Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/mTl1Q9NJrlNien0Lq-lylkQdYfM.roa
File: mTl1Q9NJrlNien0Lq-lylkQdYfM.roa (raw, json)
Hash identifier: fOFyFjl/ce24/wQQECt2mU3fTo086FJ+C778+H0N/o8=
Subject key identifier: 99:39:75:43:D3:49:AE:53:62:7A:7D:0B:AB:E9:72:96:44:1D:61:F3
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7FA41C087BA7564D7A8D096341D7CDC7
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/mTl1Q9NJrlNien0Lq-lylkQdYfM.roa
Signing time: Wed 27 Mar 2024 11:20:45 +0000
ROA not before: Wed 27 Mar 2024 11:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 37457
IP address blocks: 2.21.160.0/22 maxlen: 22
2.21.232.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:a4:1c:08:7b:a7:56:4d:7a:8d:09:63:41:d7:cd:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 11:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99397543d349ae53627a7d0babe97296441d61f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6b:8b:09:3b:92:07:1a:53:0e:34:30:6f:e0:
4f:75:bf:22:23:e1:c7:b8:42:35:1b:64:b2:de:31:
d5:70:3a:c0:05:af:29:22:91:63:44:d1:5c:77:3f:
13:23:be:1d:b7:90:6e:df:73:6a:9b:80:e4:54:25:
29:80:fd:22:ab:12:0d:53:7b:06:3c:8d:95:2d:6f:
43:8f:58:af:56:4e:ae:59:a4:8b:5a:28:f8:07:9b:
4a:ac:e8:89:9b:18:bd:a5:81:50:b8:26:8f:a1:41:
fd:7d:e9:b2:75:46:98:84:18:cd:ba:2b:97:d2:4d:
0e:e7:bc:c2:d9:2c:1f:2c:fa:ed:8d:a4:58:d8:a6:
70:d2:4c:44:81:ab:8a:9b:95:04:6c:48:4d:b9:d0:
56:33:52:11:91:7e:33:da:81:8a:a4:59:f4:e3:9b:
29:b7:6e:3c:09:ee:57:2f:9e:80:3c:cd:56:20:7e:
48:e5:6b:d9:28:7c:75:b0:52:a8:80:be:79:9f:0d:
ee:4a:15:00:38:12:58:ac:08:28:be:ae:27:b0:fe:
f6:f1:33:00:9b:00:de:23:f6:41:f6:fa:3e:42:96:
7a:71:30:19:09:f8:a7:50:4d:36:de:31:3a:2b:b3:
8c:97:0c:32:69:13:2b:c1:49:45:23:aa:43:fc:b2:
4d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:39:75:43:D3:49:AE:53:62:7A:7D:0B:AB:E9:72:96:44:1D:61:F3
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/mTl1Q9NJrlNien0Lq-lylkQdYfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.21.160.0/22
2.21.232.0/22
Signature Algorithm: sha256WithRSAEncryption
22:87:dc:4f:c8:9e:8e:d7:ac:ed:4d:ae:f9:81:16:53:24:f1:
a4:9e:05:13:f8:93:e3:e1:27:93:eb:c6:43:ec:2b:c3:cd:6a:
22:6a:d9:53:5c:8e:f7:ac:78:fa:77:44:e0:87:97:3a:45:66:
e0:2d:a2:b8:af:8a:51:c5:87:f0:e3:89:26:e6:ce:54:38:3c:
89:b8:c6:b4:84:d1:bc:e2:33:b7:3e:95:03:77:5f:0e:d9:cf:
77:4b:27:02:3d:7a:75:3d:63:55:65:88:0c:db:52:73:07:b3:
4a:7d:fa:6c:5c:68:b7:4e:9d:aa:10:47:6f:ff:73:91:ef:e2:
3f:da:b4:e0:2e:63:6c:b5:da:b9:25:f9:cc:46:df:fe:f4:1e:
ba:40:cd:9f:05:68:ca:22:6d:34:00:80:c6:a1:4d:2b:90:08:
74:94:a7:1c:ca:48:76:cb:03:1b:96:4d:54:69:8a:0a:bc:4f:
1b:38:0f:4d:44:33:1c:a9:45:c9:05:e1:75:08:2b:28:d1:9a:
a3:aa:7e:bb:b1:fe:42:80:7a:e3:84:10:02:7f:d1:bd:30:9f:
00:c3:6e:b2:1f:18:c4:a4:fb:7e:6c:8f:5c:09:f8:78:c4:3a:
69:95:08:6b:dc:c0:7b:27:f3:c6:c1:f9:eb:ff:91:5f:b1:5f:
d9:79:ff:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5/pBwIe6dWTXqNCWNB183HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTEyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTM5NzU0M2QzNDlhZTUzNjI3YTdkMGJhYmU5NzI5NjQ0MWQ2MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWuLCTuSBxpTDjQwb+BPdb8iI+HH
uEI1G2Sy3jHVcDrABa8pIpFjRNFcdz8TI74dt5Bu33Nqm4DkVCUpgP0iqxINU3sG
PI2VLW9Dj1ivVk6uWaSLWij4B5tKrOiJmxi9pYFQuCaPoUH9femydUaYhBjNuiuX
0k0O57zC2SwfLPrtjaRY2KZw0kxEgauKm5UEbEhNudBWM1IRkX4z2oGKpFn045sp
t248Ce5XL56APM1WIH5I5WvZKHx1sFKogL55nw3uShUAOBJYrAgovq4nsP728TMA
mwDeI/ZB9vo+QpZ6cTAZCfinUE023jE6K7OMlwwyaRMrwUlFI6pD/LJNFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJk5dUPTSa5TYnp9C6vpcpZEHWHzMB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvbVRsMVE5TkpybE5pZW4wTHEtbHlsa1FkWWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAhWgAwQC
AhXoMA0GCSqGSIb3DQEBCwUAA4IBAQAih9xPyJ6O16ztTa75gRZTJPGkngUT+JPj
4SeT68ZD7CvDzWoiatlTXI73rHj6d0Tgh5c6RWbgLaK4r4pRxYfw44km5s5UODyJ
uMa0hNG84jO3PpUDd18O2c93SycCPXp1PWNVZYgM21JzB7NKffpsXGi3Tp2qEEdv
/3OR7+I/2rTgLmNstdq5JfnMRt/+9B66QM2fBWjKIm00AIDGoU0rkAh0lKccykh2
ywMblk1UaYoKvE8bOA9NRDMcqUXJBeF1CCso0Zqjqn67sf5CgHrjhBACf9G9MJ8A
w26yHxjEpPt+bI9cCfh4xDpplQhr3MB7J/PGwfnr/5FfsV/Zef+6
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:28 2025 by rpki-client