Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mnpmKP9eXJZL8NCsRd1UfqQxAxg.roa
File: mnpmKP9eXJZL8NCsRd1UfqQxAxg.roa (raw, json)
Hash identifier: /0LyTrloEsxXB+aLlDk951U60bydmxq4oINr2WcXLfY=
Subject key identifier: 9A:7A:66:28:FF:5E:5C:96:4B:F0:D0:AC:45:DD:54:7E:A4:31:03:18
Certificate issuer: /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial: 018CC86FC217593AB29C7780BB93CB8FB5C8
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mnpmKP9eXJZL8NCsRd1UfqQxAxg.roa
Signing time: Tue 02 Jan 2024 04:30:16 +0000
ROA not before: Tue 02 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60389
IP address blocks: 2a0f:6fc7::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 24 May 2024 15:10:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c2:17:59:3a:b2:9c:77:80:bb:93:cb:8f:b5:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Validity
Not Before: Jan 2 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a7a6628ff5e5c964bf0d0ac45dd547ea4310318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c6:36:f2:48:2a:ff:01:77:12:3f:41:1c:ea:
1e:76:6a:57:9a:e1:f8:4c:4e:a2:69:77:c2:83:40:
6d:c6:a5:d3:c5:41:7c:4a:d1:d1:a0:d7:8a:e2:db:
5c:9b:9a:65:9b:14:63:bd:2a:c7:a3:a5:84:08:3a:
d5:d1:37:04:e5:99:26:15:e1:1a:52:b8:d6:0f:b0:
68:db:9f:43:a0:10:75:ba:b0:80:70:af:6a:13:74:
1d:78:4b:d1:e0:06:b9:3d:79:06:bf:0e:b9:d6:57:
4c:a0:48:bb:c6:14:3b:64:bb:b4:5b:2b:81:fc:5f:
b6:4e:15:60:50:c1:a4:24:e2:98:00:82:7f:77:79:
3e:74:a0:ea:af:ae:21:49:0b:85:d0:49:21:3b:74:
08:87:d5:ce:00:46:1b:17:20:a7:7f:48:44:59:24:
ce:0f:7e:bf:51:10:0b:aa:25:a7:75:07:af:2b:2a:
1e:84:1b:17:16:f1:f1:2a:e3:fd:26:5d:91:19:5c:
cf:90:21:00:3f:15:61:3f:45:9b:a1:f1:d8:ef:3b:
21:89:19:fc:b4:33:cf:60:58:2c:ae:a2:c9:b1:5c:
5c:b7:01:9f:6a:e8:0c:c1:53:23:41:a2:6b:a6:68:
4b:ad:c3:53:a7:9b:88:17:0d:a3:b0:17:ab:d1:b4:
81:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7A:66:28:FF:5E:5C:96:4B:F0:D0:AC:45:DD:54:7E:A4:31:03:18
X509v3 Authority Key Identifier:
keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/mnpmKP9eXJZL8NCsRd1UfqQxAxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:6fc7::/32
Signature Algorithm: sha256WithRSAEncryption
1c:5a:1a:71:c3:66:59:fa:8c:0f:a5:46:9a:ba:e8:20:73:8e:
77:4d:84:a7:26:5b:b7:15:3c:ec:28:56:13:d0:5a:ad:23:f3:
ec:2e:d1:b9:3a:fb:73:75:28:fe:8f:67:4c:e6:c8:52:0b:5b:
6d:55:90:6b:2e:80:cb:c4:8c:c5:30:25:81:37:08:58:14:42:
d0:9b:b3:9b:54:f1:6c:32:07:35:11:ee:ce:7c:15:ac:23:ba:
88:b5:5c:bd:c2:09:cc:d7:ad:ef:30:55:01:d4:e7:4b:e6:b2:
f6:85:ae:89:e1:f3:21:2c:ea:bc:c5:28:4c:0b:6f:3b:30:c0:
f3:f6:b9:72:a9:9c:01:6a:4d:7d:43:10:1a:d2:66:ee:23:4b:
53:0d:8f:5f:d2:02:dd:da:54:c6:35:4d:1d:c1:f9:d4:04:e3:
95:1f:70:5c:98:5b:0b:8e:23:2f:02:b7:57:cd:23:1a:49:dd:
ad:64:e6:17:c9:8d:21:9f:60:30:61:f3:c5:fa:a8:fa:5d:ec:
14:17:66:81:da:55:d9:3c:9f:04:d1:fc:e7:21:f2:9e:e3:ec:
ca:ef:a1:65:08:e9:67:85:77:b3:dd:49:92:27:ae:6f:db:fd:
68:b2:ed:87:71:81:95:95:50:af:0a:25:f1:62:68:6b:20:78:
6c:f2:87:0f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIb8IXWTqynHeAu5PLj7XIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTAyMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTdhNjYyOGZmNWU1Yzk2NGJmMGQwYWM0NWRkNTQ3ZWE0MzEwMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8Y28kgq/wF3Ej9BHOoedmpXmuH4
TE6iaXfCg0BtxqXTxUF8StHRoNeK4ttcm5plmxRjvSrHo6WECDrV0TcE5ZkmFeEa
UrjWD7Bo259DoBB1urCAcK9qE3QdeEvR4Aa5PXkGvw651ldMoEi7xhQ7ZLu0WyuB
/F+2ThVgUMGkJOKYAIJ/d3k+dKDqr64hSQuF0EkhO3QIh9XOAEYbFyCnf0hEWSTO
D36/URALqiWndQevKyoehBsXFvHxKuP9Jl2RGVzPkCEAPxVhP0WbofHY7zshiRn8
tDPPYFgsrqLJsVxctwGfaugMwVMjQaJrpmhLrcNTp5uIFw2jsBer0bSBHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJp6Zij/XlyWS/DQrEXdVH6kMQMYMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvbW5wbUtQOWVYSlpMOE5Dc1JkMVVmcVF4QXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg9vxzAN
BgkqhkiG9w0BAQsFAAOCAQEAHFoaccNmWfqMD6VGmrroIHOOd02EpyZbtxU87ChW
E9BarSPz7C7RuTr7c3Uo/o9nTObIUgtbbVWQay6Ay8SMxTAlgTcIWBRC0Juzm1Tx
bDIHNRHuznwVrCO6iLVcvcIJzNet7zBVAdTnS+ay9oWuieHzISzqvMUoTAtvOzDA
8/a5cqmcAWpNfUMQGtJm7iNLUw2PX9IC3dpUxjVNHcH51ATjlR9wXJhbC44jLwK3
V80jGkndrWTmF8mNIZ9gMGHzxfqo+l3sFBdmgdpV2TyfBNH85yHynuPsyu+hZQjp
Z4V3s91Jkieub9v9aLLth3GBlZVQrwol8WJoayB4bPKHDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:47 2024 by rpki-client on console-fra.rpki-client.org