Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MNXpKZOcGHlwuR8ADoo0Q5lYkN8.roa
File: MNXpKZOcGHlwuR8ADoo0Q5lYkN8.roa (raw, json)
Hash identifier: 3U3CXJ3Y2iHDMVPTqKg2c5dWHpwqGbhuQ8Cbd9SJe54=
Subject key identifier: 30:D5:E9:29:93:9C:18:79:70:B9:1F:00:0E:8A:34:43:99:58:90:DF
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD24957597FB438105CE2D3FE08CAB
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MNXpKZOcGHlwuR8ADoo0Q5lYkN8.roa
Signing time: Tue 02 Jan 2024 10:34:25 +0000
ROA not before: Tue 02 Jan 2024 10:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210490
IP address blocks: 2a0e:b107:17b0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Feb 2024 12:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:24:95:75:97:fb:43:81:05:ce:2d:3f:e0:8c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d5e929939c187970b91f000e8a3443995890df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7d:fb:0b:f0:a8:83:e0:63:70:e2:94:66:9b:
66:9b:f1:a5:a9:83:8b:9e:fd:77:73:a2:35:a1:56:
c1:ef:52:31:52:d0:6a:48:c0:b3:d3:d4:78:2e:89:
20:94:cd:fa:83:52:13:6c:08:a2:2b:f2:9e:f0:df:
0d:c9:b9:25:e5:28:3d:db:f6:0b:a2:e5:be:66:63:
52:07:b0:78:66:71:c3:21:4e:e1:9d:d3:39:3a:9e:
e7:97:fa:2c:cc:a7:1d:ed:17:c0:9e:56:22:f1:12:
67:77:d8:1a:bc:0d:72:b5:eb:e5:66:a1:25:b8:7d:
b6:71:b0:26:41:e6:27:e1:b0:3e:e3:65:5f:26:53:
1e:ea:9e:85:59:50:4e:8e:5f:89:b8:49:b2:14:ca:
05:cf:9b:ed:83:53:35:42:d0:d7:ae:e8:7a:bc:b2:
d8:9c:ca:e0:d9:86:37:0d:a2:8c:aa:5a:31:0d:23:
ba:5d:d7:43:86:f0:dc:71:28:6c:ac:7b:b7:85:91:
56:08:ac:7a:55:93:71:fa:d3:0c:b1:4c:4f:a7:20:
32:77:6d:e1:05:f5:21:23:8c:a1:3b:9c:8b:e5:a7:
73:07:3d:7f:25:89:17:3c:7b:c8:fe:c8:14:38:0e:
b9:2c:82:b8:5b:b5:54:7a:55:97:94:88:dc:23:96:
70:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D5:E9:29:93:9C:18:79:70:B9:1F:00:0E:8A:34:43:99:58:90:DF
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MNXpKZOcGHlwuR8ADoo0Q5lYkN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:17b0::/48
Signature Algorithm: sha256WithRSAEncryption
a1:0c:b2:02:65:05:0d:e1:6b:a1:ac:6d:41:ae:00:4a:71:9c:
36:ab:6a:70:f3:5f:7b:3a:05:25:c7:c8:6e:68:14:55:10:bd:
9f:b8:16:c5:66:91:d4:7a:89:5f:dd:50:0f:43:8c:80:82:cd:
7f:30:56:ac:0c:66:4d:18:a0:ad:36:93:63:d4:b4:59:96:f1:
58:a5:9b:33:46:5b:fd:46:81:6d:d1:17:32:50:f7:64:5a:6d:
e6:18:2d:7f:34:ba:10:4e:1a:9a:ff:19:a3:30:17:e3:1f:79:
54:fc:26:0a:9c:4c:f3:c8:54:c4:2b:f9:e7:e2:2e:3f:59:dd:
4f:3f:90:7b:2c:14:8a:e8:3a:ce:76:a4:8e:e9:23:50:5f:2f:
0f:06:54:65:1d:f8:ac:06:9b:11:af:cf:e4:16:72:cc:dc:a0:
8b:c7:15:9e:9c:5a:bc:53:27:8b:f7:0a:0a:bb:68:ba:c0:da:
45:08:30:84:19:e7:87:0b:54:fb:a4:2f:73:7c:6e:cb:e5:bb:
83:76:c8:07:ab:94:30:2d:5d:1b:da:5c:79:6e:27:a7:15:02:
e8:8a:32:0a:7b:97:bb:ab:c5:bb:bb:ed:55:90:b0:79:97:12:
ac:22:78:ad:4c:8e:05:be:de:a6:33:26:51:97:23:4a:a7:93:
cf:5c:6a:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvSSVdZf7Q4EFzi0/4IyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ1ZTkyOTkzOWMxODc5NzBiOTFmMDAwZThhMzQ0Mzk5NTg5MGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX37C/Cog+BjcOKUZptmm/GlqYOL
nv13c6I1oVbB71IxUtBqSMCz09R4LokglM36g1ITbAiiK/Ke8N8Nybkl5Sg92/YL
ouW+ZmNSB7B4ZnHDIU7hndM5Op7nl/oszKcd7RfAnlYi8RJnd9gavA1ytevlZqEl
uH22cbAmQeYn4bA+42VfJlMe6p6FWVBOjl+JuEmyFMoFz5vtg1M1QtDXruh6vLLY
nMrg2YY3DaKMqloxDSO6XddDhvDccShsrHu3hZFWCKx6VZNx+tMMsUxPpyAyd23h
BfUhI4yhO5yL5adzBz1/JYkXPHvI/sgUOA65LIK4W7VUelWXlIjcI5ZwGwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDDV6SmTnBh5cLkfAA6KNEOZWJDfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTU5YcEtaT2NHSGx3dVI4QURvbzBRNWxZa044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBxew
MA0GCSqGSIb3DQEBCwUAA4IBAQChDLICZQUN4WuhrG1BrgBKcZw2q2pw8197OgUl
x8huaBRVEL2fuBbFZpHUeolf3VAPQ4yAgs1/MFasDGZNGKCtNpNj1LRZlvFYpZsz
Rlv9RoFt0RcyUPdkWm3mGC1/NLoQThqa/xmjMBfjH3lU/CYKnEzzyFTEK/nn4i4/
Wd1PP5B7LBSK6DrOdqSO6SNQXy8PBlRlHfisBpsRr8/kFnLM3KCLxxWenFq8UyeL
9woKu2i6wNpFCDCEGeeHC1T7pC9zfG7L5buDdsgHq5QwLV0b2lx5bienFQLoijIK
e5e7q8W7u+1VkLB5lxKsInitTI4Fvt6mMyZRlyNKp5PPXGqk
-----END CERTIFICATE-----
Generated at Thu Feb 22 18:05:49 2024 by rpki-client on console-fra.rpki-client.org