Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MU7B03YEmXCxbmu6ekLl3-9T-3M.roa
File: MU7B03YEmXCxbmu6ekLl3-9T-3M.roa (raw, json)
Hash identifier: XX7xVnd9SvmbRRUtrTXwgLOKBqvv8P9+eTigiJNWSho=
Subject key identifier: 31:4E:C1:D3:76:04:99:70:B1:6E:6B:BA:7A:42:E5:DF:EF:53:FB:73
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018BE8BBC5AA7955E78E816315F898152052
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MU7B03YEmXCxbmu6ekLl3-9T-3M.roa
Signing time: Sun 19 Nov 2023 17:58:21 +0000
ROA not before: Sun 19 Nov 2023 17:58:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197963
IP address blocks: 2a06:de01:b0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e8:bb:c5:aa:79:55:e7:8e:81:63:15:f8:98:15:20:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 19 17:58:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=314ec1d376049970b16e6bba7a42e5dfef53fb73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2f:19:e5:78:c2:55:0e:f6:d0:d9:a9:81:13:
07:3a:fc:b3:fe:3a:0f:8e:c5:36:d0:c4:c6:af:28:
5e:e4:a1:f7:f0:43:75:18:b0:cf:ab:29:5e:b6:96:
57:bf:fa:82:1d:b2:34:0d:b5:20:3f:76:15:a0:e0:
8c:a5:95:9d:d2:5b:d3:71:1f:9b:b0:f2:ee:9e:53:
fc:5e:0f:25:6f:89:30:01:86:df:56:d7:fc:7b:b2:
7b:e8:43:9e:48:25:9c:07:53:14:55:18:86:28:3d:
6d:c9:4c:67:a1:52:5c:59:5d:12:35:32:0e:c7:ad:
27:8d:97:b8:81:36:ab:91:96:8a:09:21:18:8a:b0:
e0:65:71:85:c7:33:ed:65:cf:25:27:8f:d8:72:cc:
7f:a1:da:23:f5:d4:ab:93:08:32:2e:b2:7e:c0:78:
21:b5:35:c8:d6:d3:3c:d4:8e:d8:d7:58:ad:07:1d:
5c:84:97:01:ff:ab:f4:bd:cd:23:7f:29:2a:39:c9:
fd:48:80:7d:35:4a:d4:37:28:83:33:a3:ec:92:58:
8f:33:09:7d:7e:a4:c1:4f:8f:2a:38:0c:63:55:88:
09:5e:00:15:66:20:14:88:4b:13:60:99:e3:dd:b0:
c9:a2:1c:24:d9:04:07:61:4a:24:27:be:bb:fa:74:
50:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:4E:C1:D3:76:04:99:70:B1:6E:6B:BA:7A:42:E5:DF:EF:53:FB:73
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MU7B03YEmXCxbmu6ekLl3-9T-3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:de01:b0::/44
Signature Algorithm: sha256WithRSAEncryption
ad:a7:a8:77:b9:8f:65:3f:02:af:a1:8b:df:48:5f:25:94:86:
ba:a8:70:fc:b2:8b:1d:d2:68:9c:a2:2f:cd:54:00:31:fc:32:
96:5f:17:c2:1a:af:ab:d5:4b:5b:07:17:0a:6a:7c:1f:00:ff:
63:ca:e2:cb:07:20:50:25:20:df:e1:1d:29:18:ad:34:9a:0c:
99:9f:38:99:6d:2d:69:31:d8:5c:ed:b8:d4:95:cc:fc:73:2b:
70:3a:a3:70:6d:72:27:dd:33:94:16:c0:94:96:d1:60:c0:d8:
5e:63:d5:56:bd:7e:3b:6c:79:4e:e1:55:44:60:b9:84:c7:88:
cb:3c:50:16:2e:1f:79:ef:b9:2c:d8:27:28:a1:8b:45:54:8b:
8e:1f:1d:6e:c6:bf:21:84:4a:f3:46:69:78:8a:89:7a:97:97:
ac:d1:b8:55:cb:37:95:c7:72:f7:75:9e:e5:55:2f:93:5b:63:
13:a3:d4:74:d7:32:dc:b7:69:70:60:db:e7:15:98:e3:4e:46:
05:2f:8d:99:46:0b:f8:df:fa:c2:a8:1e:f5:af:eb:de:17:40:
9c:b0:e7:fb:71:5f:76:67:cf:0e:9b:f9:57:c0:ac:60:c3:73:
1b:84:c4:15:78:7f:41:af:e9:56:82:9d:7e:2b:e7:06:60:0b:
c0:69:aa:42
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYvou8WqeVXnjoFjFfiYFSBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMTE5MTc1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTRlYzFkMzc2MDQ5OTcwYjE2ZTZiYmE3YTQyZTVkZmVmNTNmYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmS8Z5XjCVQ720NmpgRMHOvyz/joP
jsU20MTGryhe5KH38EN1GLDPqyletpZXv/qCHbI0DbUgP3YVoOCMpZWd0lvTcR+b
sPLunlP8Xg8lb4kwAYbfVtf8e7J76EOeSCWcB1MUVRiGKD1tyUxnoVJcWV0SNTIO
x60njZe4gTarkZaKCSEYirDgZXGFxzPtZc8lJ4/Ycsx/odoj9dSrkwgyLrJ+wHgh
tTXI1tM81I7Y11itBx1chJcB/6v0vc0jfykqOcn9SIB9NUrUNyiDM6PskliPMwl9
fqTBT48qOAxjVYgJXgAVZiAUiEsTYJnj3bDJohwk2QQHYUokJ767+nRQJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDFOwdN2BJlwsW5runpC5d/vU/tzMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTVU3QjAzWUVtWEN4Ym11NmVrTGwzLTlULTNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbeAQCw
MA0GCSqGSIb3DQEBCwUAA4IBAQCtp6h3uY9lPwKvoYvfSF8llIa6qHD8sosd0mic
oi/NVAAx/DKWXxfCGq+r1UtbBxcKanwfAP9jyuLLByBQJSDf4R0pGK00mgyZnziZ
bS1pMdhc7bjUlcz8cytwOqNwbXIn3TOUFsCUltFgwNheY9VWvX47bHlO4VVEYLmE
x4jLPFAWLh9577ks2CcooYtFVIuOHx1uxr8hhErzRml4iol6l5es0bhVyzeVx3L3
dZ7lVS+TW2MTo9R01zLct2lwYNvnFZjjTkYFL42ZRgv43/rCqB71r+veF0CcsOf7
cV92Z88Om/lXwKxgw3MbhMQVeH9Br+lWgp1+K+cGYAvAaapC
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:30 2024 by rpki-client on console-fra.rpki-client.org