Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/MpM0oujnbNzWUL2YsfHQcZbpsKc.roa
File: MpM0oujnbNzWUL2YsfHQcZbpsKc.roa (raw, json)
Hash identifier: 9raL4ExmeJY0Irfuf/myvejm4FKsFCLdGImDYcCc9gI=
Subject key identifier: 32:93:34:A2:E8:E7:6C:DC:D6:50:BD:98:B1:F1:D0:71:96:E9:B0:A7
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 019155580DEE4E3D70EFC0EFA3ABD7E823D9
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/MpM0oujnbNzWUL2YsfHQcZbpsKc.roa
Signing time: Thu 15 Aug 2024 09:21:59 +0000
ROA not before: Thu 15 Aug 2024 09:21:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 2a02:3040:43:ff00::/56 maxlen: 56
2a02:3040:4e::/48 maxlen: 48
2a02:3040:4f::/50 maxlen: 50
2a02:3040:4f:8000::/50 maxlen: 50
2a02:3040:4f:c000::/50 maxlen: 50
2a02:3040:50::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Sep 2024 12:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:55:58:0d:ee:4e:3d:70:ef:c0:ef:a3:ab:d7:e8:23:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Aug 15 09:21:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=329334a2e8e76cdcd650bd98b1f1d07196e9b0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c3:d3:32:91:94:8f:62:e9:cf:76:5d:5d:0b:
99:f6:f6:33:5f:97:2b:c7:c5:32:33:2d:50:21:c4:
cc:5b:fa:ad:76:58:69:9f:77:3b:52:7f:f1:07:8f:
d5:ac:2b:d6:65:c2:73:34:08:88:61:9a:61:30:42:
0b:d5:4c:73:47:c2:df:c1:25:6f:d3:57:34:c4:2c:
87:00:52:a1:3c:58:8e:7d:2e:9c:ca:28:19:2f:36:
71:72:cf:4c:2f:09:28:bb:58:77:04:c8:6f:26:af:
ff:a8:77:a3:b4:0c:39:e0:e1:18:24:7b:61:31:82:
f3:e7:45:52:9c:7f:f4:77:25:ee:6d:29:58:2b:a2:
54:c2:09:c5:56:ea:13:9a:8c:46:8d:ab:0c:43:84:
1d:38:d0:09:f8:4d:54:41:5f:cf:f2:ad:af:fe:26:
44:53:ff:3a:74:54:9e:47:01:49:5a:9e:55:ee:18:
57:1e:d0:18:02:52:92:97:2d:37:2f:65:e9:1c:c6:
2e:7f:f9:8e:f5:69:a6:84:bc:85:24:70:8c:d0:2b:
79:2b:a6:b5:2e:c3:f8:35:90:b3:c5:db:48:00:20:
a5:2d:7f:94:09:31:5a:94:29:fc:60:67:a1:8a:79:
ba:89:a4:29:cb:bc:39:29:02:f0:6f:f8:0e:ca:29:
3f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:93:34:A2:E8:E7:6C:DC:D6:50:BD:98:B1:F1:D0:71:96:E9:B0:A7
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/MpM0oujnbNzWUL2YsfHQcZbpsKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:3040:43:ff00::/56
2a02:3040:4e::-2a02:3040:4f:3fff:ffff:ffff:ffff:ffff
2a02:3040:4f:8000::-2a02:3040:50:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b8:8a:26:ab:1a:8e:1f:94:f4:5c:fc:cd:a6:4b:ac:01:2d:87:
2e:1d:46:11:26:5a:4a:26:8c:7c:7a:ac:53:64:e6:c6:e9:b2:
04:b0:11:fb:61:e0:a7:fd:15:d0:d2:c2:08:c9:96:9a:48:9d:
9a:ca:d6:06:bc:8c:60:09:79:f9:59:54:80:1a:26:f1:08:1b:
ac:b0:9e:c5:20:b9:40:7d:96:5f:8e:9e:0c:2d:9e:d9:88:40:
58:44:e3:70:1e:5d:d4:73:56:93:a4:58:7b:b9:80:73:b4:6e:
5a:0e:df:48:17:15:25:54:e2:a5:75:8a:fc:8d:03:a4:15:da:
6f:79:a3:15:e8:64:f8:11:eb:cd:8a:91:90:e7:97:38:4c:1e:
67:f8:89:bd:b9:df:ed:63:47:ea:09:47:96:0b:ac:52:a3:1a:
15:7f:0b:88:dc:d8:de:c7:52:f5:bd:75:6c:29:50:1b:99:29:
f1:63:0d:50:18:80:d8:a4:cd:0e:29:60:f3:aa:5f:64:5c:7c:
35:df:6e:a1:1c:c7:02:41:10:94:9c:91:c8:39:03:df:92:dd:
50:bf:be:f5:e9:35:ab:20:9c:66:8e:9d:20:fe:01:5e:d6:23:
fa:6e:f1:bc:f1:5a:88:2c:32:44:37:20:c8:ef:72:78:69:b7:
42:ba:26:eb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZFVWA3uTj1w78Dvo6vX6CPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjQwODE1MDkyMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjkzMzRhMmU4ZTc2Y2RjZDY1MGJkOThiMWYxZDA3MTk2ZTliMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sPTMpGUj2Lpz3ZdXQuZ9vYzX5cr
x8UyMy1QIcTMW/qtdlhpn3c7Un/xB4/VrCvWZcJzNAiIYZphMEIL1UxzR8LfwSVv
01c0xCyHAFKhPFiOfS6cyigZLzZxcs9MLwkou1h3BMhvJq//qHejtAw54OEYJHth
MYLz50VSnH/0dyXubSlYK6JUwgnFVuoTmoxGjasMQ4QdONAJ+E1UQV/P8q2v/iZE
U/86dFSeRwFJWp5V7hhXHtAYAlKSly03L2XpHMYuf/mO9WmmhLyFJHCM0Ct5K6a1
LsP4NZCzxdtIACClLX+UCTFalCn8YGehinm6iaQpy7w5KQLwb/gOyik/FQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDKTNKLo52zc1lC9mLHx0HGW6bCnMB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvTXBNMG91am5iTnpXVUwyWXNmSFFjWmJwc0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAAjA0AwgAKgIwQABD
/zATAwcBKgIwQABOAwgGKgIwQABPADATAwgHKgIwQABPgAMHACoCMEAAUDANBgkq
hkiG9w0BAQsFAAOCAQEAuIomqxqOH5T0XPzNpkusAS2HLh1GESZaSiaMfHqsU2Tm
xumyBLAR+2Hgp/0V0NLCCMmWmkidmsrWBryMYAl5+VlUgBom8QgbrLCexSC5QH2W
X46eDC2e2YhAWETjcB5d1HNWk6RYe7mAc7RuWg7fSBcVJVTipXWK/I0DpBXab3mj
Fehk+BHrzYqRkOeXOEweZ/iJvbnf7WNH6glHlgusUqMaFX8LiNzY3sdS9b11bClQ
G5kp8WMNUBiA2KTNDilg86pfZFx8Nd9uoRzHAkEQlJyRyDkD35LdUL++9ek1qyCc
Zo6dIP4BXtYj+m7xvPFaiCwyRDcgyO9yeGm3Qrom6w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:13 2025 by rpki-client