Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/4PMBqWomi-FRXxOS6DNHEU_MABs.roa
File: 4PMBqWomi-FRXxOS6DNHEU_MABs.roa (raw, json)
Hash identifier: P4e7c0D7IGtjBaLL1AGFsPNJ4iNzfOxv/uNDgh4kxCU=
Subject key identifier: E0:F3:01:A9:6A:26:8B:E1:51:5F:13:92:E8:33:47:11:4F:CC:00:1B
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01857042AA04248E7EF1A042DB783A82FE29
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/4PMBqWomi-FRXxOS6DNHEU_MABs.roa
Signing time: Mon 02 Jan 2023 02:14:55 +0000
ROA not before: Mon 02 Jan 2023 02:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45036
IP address blocks: 2a12:a4c2::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:aa:04:24:8e:7e:f1:a0:42:db:78:3a:82:fe:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Jan 2 02:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0f301a96a268be1515f1392e83347114fcc001b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:62:22:17:17:68:c9:e4:eb:a7:97:c6:fe:1a:
26:ac:b9:3f:0b:ea:52:b4:e5:5a:14:76:16:25:fe:
3a:3d:cd:b5:ee:01:ab:e1:a5:7f:ad:ac:55:6d:48:
a0:c6:d3:95:5f:10:20:a0:ee:63:be:94:29:be:da:
9e:c6:dd:5e:b6:0c:7a:05:ad:8b:9f:67:46:d9:8a:
ec:91:21:1d:2c:06:bc:7a:28:d4:4a:67:8c:a4:e7:
d7:04:23:25:e9:53:a8:97:11:af:00:2a:11:c5:1d:
82:fa:c9:a1:6c:65:97:64:0e:b8:f7:fe:f8:d5:55:
e7:ed:c8:40:17:9d:bb:2d:48:33:87:1f:63:ff:32:
3d:bd:51:f1:d6:e8:c4:13:ed:fa:d0:d7:9c:85:4c:
2c:8e:f6:c3:3d:03:72:e3:4c:5b:58:dc:b5:9c:1e:
cf:5c:0e:78:e7:44:6e:60:23:47:f8:15:af:c4:f2:
b6:d7:ab:10:e5:aa:ae:34:37:35:0f:3b:34:08:5b:
55:12:88:a5:e5:7c:04:a5:fa:66:1c:e8:4f:28:af:
f8:9e:ae:03:f9:3c:98:db:df:53:93:10:1a:f2:e4:
d2:78:fd:66:54:13:da:54:14:6f:dd:bc:24:5d:ae:
bd:b0:02:56:4b:54:16:ae:47:2b:ee:14:f9:f6:5f:
6e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F3:01:A9:6A:26:8B:E1:51:5F:13:92:E8:33:47:11:4F:CC:00:1B
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/4PMBqWomi-FRXxOS6DNHEU_MABs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a4c2::/32
Signature Algorithm: sha256WithRSAEncryption
38:10:75:b8:f4:b3:54:f7:d1:d4:50:24:f5:4c:6d:dc:7f:e2:
e6:d7:c7:d9:ff:40:85:c1:7f:b0:7a:70:55:6e:9a:34:80:8f:
9f:df:80:ee:85:b7:9d:8b:ef:64:1c:35:a9:d2:0b:1b:4a:f7:
5e:03:22:5f:26:84:4d:b0:e5:eb:7a:7f:2f:1d:90:56:6e:0a:
76:61:3f:5f:a4:12:67:e0:6f:91:97:4f:c8:0f:b4:e9:53:00:
f5:75:4c:43:5e:d1:8d:f0:9f:22:1d:66:d9:98:26:aa:90:f5:
84:11:76:67:57:b1:f2:a9:9c:50:a0:1f:d6:4c:2f:0c:07:5a:
39:4a:d9:8a:c9:1e:d3:7d:01:da:7d:61:8f:c8:ae:32:89:85:
d7:62:01:1d:a9:4f:5c:1e:70:f3:98:6b:27:d7:4c:14:7f:68:
76:39:b1:4e:7f:ad:80:f1:42:2f:1d:7f:27:31:7a:4d:b0:50:
48:a7:9d:8b:1e:03:17:4b:74:9d:08:f9:d0:17:99:de:fe:c8:
ab:7b:30:c8:f7:29:51:b1:0d:35:11:ac:91:b0:23:ba:b3:20:
1d:57:15:ba:34:1f:0a:12:d5:de:dc:32:ae:09:f4:f7:8b:38:
44:42:c3:a0:51:cf:74:00:06:7e:1f:6c:87:c4:1e:0a:ed:9e:
f8:ad:d9:9b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwQqoEJI5+8aBC23g6gv4pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGYzMDFhOTZhMjY4YmUxNTE1ZjEzOTJlODMzNDcxMTRmY2MwMDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGIiFxdoyeTrp5fG/homrLk/C+pS
tOVaFHYWJf46Pc217gGr4aV/raxVbUigxtOVXxAgoO5jvpQpvtqext1etgx6Ba2L
n2dG2YrskSEdLAa8eijUSmeMpOfXBCMl6VOolxGvACoRxR2C+smhbGWXZA649/74
1VXn7chAF527LUgzhx9j/zI9vVHx1ujEE+360NechUwsjvbDPQNy40xbWNy1nB7P
XA5450RuYCNH+BWvxPK216sQ5aquNDc1Dzs0CFtVEoil5XwEpfpmHOhPKK/4nq4D
+TyY299TkxAa8uTSeP1mVBPaVBRv3bwkXa69sAJWS1QWrkcr7hT59l9u5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFODzAalqJovhUV8TkugzRxFPzAAbMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvNFBNQnFXb21pLUZSWHhPUzZETkhFVV9NQUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhKkwjAN
BgkqhkiG9w0BAQsFAAOCAQEAOBB1uPSzVPfR1FAk9Uxt3H/i5tfH2f9AhcF/sHpw
VW6aNICPn9+A7oW3nYvvZBw1qdILG0r3XgMiXyaETbDl63p/Lx2QVm4KdmE/X6QS
Z+BvkZdPyA+06VMA9XVMQ17RjfCfIh1m2ZgmqpD1hBF2Z1ex8qmcUKAf1kwvDAda
OUrZiske030B2n1hj8iuMomF12IBHalPXB5w85hrJ9dMFH9odjmxTn+tgPFCLx1/
JzF6TbBQSKedix4DF0t0nQj50BeZ3v7Iq3swyPcpUbENNRGskbAjurMgHVcVujQf
ChLV3twyrgn094s4RELDoFHPdAAGfh9sh8QeCu2e+K3Zmw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:54 2024 by rpki-client on console-fra.rpki-client.org