Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/mPcVy9E66qZ8EKszTm369GL0JrU.roa
File: mPcVy9E66qZ8EKszTm369GL0JrU.roa (raw, json)
Hash identifier: zobJxg/exLfbz2nN+x++n1Z0ima5Flu0zZeiy8XdNc4=
Subject key identifier: 98:F7:15:CB:D1:3A:EA:A6:7C:10:AB:33:4E:6D:FA:F4:62:F4:26:B5
Certificate issuer: /CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Certificate serial: 018B43077EEBE15752EEBD2B2A1641D2F9EA
Authority key identifier: 3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/mPcVy9E66qZ8EKszTm369GL0JrU.roa
Signing time: Wed 18 Oct 2023 13:44:06 +0000
ROA not before: Wed 18 Oct 2023 13:44:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 2a09:6904::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:07:7e:eb:e1:57:52:ee:bd:2b:2a:16:41:d2:f9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec50ab4ccf72e3d60c09f964019d6c034c50a6c
Validity
Not Before: Oct 18 13:44:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98f715cbd13aeaa67c10ab334e6dfaf462f426b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6f:b2:d1:cf:80:7f:c8:45:c7:e6:6f:8d:a0:
d1:1b:50:89:3a:fd:67:ce:c5:3b:1b:7e:ed:1b:49:
aa:39:74:1c:28:1c:56:27:44:0a:db:da:2a:7d:d1:
2f:01:cf:05:f9:13:36:26:24:0d:33:f1:80:02:3c:
90:ef:ef:e5:06:1b:32:23:40:e0:b7:87:1b:72:08:
cd:12:75:f3:b5:87:2e:66:8a:c0:5e:12:bb:ad:2d:
c6:88:bc:1a:dd:f5:28:fe:d3:eb:fe:2f:74:a5:e0:
1c:37:d6:e0:2b:a6:1b:71:51:6b:12:c1:50:61:dd:
6d:4e:b3:3e:37:06:12:90:70:5f:9f:9a:e6:46:df:
5c:ef:54:5c:b6:40:47:24:ed:f5:09:cc:18:b8:88:
df:55:3e:1d:3e:17:34:9f:fe:6b:91:fb:72:34:96:
cc:2d:75:f0:fa:5a:be:3d:81:33:7e:23:3f:03:6c:
7e:7a:58:0f:b7:dd:21:d5:4f:8b:37:2c:9f:06:df:
2b:b6:bc:d1:69:48:78:9e:a3:ef:9c:88:3e:ba:e5:
a5:11:83:d2:1f:af:99:fe:05:77:61:5e:73:c3:df:
1a:64:89:60:90:9b:cf:95:69:fe:60:ad:bd:7f:74:
1a:8e:ba:76:11:3a:09:4e:d5:82:81:ca:ff:b4:cc:
3e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F7:15:CB:D1:3A:EA:A6:7C:10:AB:33:4E:6D:FA:F4:62:F4:26:B5
X509v3 Authority Key Identifier:
keyid:3E:C5:0A:B4:CC:F7:2E:3D:60:C0:9F:96:40:19:D6:C0:34:C5:0A:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/mPcVy9E66qZ8EKszTm369GL0JrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/79ef4f-e38e-44da-a657-2159376d3a64/1/PsUKtMz3Lj1gwJ-WQBnWwDTFCmw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:6904::/32
Signature Algorithm: sha256WithRSAEncryption
2a:9b:60:8b:76:bf:53:8f:61:2f:c6:3a:1d:b7:87:79:78:e9:
fd:f8:78:72:f4:13:e7:a2:d4:cc:df:ba:c4:23:c3:d2:0c:e2:
da:e0:3a:64:be:28:dd:48:54:82:43:b7:db:32:67:2f:9f:8d:
94:a6:4c:91:46:c6:d5:cb:81:35:03:a3:30:8a:20:c0:b8:9e:
5c:f2:71:b1:42:71:d2:a8:05:14:c3:de:7e:9c:94:62:84:3a:
c0:de:34:aa:d6:95:76:fe:0d:fc:9d:76:73:5b:96:70:b3:ce:
4b:c4:9b:dc:8c:5b:6b:27:7f:b0:94:bc:85:e7:dd:58:26:7c:
54:bf:17:70:62:4a:d3:3b:40:bf:de:59:6f:42:a7:35:72:21:
ed:80:56:ee:2f:e4:fb:b0:1c:22:e2:ee:35:a9:fb:89:56:01:
f3:c7:73:88:72:54:79:a8:dc:83:a8:1b:19:e1:93:92:90:2c:
eb:89:84:0c:e5:78:64:5e:26:d8:aa:56:03:24:3a:b4:a9:3a:
ed:b6:67:ee:84:b7:43:05:e7:eb:54:86:36:6b:6b:2e:aa:22:
71:3c:41:08:8a:f4:72:60:aa:fb:80:7d:1a:61:25:6b:82:07:
87:13:1d:62:d2:24:8a:db:52:69:8a:e5:df:d4:07:a3:ec:b5:
98:7c:b7:d8
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYtDB37r4VdS7r0rKhZB0vnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzUwYWI0Y2NmNzJlM2Q2MGMwOWY5NjQwMTlkNmMwMzRj
NTBhNmMwHhcNMjMxMDE4MTM0NDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY3MTVjYmQxM2FlYWE2N2MxMGFiMzM0ZTZkZmFmNDYyZjQyNmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2+y0c+Af8hFx+ZvjaDRG1CJOv1n
zsU7G37tG0mqOXQcKBxWJ0QK29oqfdEvAc8F+RM2JiQNM/GAAjyQ7+/lBhsyI0Dg
t4cbcgjNEnXztYcuZorAXhK7rS3GiLwa3fUo/tPr/i90peAcN9bgK6YbcVFrEsFQ
Yd1tTrM+NwYSkHBfn5rmRt9c71RctkBHJO31CcwYuIjfVT4dPhc0n/5rkftyNJbM
LXXw+lq+PYEzfiM/A2x+elgPt90h1U+LNyyfBt8rtrzRaUh4nqPvnIg+uuWlEYPS
H6+Z/gV3YV5zw98aZIlgkJvPlWn+YK29f3Qajrp2EToJTtWCgcr/tMw+XwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJj3FcvROuqmfBCrM05t+vRi9Ca1MB8GA1UdIwQY
MBaAFD7FCrTM9y49YMCflkAZ1sA0xQpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTct
MjE1OTM3NmQzYTY0LzEvbVBjVnk5RTY2cVo4RUtzelRtMzY5R0wwSnJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83OWVmNGYtZTM4ZS00NGRhLWE2NTctMjE1OTM3NmQzYTY0
LzEvUHNVS3RNejNMajFnd0otV1FCbld3RFRGQ213LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKglpBDAN
BgkqhkiG9w0BAQsFAAOCAQEAKptgi3a/U49hL8Y6HbeHeXjp/fh4cvQT56LUzN+6
xCPD0gzi2uA6ZL4o3UhUgkO32zJnL5+NlKZMkUbG1cuBNQOjMIogwLieXPJxsUJx
0qgFFMPefpyUYoQ6wN40qtaVdv4N/J12c1uWcLPOS8Sb3Ixbayd/sJS8hefdWCZ8
VL8XcGJK0ztAv95Zb0KnNXIh7YBW7i/k+7AcIuLuNan7iVYB88dziHJUeajcg6gb
GeGTkpAs64mEDOV4ZF4m2KpWAyQ6tKk67bZn7oS3QwXn61SGNmtrLqoicTxBCIr0
cmCq+4B9GmEla4IHhxMdYtIkittSaYrl39QHo+y1mHy32A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:17 2024 by rpki-client on console-fra.rpki-client.org