Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/Mtr7gwITl1muQAl0e7l7FqIqqVg.roa
File: Mtr7gwITl1muQAl0e7l7FqIqqVg.roa (raw, json)
Hash identifier: qIj3yECYDnd8BP/G6VLLu4hAoQ4fXDk9jz9AHBAfo0o=
Subject key identifier: 32:DA:FB:83:02:13:97:59:AE:40:09:74:7B:B9:7B:16:A2:2A:A9:58
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 0194117AF7C4B47433477041F3A8EBB75ADF
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/Mtr7gwITl1muQAl0e7l7FqIqqVg.roa
Signing time: Sun 29 Dec 2024 08:14:18 +0000
ROA not before: Sun 29 Dec 2024 08:14:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2001:3380::/29 maxlen: 29
2a0b:3e00::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:ddc0::/29 maxlen: 29
2a14:35c0::/29 maxlen: 29
2a14:5840::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:11:7a:f7:c4:b4:74:33:47:70:41:f3:a8:eb:b7:5a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Dec 29 08:14:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32dafb8302139759ae4009747bb97b16a22aa958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:96:88:fe:47:80:e3:60:d9:53:d5:ad:04:0b:
17:bd:39:a8:1b:aa:23:93:dc:3a:e6:db:9a:25:24:
42:58:08:54:7f:9b:f2:04:03:32:b6:1f:08:ef:ed:
12:1b:3b:22:5e:0b:7b:43:ad:b7:c0:51:e1:f1:7c:
e8:a9:96:5c:d0:87:f1:17:e1:b4:87:16:01:2c:16:
2c:73:a9:bc:4b:bc:9e:51:68:f5:0c:ae:e3:8a:59:
54:b1:2b:c3:71:22:e7:93:be:01:94:90:8a:4d:42:
de:c8:d1:aa:cc:25:05:b5:5d:bf:af:70:4d:70:d1:
f8:fb:7c:9d:cf:6c:e1:f2:10:b1:72:0b:a0:df:b4:
d5:bb:c0:31:7d:bc:6f:78:70:af:7c:ae:14:b4:8f:
4a:00:a7:b8:b7:c1:d0:19:f2:39:e2:65:e8:1c:77:
60:13:9f:59:1a:e4:cb:c2:a7:1f:c5:05:94:8d:2c:
dc:b1:92:6f:9e:db:43:3f:3b:92:34:ce:ac:26:5b:
d6:68:f2:f9:04:5f:95:8a:ae:53:70:22:c4:65:68:
74:3e:cc:5d:30:b1:ed:76:9d:47:ac:83:c6:43:cf:
83:55:55:4f:13:7a:ac:31:8c:c2:c9:fe:c7:4f:0f:
c7:15:09:20:31:ab:9d:e3:d6:75:50:cc:1c:9a:ef:
c7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DA:FB:83:02:13:97:59:AE:40:09:74:7B:B9:7B:16:A2:2A:A9:58
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/Mtr7gwITl1muQAl0e7l7FqIqqVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3380::/29
2a0b:3e00::/29
2a13:b840::/29
2a13:ddc0::/29
2a14:35c0::/29
2a14:5840::/29
Signature Algorithm: sha256WithRSAEncryption
a0:41:74:50:c1:c5:af:51:d5:5f:3e:7f:e0:53:2d:88:59:83:
ff:d8:91:71:41:35:3e:ad:be:b4:e7:17:f2:e3:ff:fb:42:a7:
97:4e:30:3c:51:cc:21:48:43:41:c1:2f:1c:0c:94:08:bc:ae:
fe:d4:0d:57:76:e9:70:d1:85:fa:e8:42:48:8f:7a:2f:e0:cc:
aa:65:13:47:71:f1:e5:80:f8:7e:27:74:15:a6:d5:01:a0:d3:
6a:92:68:97:bd:6a:3c:9e:67:93:f8:97:eb:37:39:ff:16:3d:
2f:9e:c1:14:75:09:06:1f:27:55:5b:ed:08:f6:ca:78:94:02:
d9:89:90:84:f2:00:02:be:bb:fa:78:61:29:c6:6f:62:a4:f4:
88:ce:23:e5:7a:2f:4c:c9:38:8f:26:52:87:2b:e1:e8:04:08:
24:be:30:aa:0d:9c:b5:2b:70:0f:b8:4b:c0:e5:ed:59:0b:37:
d1:c2:e6:63:53:9f:21:60:4e:0c:04:09:23:df:d0:76:b3:8a:
1d:b9:dc:48:69:9d:f5:25:ad:da:d2:ec:b6:78:02:6e:82:f1:
8d:d2:ca:15:24:60:e8:c5:ab:40:9a:cb:9d:a2:d0:fd:18:8c:
76:30:23:57:ce:6d:ee:c8:f8:ee:29:35:09:22:d7:8a:91:99:
63:cc:0c:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQRevfEtHQzR3BB86jrt1rfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQxMjI5MDgxNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmRhZmI4MzAyMTM5NzU5YWU0MDA5NzQ3YmI5N2IxNmEyMmFhOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZaI/keA42DZU9WtBAsXvTmoG6oj
k9w65tuaJSRCWAhUf5vyBAMyth8I7+0SGzsiXgt7Q623wFHh8XzoqZZc0IfxF+G0
hxYBLBYsc6m8S7yeUWj1DK7jillUsSvDcSLnk74BlJCKTULeyNGqzCUFtV2/r3BN
cNH4+3ydz2zh8hCxcgug37TVu8AxfbxveHCvfK4UtI9KAKe4t8HQGfI54mXoHHdg
E59ZGuTLwqcfxQWUjSzcsZJvnttDPzuSNM6sJlvWaPL5BF+Viq5TcCLEZWh0Psxd
MLHtdp1HrIPGQ8+DVVVPE3qsMYzCyf7HTw/HFQkgMaud49Z1UMwcmu/H+wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDLa+4MCE5dZrkAJdHu5exaiKqlYMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvTXRyN2d3SVRsMW11UUFsMGU3bDdGcUlxcVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDIAEzgAMF
AyoLPgADBQMqE7hAAwUDKhPdwAMFAyoUNcADBQMqFFhAMA0GCSqGSIb3DQEBCwUA
A4IBAQCgQXRQwcWvUdVfPn/gUy2IWYP/2JFxQTU+rb605xfy4//7QqeXTjA8Ucwh
SENBwS8cDJQIvK7+1A1Xdulw0YX66EJIj3ov4MyqZRNHcfHlgPh+J3QVptUBoNNq
kmiXvWo8nmeT+JfrNzn/Fj0vnsEUdQkGHydVW+0I9sp4lALZiZCE8gACvrv6eGEp
xm9ipPSIziPlei9MyTiPJlKHK+HoBAgkvjCqDZy1K3APuEvA5e1ZCzfRwuZjU58h
YE4MBAkj39B2s4odudxIaZ31Ja3a0uy2eAJugvGN0soVJGDoxatAmsudotD9GIx2
MCNXzm3uyPjuKTUJIteKkZljzAx4
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:09:32 2025 by rpki-client