Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/musKj6FS4w4DITMbeSLjoGEeIOo.roa
File: musKj6FS4w4DITMbeSLjoGEeIOo.roa (raw, json)
Hash identifier: hn5v7QWoKDTVDm/+B5J25ynQFlq73EcLMnNqyDfo1B0=
Subject key identifier: 9A:EB:0A:8F:A1:52:E3:0E:03:21:33:1B:79:22:E3:A0:61:1E:20:EA
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 0192D46CDC3327F801C3DE463736C508A0EB
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/musKj6FS4w4DITMbeSLjoGEeIOo.roa
Signing time: Mon 28 Oct 2024 18:39:16 +0000
ROA not before: Mon 28 Oct 2024 18:39:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
2a05:b100:1000::/46 maxlen: 46
2a05:b100:1004::/46 maxlen: 46
2a05:b100:1008::/46 maxlen: 46
2a05:b100:100c::/46 maxlen: 46
2a05:b100:1800::/39 maxlen: 39
2a05:b100:1a00::/39 maxlen: 39
2a05:b100:1c00::/39 maxlen: 39
2a05:b100:1e00::/39 maxlen: 39
Validation: Failed, certificate revoked on Wed 06 Nov 2024 13:04:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d4:6c:dc:33:27:f8:01:c3:de:46:37:36:c5:08:a0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Oct 28 18:39:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aeb0a8fa152e30e0321331b7922e3a0611e20ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:93:f7:a5:cb:48:c5:e1:6c:a4:8b:ae:58:29:
3e:ea:60:ae:12:dd:11:f8:02:0b:cc:3b:23:f5:da:
59:c8:ac:2c:3b:5d:14:cf:57:d0:1e:7e:0d:26:c2:
0b:b7:df:6f:06:e6:71:74:c3:78:64:4e:a9:60:85:
64:d2:ce:e5:39:31:c2:64:0c:cb:00:68:73:b0:b9:
30:87:42:9b:32:99:bf:67:dc:98:6d:37:aa:c6:e3:
2b:31:62:5c:14:8d:9d:cf:e5:c0:c0:de:5a:31:6d:
16:61:ce:d4:0a:57:64:bd:05:50:52:53:7e:6f:05:
e4:fb:f7:2f:8b:61:2d:2f:6c:97:4e:68:c0:0a:38:
24:47:f7:9b:1b:09:17:d7:98:2b:94:ee:00:9d:73:
22:18:75:a2:a0:e1:de:88:81:16:c5:cb:77:f0:5c:
ed:e0:48:30:fa:0f:7b:37:28:ba:fa:60:76:c7:c7:
2a:51:96:b1:55:a6:92:2f:8c:dd:8b:71:94:28:4b:
11:bd:48:68:89:3e:e3:a9:e7:fe:b5:72:2c:4d:92:
14:48:01:74:35:bb:96:2e:e4:1d:95:15:45:a1:bd:
60:fd:db:53:9c:15:f9:2a:82:96:34:48:77:be:93:
16:f6:bf:9f:ac:a7:ad:29:c7:fb:5d:77:4d:ba:87:
b5:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EB:0A:8F:A1:52:E3:0E:03:21:33:1B:79:22:E3:A0:61:1E:20:EA
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/musKj6FS4w4DITMbeSLjoGEeIOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
49:49:6d:d6:a8:3a:53:bf:88:07:c7:45:78:44:84:fa:aa:da:
a6:ab:c7:43:2a:99:25:62:89:07:25:da:54:5a:5c:00:a2:8d:
15:b4:97:df:77:4e:91:67:80:b2:bc:dc:cc:97:0d:c7:ab:fa:
a0:00:3d:b5:52:00:45:1c:ad:09:53:59:48:4d:69:5f:d9:b0:
00:64:2a:3d:da:1b:f8:b3:25:d3:7f:bb:81:31:25:0c:37:d4:
d9:b4:1e:f4:82:38:2b:d6:3f:3f:d6:08:11:68:2f:55:4d:4e:
1d:20:d5:f9:fa:cb:b8:c2:6a:03:1a:72:80:40:7f:3d:a2:ea:
02:42:89:61:5a:bf:f5:da:18:a6:6d:51:02:ad:6f:14:2b:90:
5a:09:c7:3e:0b:92:a2:2c:3d:f7:07:51:5b:23:56:d6:8c:5d:
c5:9b:d9:89:7f:b6:33:40:11:20:2f:0a:a9:57:74:58:57:cc:
0c:f8:20:4a:b4:31:1d:31:b2:a3:e9:be:64:0a:a1:5d:c5:ba:
fb:6a:98:53:56:e9:12:73:8d:26:bd:7d:36:76:0c:ef:a3:9a:
35:c3:7b:f5:5f:3e:57:d1:e8:c1:eb:86:9b:c9:7f:4e:81:ce:
c4:56:b5:93:03:da:77:8f:d2:e2:aa:0d:b5:4c:d4:34:4f:03:
42:0a:6d:ca
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZLUbNwzJ/gBw95GNzbFCKDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjQxMDI4MTgzOTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWViMGE4ZmExNTJlMzBlMDMyMTMzMWI3OTIyZTNhMDYxMWUyMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JP3pctIxeFspIuuWCk+6mCuEt0R
+AILzDsj9dpZyKwsO10Uz1fQHn4NJsILt99vBuZxdMN4ZE6pYIVk0s7lOTHCZAzL
AGhzsLkwh0KbMpm/Z9yYbTeqxuMrMWJcFI2dz+XAwN5aMW0WYc7UCldkvQVQUlN+
bwXk+/cvi2EtL2yXTmjACjgkR/ebGwkX15grlO4AnXMiGHWioOHeiIEWxct38Fzt
4Egw+g97Nyi6+mB2x8cqUZaxVaaSL4zdi3GUKEsRvUhoiT7jqef+tXIsTZIUSAF0
NbuWLuQdlRVFob1g/dtTnBX5KoKWNEh3vpMW9r+frKetKcf7XXdNuoe1ZwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJrrCo+hUuMOAyEzG3ki46BhHiDqMB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvbXVzS2o2RlM0dzRESVRNYmVTTGpvR0VlSU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2
LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgWxABAw
DQYJKoZIhvcNAQELBQADggEBAElJbdaoOlO/iAfHRXhEhPqq2qarx0MqmSViiQcl
2lRaXACijRW0l993TpFngLK83MyXDcer+qAAPbVSAEUcrQlTWUhNaV/ZsABkKj3a
G/izJdN/u4ExJQw31Nm0HvSCOCvWPz/WCBFoL1VNTh0g1fn6y7jCagMacoBAfz2i
6gJCiWFav/XaGKZtUQKtbxQrkFoJxz4LkqIsPfcHUVsjVtaMXcWb2Yl/tjNAESAv
CqlXdFhXzAz4IEq0MR0xsqPpvmQKoV3FuvtqmFNW6RJzjSa9fTZ2DO+jmjXDe/Vf
PlfR6MHrhpvJf06BzsRWtZMD2neP0uKqDbVM1DRPA0IKbco=
-----END CERTIFICATE-----
Generated at Wed Nov 6 17:42:04 2024 by rpki-client on console-ams.rpki-client.org