Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mkDMjOvQam3kbZfKrejpAbQZe2c.roa
File: mkDMjOvQam3kbZfKrejpAbQZe2c.roa (raw, json)
Hash identifier: w28kN1IrmSKHmW3O4lb7KokHvTuoHfHyMFSV2duUCeQ=
Subject key identifier: 9A:40:CC:8C:EB:D0:6A:6D:E4:6D:97:CA:AD:E8:E9:01:B4:19:7B:67
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018CC9BD2545319FF89EAFBFC0ACB3BD21E7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mkDMjOvQam3kbZfKrejpAbQZe2c.roa
Signing time: Tue 02 Jan 2024 10:34:25 +0000
ROA not before: Tue 02 Jan 2024 10:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210562
IP address blocks: 2a0e:97c0:620::/44 maxlen: 48
2a10:cc47:100::/44 maxlen: 48
Validation: Failed, certificate revoked on Sun 11 Feb 2024 23:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bd:25:45:31:9f:f8:9e:af:bf:c0:ac:b3:bd:21:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 10:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a40cc8cebd06a6de46d97caade8e901b4197b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a0:4c:ec:c2:ed:d3:bd:92:88:aa:26:b6:e6:
4e:9f:73:c5:5f:bb:dd:69:8e:20:6e:37:0c:12:20:
42:cd:66:a0:69:e1:21:67:31:0c:55:70:44:1a:4a:
b8:71:93:2e:fa:c9:62:df:39:24:7f:03:26:1c:3a:
37:b9:a9:f0:72:21:79:dc:6b:fa:d3:3b:32:57:73:
07:29:56:98:b9:19:c0:dd:00:2a:ae:d8:03:99:d2:
89:52:28:84:3f:ac:d6:0f:7b:53:4a:63:70:0a:7c:
37:7e:4c:73:b4:98:4e:59:d2:15:40:b9:12:27:6b:
da:b9:b5:bf:25:ac:73:ca:b6:e2:3a:94:6e:dd:f7:
bb:f6:3f:86:b1:95:03:ea:c7:3a:90:81:a7:bc:12:
81:cb:71:90:41:51:e5:4a:e5:0f:f7:19:33:d9:84:
38:4c:38:e3:8d:1d:60:ce:f7:21:8d:06:05:d0:16:
9f:47:2c:0d:06:36:43:6f:6d:ff:f3:d9:75:d2:99:
b9:5e:b1:1e:44:f9:de:13:bb:61:c3:fa:51:bb:8c:
d0:c6:55:62:99:62:0b:35:ea:d5:66:01:d8:42:eb:
b7:e3:51:2c:df:21:4c:5d:83:f4:27:ff:29:a4:64:
f1:93:de:ff:3e:8a:86:bf:86:af:bd:4d:95:2e:61:
3e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:40:CC:8C:EB:D0:6A:6D:E4:6D:97:CA:AD:E8:E9:01:B4:19:7B:67
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mkDMjOvQam3kbZfKrejpAbQZe2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:620::/44
2a10:cc47:100::/44
Signature Algorithm: sha256WithRSAEncryption
12:91:de:86:b0:d9:62:7b:bb:14:6f:c3:ac:9d:ab:55:f5:4a:
f4:c0:c6:8f:51:d5:15:54:82:c6:bf:8a:b0:43:1b:42:8e:58:
c3:a2:6a:be:57:70:d6:58:ea:27:30:a2:0b:b7:cd:38:66:66:
11:de:5c:4c:99:95:20:ce:27:33:53:bb:2c:af:c9:3a:ed:89:
38:49:75:ee:52:2c:19:38:5c:e1:51:81:24:64:db:52:7c:95:
8b:9e:b5:87:55:c2:53:8a:4e:3e:96:04:79:dc:62:71:0d:ed:
1b:4b:08:3d:b4:b4:e4:ad:73:64:70:d1:1f:a3:ab:9c:ae:cb:
09:b9:a0:38:77:65:ea:78:f8:32:b1:c7:38:7a:53:7c:51:da:
20:97:00:96:93:7c:3d:8c:46:cd:33:a9:bf:33:1d:b8:97:a9:
ab:56:9e:d0:bd:d7:7f:b7:0f:49:42:29:be:a5:6c:5e:dc:01:
d1:3f:ea:53:1e:b8:26:63:9b:aa:e5:7b:dd:2d:4b:9f:20:73:
fc:2c:b2:ba:28:fd:e2:74:86:07:37:e6:45:31:81:29:64:54:
9b:a7:f2:09:c3:ea:cc:50:cc:38:a3:84:8e:ce:ef:b0:94:62:
2a:3f:27:fd:b9:8f:ef:0d:18:5e:08:c4:8d:6a:2c:8d:b6:66:
ec:ac:1a:a1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJvSVFMZ/4nq+/wKyzvSHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTAyMTAzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQwY2M4Y2ViZDA2YTZkZTQ2ZDk3Y2FhZGU4ZTkwMWI0MTk3YjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqBM7MLt072SiKomtuZOn3PFX7vd
aY4gbjcMEiBCzWagaeEhZzEMVXBEGkq4cZMu+sli3zkkfwMmHDo3uanwciF53Gv6
0zsyV3MHKVaYuRnA3QAqrtgDmdKJUiiEP6zWD3tTSmNwCnw3fkxztJhOWdIVQLkS
J2vaubW/JaxzyrbiOpRu3fe79j+GsZUD6sc6kIGnvBKBy3GQQVHlSuUP9xkz2YQ4
TDjjjR1gzvchjQYF0BafRywNBjZDb23/89l10pm5XrEeRPneE7thw/pRu4zQxlVi
mWILNerVZgHYQuu341Es3yFMXYP0J/8ppGTxk97/PoqGv4avvU2VLmE+IwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJpAzIzr0Gpt5G2Xyq3o6QG0GXtnMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbWtETWpPdlFhbTNrYlpmS3JlanBBYlFaZTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKg6XwAYg
AwcEKhDMRwEAMA0GCSqGSIb3DQEBCwUAA4IBAQASkd6GsNlie7sUb8OsnatV9Ur0
wMaPUdUVVILGv4qwQxtCjljDomq+V3DWWOonMKILt804ZmYR3lxMmZUgziczU7ss
r8k67Yk4SXXuUiwZOFzhUYEkZNtSfJWLnrWHVcJTik4+lgR53GJxDe0bSwg9tLTk
rXNkcNEfo6ucrssJuaA4d2XqePgyscc4elN8UdoglwCWk3w9jEbNM6m/Mx24l6mr
Vp7Qvdd/tw9JQim+pWxe3AHRP+pTHrgmY5uq5XvdLUufIHP8LLK6KP3idIYHN+ZF
MYEpZFSbp/IJw+rMUMw4o4SOzu+wlGIqPyf9uY/vDRheCMSNaiyNtmbsrBqh
-----END CERTIFICATE-----
Generated at Mon Feb 12 03:23:14 2024 by rpki-client on console-fra.rpki-client.org