Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/mcJtpG7YOupodFY0SPO2LP7gQzU.roa
File: mcJtpG7YOupodFY0SPO2LP7gQzU.roa (raw, json)
Hash identifier: msLO5kC4Sci96Lc9ryZ2YTdJYCT9/yydCJZ7yg9VtwE=
Subject key identifier: 99:C2:6D:A4:6E:D8:3A:EA:68:74:56:34:48:F3:B6:2C:FE:E0:43:35
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 018CC8DEEC87CFE6CAFD6EFDB980C78D6675
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/mcJtpG7YOupodFY0SPO2LP7gQzU.roa
Signing time: Tue 02 Jan 2024 06:31:41 +0000
ROA not before: Tue 02 Jan 2024 06:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197501
IP address blocks: 2a0a:2c0:8::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ec:87:cf:e6:ca:fd:6e:fd:b9:80:c7:8d:66:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 2 06:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99c26da46ed83aea6874563448f3b62cfee04335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f5:7b:65:e0:e4:c9:fc:89:c3:0a:3a:00:da:
20:5d:ab:57:15:e1:37:e2:ca:c7:56:67:a6:31:49:
f8:9d:ce:69:8f:e5:2c:51:f3:cd:f9:dc:c4:ba:bf:
5a:d9:f7:85:ff:ac:39:e6:6f:75:2c:41:4f:d3:a6:
d7:ec:19:f5:7a:13:7e:a2:59:9b:b7:12:5b:ea:27:
0d:e1:df:39:66:b2:a4:da:4d:fe:bd:56:d6:1a:ac:
84:af:6a:cd:cc:b5:66:df:44:28:f3:87:16:33:e3:
e5:1b:4d:18:db:e0:bc:d8:fc:74:7b:a6:71:46:1d:
b4:4e:fb:37:a3:be:05:62:33:d8:8c:e6:b6:ec:b7:
a1:e2:9d:98:b6:e2:46:e6:72:dd:91:0b:b5:2b:4e:
80:13:28:b8:15:ce:3e:9e:d2:36:1c:8f:a7:ea:6e:
a0:f4:ae:13:9e:e5:7e:76:5d:d8:12:97:51:69:e8:
7f:52:44:a6:f4:52:5f:ab:c7:b0:29:b7:30:2b:7a:
27:d4:32:29:1e:60:9c:e2:3f:0b:03:07:9e:f9:d8:
60:7d:e8:a6:e6:dd:1a:11:b7:93:0e:e7:5e:8f:4a:
96:7d:8a:f1:cb:c5:1a:a4:69:d3:a4:a9:af:82:aa:
d8:86:5e:48:13:67:37:6f:60:af:7d:b7:97:2e:26:
ff:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C2:6D:A4:6E:D8:3A:EA:68:74:56:34:48:F3:B6:2C:FE:E0:43:35
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/mcJtpG7YOupodFY0SPO2LP7gQzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2c0:8::/48
Signature Algorithm: sha256WithRSAEncryption
20:30:6c:79:e6:83:83:4b:da:48:e0:89:91:1d:b9:ef:dd:9b:
69:09:0d:7e:0b:48:d1:63:dd:a4:bf:02:75:d8:88:25:91:29:
1d:3e:a2:9d:80:1e:04:a4:dd:b1:ce:1a:b3:1a:1a:06:f1:75:
b8:1a:de:35:c0:51:b8:d6:ca:50:09:b7:9e:22:b1:75:d4:79:
15:21:f4:1d:e9:9a:e2:f3:31:71:3d:f4:aa:6f:04:f0:8e:f7:
5f:41:54:e0:58:3b:c7:68:7d:aa:6b:c6:9a:30:b3:c6:3e:a6:
51:3d:72:77:2e:b5:0e:8c:de:45:98:0a:3c:8d:84:37:d1:1f:
0b:7e:e0:19:62:21:02:dc:33:0f:65:c3:20:95:13:47:73:ba:
79:ee:8e:a3:c3:9c:ab:4f:a5:51:71:02:9d:57:a6:70:f1:ec:
2b:03:f3:56:6d:17:f6:aa:07:fb:06:6f:e3:c3:33:6d:29:a1:
e1:db:90:90:37:b1:ee:c1:ee:2d:48:4b:3f:8e:9c:14:33:4a:
6b:bf:34:21:6c:a5:24:56:68:97:62:94:b0:65:b7:5e:a9:f4:
24:b2:a7:6d:be:ef:0e:6e:f6:27:09:dd:4f:39:8e:41:8f:4b:
fc:6a:0e:cd:ff:ca:31:a4:cb:4d:9a:a0:3a:0b:78:0d:a9:c5:
3e:b1:92:d9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzI3uyHz+bK/W79uYDHjWZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjQwMTAyMDYzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWMyNmRhNDZlZDgzYWVhNjg3NDU2MzQ0OGYzYjYyY2ZlZTA0MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPV7ZeDkyfyJwwo6ANogXatXFeE3
4srHVmemMUn4nc5pj+UsUfPN+dzEur9a2feF/6w55m91LEFP06bX7Bn1ehN+olmb
txJb6icN4d85ZrKk2k3+vVbWGqyEr2rNzLVm30Qo84cWM+PlG00Y2+C82Px0e6Zx
Rh20Tvs3o74FYjPYjOa27Leh4p2YtuJG5nLdkQu1K06AEyi4Fc4+ntI2HI+n6m6g
9K4TnuV+dl3YEpdRaeh/UkSm9FJfq8ewKbcwK3on1DIpHmCc4j8LAwee+dhgfeim
5t0aEbeTDudej0qWfYrxy8UapGnTpKmvgqrYhl5IE2c3b2CvfbeXLib/IQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJnCbaRu2DrqaHRWNEjztiz+4EM1MB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvbWNKdHBHN1lPdXBvZEZZMFNQTzJMUDdnUXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgoCwAAI
MA0GCSqGSIb3DQEBCwUAA4IBAQAgMGx55oODS9pI4ImRHbnv3ZtpCQ1+C0jRY92k
vwJ12IglkSkdPqKdgB4EpN2xzhqzGhoG8XW4Gt41wFG41spQCbeeIrF11HkVIfQd
6Zri8zFxPfSqbwTwjvdfQVTgWDvHaH2qa8aaMLPGPqZRPXJ3LrUOjN5FmAo8jYQ3
0R8LfuAZYiEC3DMPZcMglRNHc7p57o6jw5yrT6VRcQKdV6Zw8ewrA/NWbRf2qgf7
Bm/jwzNtKaHh25CQN7Huwe4tSEs/jpwUM0prvzQhbKUkVmiXYpSwZbdeqfQksqdt
vu8ObvYnCd1POY5Bj0v8ag7N/8oxpMtNmqA6C3gNqcU+sZLZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:43:36 2025 by rpki-client