Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/cM1fXMYwzWi_79ETQL1KNWR2bIc.roa
File: cM1fXMYwzWi_79ETQL1KNWR2bIc.roa (raw, json)
Hash identifier: X+LyDq6YTfKhp9IR2dh7v+pWIUpboc2CYPpEr+4w4ek=
Subject key identifier: 70:CD:5F:5C:C6:30:CD:68:BF:EF:D1:13:40:BD:4A:35:64:76:6C:87
Certificate issuer: /CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716
Certificate serial: 018CC794D063F0A927E98DA1F0EC22B46C10
Authority key identifier: 42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/cM1fXMYwzWi_79ETQL1KNWR2bIc.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41289
IP address blocks: 141.38.0.0/16 maxlen: 16
141.38.12.0/24 maxlen: 24
2001:67c:1364::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:d0:63:f0:a9:27:e9:8d:a1:f0:ec:22:b4:6c:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424fd1a3a0258dcca67fc9dddbf4e36157e6a716
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70cd5f5cc630cd68bfefd11340bd4a3564766c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9d:18:2a:01:12:0c:9e:9e:68:58:65:ef:ed:
52:4a:ff:aa:5f:71:1e:46:93:eb:fc:0c:bf:11:08:
e7:3a:02:29:d2:de:94:aa:3d:7b:f4:59:24:ce:45:
82:5f:7b:87:54:5d:df:13:03:46:bc:f6:7f:8c:ce:
50:56:57:57:02:04:69:5e:b1:2b:09:c1:d9:35:79:
ba:d8:41:b6:0e:6f:62:f9:05:d1:1c:8a:be:7e:b5:
f6:ef:f7:41:57:c0:7d:b7:59:ae:aa:6f:4d:9c:84:
31:11:73:d4:4a:a8:70:5d:f8:21:d7:79:6d:71:78:
d4:f4:7b:d0:90:17:41:73:d4:d0:be:48:9e:48:af:
1b:c5:20:c1:ed:43:1e:78:a1:c4:e0:9e:bb:9e:5e:
cf:8d:c8:0a:92:1b:14:40:8e:37:62:cd:da:60:5f:
80:ba:4b:c1:80:5e:5a:c0:18:bd:e0:07:06:92:ae:
e6:b4:d3:f1:3f:8d:0c:5c:3f:04:e6:3c:5a:4c:b1:
57:92:01:18:da:ca:3a:0c:26:aa:27:8f:60:12:4c:
ad:be:70:dc:9c:c2:71:43:08:29:77:71:ab:29:e0:
42:36:ff:9f:8d:c6:5b:d1:31:5e:a1:1e:bd:f3:1f:
09:5d:38:f6:c6:02:46:e9:2a:51:ef:aa:e4:a7:8c:
25:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:CD:5F:5C:C6:30:CD:68:BF:EF:D1:13:40:BD:4A:35:64:76:6C:87
X509v3 Authority Key Identifier:
keyid:42:4F:D1:A3:A0:25:8D:CC:A6:7F:C9:DD:DB:F4:E3:61:57:E6:A7:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/cM1fXMYwzWi_79ETQL1KNWR2bIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/913752-b8dc-4dff-8667-747b0e57ab5e/1/Qk_Ro6Aljcymf8nd2_TjYVfmpxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.38.0.0/16
IPv6:
2001:67c:1364::/48
Signature Algorithm: sha256WithRSAEncryption
02:32:2b:7e:be:44:08:08:a0:27:76:80:bf:ca:0d:9e:21:ff:
2b:47:c7:f5:35:8f:b6:c4:1e:b4:ef:b8:44:d9:75:68:12:46:
4b:41:eb:c6:a3:09:46:01:a2:68:54:f9:3c:d8:1e:78:b6:a2:
9a:b4:c4:a4:cb:27:4f:3c:cc:a7:ed:5f:a5:d4:cc:f0:8f:f3:
44:7c:a4:32:76:10:9b:3a:a5:09:a7:7c:72:f9:3a:d8:b4:d3:
7b:58:fe:1d:43:03:29:6b:c0:e6:d8:62:dc:fc:b5:cf:8f:18:
da:a2:7b:77:85:cb:1f:08:2e:07:5b:d8:4e:ae:dc:6b:41:68:
25:e1:f3:49:60:08:77:eb:23:77:97:42:da:da:70:8e:20:e1:
46:85:37:83:96:a3:69:ae:e4:2e:f0:ce:4c:c1:1c:75:98:a2:
01:91:90:64:8c:22:80:8b:7d:0b:0e:ba:a9:9c:c1:e8:22:a9:
ef:af:ac:00:1d:1f:a6:02:fd:5a:0c:92:fb:af:41:d8:fa:bf:
e2:a5:ca:32:74:b1:31:10:f3:01:b7:b8:0e:d0:57:af:c5:a9:
a1:75:34:2f:f8:a5:59:de:e3:7c:6a:f7:e4:ea:f2:92:f7:05:
47:7b:aa:c9:29:ed:8f:19:70:06:b0:94:db:45:5c:6d:08:54:
9e:29:38:34
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzHlNBj8Kkn6Y2h8OwitGwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZkMWEzYTAyNThkY2NhNjdmYzlkZGRiZjRlMzYxNTdl
NmE3MTYwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGNkNWY1Y2M2MzBjZDY4YmZlZmQxMTM0MGJkNGEzNTY0NzY2Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJ0YKgESDJ6eaFhl7+1SSv+qX3Ee
RpPr/Ay/EQjnOgIp0t6Uqj179FkkzkWCX3uHVF3fEwNGvPZ/jM5QVldXAgRpXrEr
CcHZNXm62EG2Dm9i+QXRHIq+frX27/dBV8B9t1muqm9NnIQxEXPUSqhwXfgh13lt
cXjU9HvQkBdBc9TQvkieSK8bxSDB7UMeeKHE4J67nl7PjcgKkhsUQI43Ys3aYF+A
ukvBgF5awBi94AcGkq7mtNPxP40MXD8E5jxaTLFXkgEY2so6DCaqJ49gEkytvnDc
nMJxQwgpd3GrKeBCNv+fjcZb0TFeoR698x8JXTj2xgJG6SpR76rkp4wluQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHDNX1zGMM1ov+/RE0C9SjVkdmyHMB8GA1UdIwQY
MBaAFEJP0aOgJY3Mpn/J3dv042FX5qcWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85MTM3NTItYjhkYy00ZGZmLTg2Njct
NzQ3YjBlNTdhYjVlLzEvY00xZlhNWXd6V2lfNzlFVFFMMUtOV1IyYkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85MTM3NTItYjhkYy00ZGZmLTg2NjctNzQ3YjBlNTdhYjVl
LzEvUWtfUm82QWxqY3ltZjhuZDJfVGpZVmZtcHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAjSYwDwQC
AAIwCQMHACABBnwTZDANBgkqhkiG9w0BAQsFAAOCAQEAAjIrfr5ECAigJ3aAv8oN
niH/K0fH9TWPtsQetO+4RNl1aBJGS0HrxqMJRgGiaFT5PNgeeLaimrTEpMsnTzzM
p+1fpdTM8I/zRHykMnYQmzqlCad8cvk62LTTe1j+HUMDKWvA5thi3Py1z48Y2qJ7
d4XLHwguB1vYTq7ca0FoJeHzSWAId+sjd5dC2tpwjiDhRoU3g5ajaa7kLvDOTMEc
dZiiAZGQZIwigIt9Cw66qZzB6CKp76+sAB0fpgL9WgyS+69B2Pq/4qXKMnSxMRDz
Abe4DtBXr8WpoXU0L/ilWd7jfGr35OrykvcFR3uqySntjxlwBrCU20VcbQhUnik4
NA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:33 2025 by rpki-client