d2:61:30:db:af:99:ca:
0b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:16:33:B8:43:73:D3:C4:A0:B9:47:5E:3F:B4:F2:1C:27:55:93:F4
X509v3 Authority Key Identifier:
keyid:34:72:B5:53:F0:CB:0B:13:90:0D:4C:2E:0E:6C:77:9A:CA:03:E3:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHK1U_DLCxOQDUwuDmx3msoD47E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/mhYzuENz08SguUdeP7TyHCdVk_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/05ed2f-c4f7-4417-a4fb-0d20525edc74/1/NHK1U_DLCxOQDUwuDmx3msoD47E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:e140:5::/48
Signature Algorithm: sha256WithRSAEncryption
79:04:ea:25:89:d7:4f:b2:01:58:83:a9:59:1c:98:af:00:52:
94:c9:77:a8:bf:03:ab:7a:50:2a:6a:6d:84:87:bf:a6:83:a8:
2c:fd:3f:b1:61:16:11:51:48:88:d3:7c:d3:72:d1:49:ff:b6:
3c:cf:b6:5d:7b:63:04:85:b0:7d:eb:5d:74:8e:bf:47:94:84:
c8:a7:31:c8:28:47:51:32:91:a7:d9:56:f0:54:8d:77:5e:e0:
0e:30:21:b6:84:a2:5c:77:34:a8:1a:28:3a:b3:19:c9:7d:d9:
42:ed:53:1c:28:ad:a5:55:ad:74:30:83:15:f6:67:fd:6e:05:
93:a5:19:f5:75:88:4a:19:ef:c8:b8:74:b9:5d:ec:2e:28:18:
7e:07:1b:26:ef:d8:01:0e:f9:6b:cc:8f:f9:85:63:c1:9a:e1:
0d:c3:bd:4e:42:7e:88:2c:dd:1e:b1:1b:36:13:53:4b:67:cb:
c4:4e:6a:ba:42:50:69:90:f2:c3:4e:b5:cd:0e:e0:6b:3a:2a:
16:73:c4:5b:67:2d:d7:02:68:52:d6:df:6a:cf:42:b8:9f:fd:
fd:3d:59:48:90:55:33:53:e9:eb:af:cc:d4:b6:e2:3a:81:f7:
46:40:73:6f:c9:da:c4:53:a3:e7:2c:8d:aa:2d:40:93:15:6d:
65:d9:46:83
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZPeYa6Uw/BA/LnuqYacx8bMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzJiNTUzZjBjYjBiMTM5MDBkNGMyZTBlNmM3NzlhY2Ew
M2UzYjEwHhcNMjQxMjE5MTAwNjAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE2MzNiODQzNzNkM2M0YTBiOTQ3NWUzZmI0ZjIxYzI3NTU5M2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA266/mQASnYsWu3oE0qE2b4nGEEHQ
LRuLAdPOZ8ybNlv7NVh7XNUc2Oap53L/X/+pKfKiDHAKk9oB7dKE+C665/qz9nJU
Qo1+VJz05ZuwpUHdIcOdLMDuo2VPtUkjewpKrfqxk5i9L9XpYLDVc7sobHOfLnXy
n21GI7xtneI1BojtL/JmjUwgZ+UaEoj+9pIIHL2TOzXCo5z9FNrnmlKyYQYWsGIR
3n2thdmDNibBevr5BcMV4lfRMHi3vhxcl5fkEbZGuh9Hiq6n18qlL4jBzTK4yWOg
1LNeNr/o94l2XTbU+DUVrIjcSlRqkHQpZ5WfYL6tKCARf9JhMNuvmcoLRQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJoWM7hDc9PEoLlHXj+08hwnVZP0MB8GA1UdIwQY
MBaAFDRytVPwywsTkA1MLg5sd5rKA+OxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhLMVVfRExDeE9RRFV3dURteDNtc29ENDdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wNWVkMmYtYzRmNy00NDE3LWE0ZmIt
MGQyMDUyNWVkYzc0LzEvbWhZenVFTnowOFNndVVkZVA3VHlIQ2RWa19RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wNWVkMmYtYzRmNy00NDE3LWE0ZmItMGQyMDUyNWVkYzc0
LzEvTkhLMVVfRExDeE9RRFV3dURteDNtc29ENDdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgPhQAAF
MA0GCSqGSIb3DQEBCwUAA4IBAQB5BOoliddPsgFYg6lZHJivAFKUyXeovwOrelAq
am2Eh7+mg6gs/T+xYRYRUUiI03zTctFJ/7Y8z7Zde2MEhbB96110jr9HlITIpzHI
KEdRMpGn2VbwVI13XuAOMCG2hKJcdzSoGig6sxnJfdlC7VMcKK2lVa10MIMV9mf9
bgWTpRn1dYhKGe/IuHS5XewuKBh+Bxsm79gBDvlrzI/5hWPBmuENw71OQn6ILN0e
sRs2E1NLZ8vETmq6QlBpkPLDTrXNDuBrOioWc8RbZy3XAmhS1t9qz0K4n/39PVlI
kFUzU+nrr8zUtuI6gfdGQHNvydrEU6PnLI2qLUCTFW1l2UaD
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:01:06 2025 by rpki-client