Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MvX3XJA2mCKCZ_JE_84QX2k45OM.roa
File: MvX3XJA2mCKCZ_JE_84QX2k45OM.roa (raw, json)
Hash identifier: /ur464P0ELUVB6HVBo0kU19yZgN9q5x7d+eTpbXy2kU=
Subject key identifier: 32:F5:F7:5C:90:36:98:22:82:67:F2:44:FF:CE:10:5F:69:38:E4:E3
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD31914A6A471C674909B5AEA872BA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MvX3XJA2mCKCZ_JE_84QX2k45OM.roa
Signing time: Tue 02 Jan 2024 10:34:28 +0000
ROA not before: Tue 02 Jan 2024 10:34:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211184
IP address blocks: 2a0e:b107:1940::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jan 2024 19:12:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:31:91:4a:6a:47:1c:67:49:09:b5:ae:a8:72:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32f5f75c903698228267f244ffce105f6938e4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e9:c2:2a:02:c8:45:68:0e:7d:5f:23:56:4a:
b9:65:d1:78:88:c4:d5:72:88:b3:3b:6a:88:0a:23:
8d:9c:3f:d0:b0:97:57:bb:f3:57:d8:a9:02:ce:4c:
64:4e:9d:60:76:23:75:c1:6e:4b:24:b4:52:18:2c:
6e:a7:e7:07:19:43:23:03:30:69:28:32:7d:96:fc:
30:1e:8a:34:73:d8:f5:55:ba:95:78:8e:be:7f:a2:
2c:cd:18:dd:47:d8:8b:62:34:29:67:53:a2:26:c8:
e9:b0:96:87:15:14:62:cc:b6:9e:d0:7f:68:84:13:
5e:9b:b9:dd:4b:e0:da:7f:0c:99:2a:22:e3:18:38:
0f:c9:05:49:d2:c3:dc:08:42:83:5e:7a:9e:dd:a1:
60:6e:0e:0d:7b:be:57:9e:7e:a3:64:8e:95:dd:f1:
a7:cd:c2:0c:e7:54:cc:8f:b4:d2:99:64:6c:5c:4c:
6c:d3:cd:4c:7d:84:36:ca:51:cb:0d:74:07:ab:0d:
33:b5:ce:c0:d4:2e:f1:a5:53:67:c5:fc:e6:d2:ee:
0e:44:da:c2:59:68:cf:37:a7:84:0a:7c:4c:22:02:
fd:06:93:e3:d5:7f:4f:a4:7c:aa:6c:5d:01:ea:d4:
a9:45:af:c8:ff:80:d5:29:62:0a:50:d6:5f:73:d3:
e1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F5:F7:5C:90:36:98:22:82:67:F2:44:FF:CE:10:5F:69:38:E4:E3
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MvX3XJA2mCKCZ_JE_84QX2k45OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1940::/44
Signature Algorithm: sha256WithRSAEncryption
0f:5f:3e:21:54:0d:30:00:84:8d:74:36:42:74:ce:cc:e5:3e:
05:b9:11:04:cc:44:09:ae:f9:2d:8b:49:90:12:6e:56:f0:ff:
28:8c:99:7c:d5:af:5f:61:a8:4a:48:47:2a:a3:20:44:f8:35:
5a:9b:9b:9a:b5:41:46:ea:98:4b:4b:40:0c:9a:04:5d:0b:3a:
a6:b0:9f:a6:85:3b:ec:a2:d7:4f:ac:7e:d2:ca:f7:29:2b:fa:
63:5c:32:0a:50:bc:c8:19:7f:d2:d3:5c:d9:9f:71:0c:f9:68:
5b:a0:e4:3f:23:7a:c9:c1:b8:4a:3f:54:0c:50:41:42:08:1e:
75:55:f5:84:a5:49:e8:02:c6:ce:19:c3:31:c0:59:79:da:ea:
38:53:46:3c:c0:e1:4a:c2:13:9c:39:c0:72:2a:78:59:2f:ad:
82:cc:19:f2:ed:66:df:ed:f8:2a:a4:9f:dc:d8:a1:50:07:e8:
ef:05:e9:11:e3:5e:20:99:70:db:46:b0:ec:d9:b5:07:9b:17:
ef:19:19:54:2d:6d:d4:6d:66:7e:3d:3d:e3:d2:f7:cb:77:dc:
26:11:dd:ea:04:8c:cb:7a:4d:aa:6c:0a:be:73:ca:d7:fd:1b:
87:3b:bf:06:04:8c:3a:5f:16:9e:ab:5e:8c:1e:01:f0:44:62:
61:df:a1:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzJvTGRSmpHHGdJCbWuqHK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY1Zjc1YzkwMzY5ODIyODI2N2YyNDRmZmNlMTA1ZjY5MzhlNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmenCKgLIRWgOfV8jVkq5ZdF4iMTV
coizO2qICiONnD/QsJdXu/NX2KkCzkxkTp1gdiN1wW5LJLRSGCxup+cHGUMjAzBp
KDJ9lvwwHoo0c9j1VbqVeI6+f6IszRjdR9iLYjQpZ1OiJsjpsJaHFRRizLae0H9o
hBNem7ndS+DafwyZKiLjGDgPyQVJ0sPcCEKDXnqe3aFgbg4Ne75Xnn6jZI6V3fGn
zcIM51TMj7TSmWRsXExs081MfYQ2ylHLDXQHqw0ztc7A1C7xpVNnxfzm0u4ORNrC
WWjPN6eECnxMIgL9BpPj1X9PpHyqbF0B6tSpRa/I/4DVKWIKUNZfc9PhtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDL191yQNpgigmfyRP/OEF9pOOTjMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTXZYM1hKQTJtQ0tDWl9KRV84NFFYMms0NU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxlA
MA0GCSqGSIb3DQEBCwUAA4IBAQAPXz4hVA0wAISNdDZCdM7M5T4FuREEzEQJrvkt
i0mQEm5W8P8ojJl81a9fYahKSEcqoyBE+DVam5uatUFG6phLS0AMmgRdCzqmsJ+m
hTvsotdPrH7SyvcpK/pjXDIKULzIGX/S01zZn3EM+WhboOQ/I3rJwbhKP1QMUEFC
CB51VfWEpUnoAsbOGcMxwFl52uo4U0Y8wOFKwhOcOcByKnhZL62CzBny7Wbf7fgq
pJ/c2KFQB+jvBekR414gmXDbRrDs2bUHmxfvGRlULW3UbWZ+PT3j0vfLd9wmEd3q
BIzLek2qbAq+c8rX/RuHO78GBIw6Xxaeq16MHgHwRGJh36Gb
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:41 2024 by rpki-client on console-fra.rpki-client.org