Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MXly3pu-A7KX13QnMmxDAGPwCqg.roa
File: MXly3pu-A7KX13QnMmxDAGPwCqg.roa (raw, json)
Hash identifier: T058tWz09URvzw/6Qnjtledoyv8DBsNAvmMY8ZzmvtM=
Subject key identifier: 31:79:72:DE:9B:BE:03:B2:97:D7:74:27:32:6C:43:00:63:F0:0A:A8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD3489A22A1DE2280CDEDC54B3461672C
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MXly3pu-A7KX13QnMmxDAGPwCqg.roa
Signing time: Sat 01 Jun 2024 10:11:41 +0000
ROA not before: Sat 01 Jun 2024 10:11:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Jun 2024 11:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d3:48:9a:22:a1:de:22:80:cd:ed:c5:4b:34:61:67:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 1 10:11:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=317972de9bbe03b297d77427326c430063f00aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:f0:04:9a:56:8c:7c:35:47:5f:85:3c:72:d6:
d8:25:2f:d3:37:2f:50:bf:7a:a7:02:f3:11:44:b4:
73:9e:d1:e6:96:07:27:c4:15:dd:df:5d:ce:b3:d4:
22:2a:d1:dd:bf:95:3c:13:88:eb:3f:67:c9:73:3d:
37:92:67:f5:46:e4:59:96:ed:7a:03:74:57:b6:0d:
cd:c3:f6:4a:a8:d6:3c:e8:2d:34:4d:d8:d2:6b:86:
c4:21:f2:fa:17:3d:e4:36:d0:5d:0b:ca:e0:56:1d:
e8:1e:df:22:c0:b9:84:38:e1:4f:f3:b0:35:ed:f6:
fb:37:1f:ac:4f:90:17:77:36:cf:4e:e2:fc:5d:ba:
b7:d1:c4:9f:ee:93:84:53:83:71:df:39:af:a9:71:
77:da:74:fd:ed:1e:54:fa:7c:82:39:35:b8:50:e3:
a8:ae:14:4f:ad:82:a9:19:ad:34:a2:ea:ba:4b:ec:
2b:76:e5:17:93:8b:07:67:8a:2e:e5:cf:ca:a8:02:
cb:41:e2:76:7a:3e:d8:1b:39:31:a4:1b:d7:f2:78:
1b:f9:85:d8:13:11:8d:61:87:11:05:75:30:88:df:
17:d8:25:72:ce:70:d1:09:83:e3:21:6b:f5:38:c3:
f3:5b:df:63:27:85:b9:6b:b2:3d:cd:77:74:a7:dd:
bd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:79:72:DE:9B:BE:03:B2:97:D7:74:27:32:6C:43:00:63:F0:0A:A8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MXly3pu-A7KX13QnMmxDAGPwCqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:51:a1:a9:29:13:55:72:84:ed:67:1a:c7:1a:48:17:d5:42:
3d:9c:64:ba:3e:0c:4a:b2:8d:80:02:bb:b8:d4:45:43:7f:49:
4c:51:24:9e:29:38:ee:16:b7:23:ea:06:65:01:07:82:be:2c:
d1:44:17:b7:2f:d3:42:19:5e:6d:b2:c3:10:70:7c:85:ba:ca:
c8:a8:b8:63:2f:c1:f9:df:e9:94:92:99:75:27:67:d0:55:44:
05:28:35:f7:5f:6b:e4:1e:ee:da:88:5a:48:44:5e:ab:b1:8c:
a8:c2:9d:9f:3a:c7:c6:4e:52:77:ac:33:e5:39:f0:07:fd:08:
80:32:dc:b9:bd:61:08:b8:d2:da:7d:c9:0d:bb:a9:17:fa:9f:
f2:de:90:83:df:5a:97:0f:bd:bc:a4:a9:72:51:ee:03:8d:ed:
4a:b9:bf:fa:15:c2:d9:c1:f2:ac:28:91:6f:71:3f:ed:b5:e9:
a6:32:65:57:f8:89:92:f8:10:dc:c8:cd:e6:fe:f3:42:06:99:
1f:cc:15:eb:9b:ab:59:ef:dd:8d:0c:26:17:f5:f7:21:10:fd:
9b:0d:ec:3c:20:0c:6d:f4:15:5e:e0:7b:62:e2:5c:3d:be:4d:
9f:bd:d0:46:be:ce:71:7e:fa:d4:c9:f7:73:11:03:3b:1f:95:
f1:e6:78:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/TSJoiod4igM3txUs0YWcsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAxMTAxMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc5NzJkZTliYmUwM2IyOTdkNzc0MjczMjZjNDMwMDYzZjAwYWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9vAEmlaMfDVHX4U8ctbYJS/TNy9Q
v3qnAvMRRLRzntHmlgcnxBXd313Os9QiKtHdv5U8E4jrP2fJcz03kmf1RuRZlu16
A3RXtg3Nw/ZKqNY86C00TdjSa4bEIfL6Fz3kNtBdC8rgVh3oHt8iwLmEOOFP87A1
7fb7Nx+sT5AXdzbPTuL8Xbq30cSf7pOEU4Nx3zmvqXF32nT97R5U+nyCOTW4UOOo
rhRPrYKpGa00ouq6S+wrduUXk4sHZ4ou5c/KqALLQeJ2ej7YGzkxpBvX8ngb+YXY
ExGNYYcRBXUwiN8X2CVyznDRCYPjIWv1OMPzW99jJ4W5a7I9zXd0p929PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDF5ct6bvgOyl9d0JzJsQwBj8AqoMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTVhseTNwdS1BN0tYMTNRbk1teERBR1B3Q3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAVRoakpE1VyhO1nGsca
SBfVQj2cZLo+DEqyjYACu7jURUN/SUxRJJ4pOO4WtyPqBmUBB4K+LNFEF7cv00IZ
Xm2ywxBwfIW6ysiouGMvwfnf6ZSSmXUnZ9BVRAUoNfdfa+Qe7tqIWkhEXquxjKjC
nZ86x8ZOUnesM+U58Af9CIAy3Lm9YQi40tp9yQ27qRf6n/LekIPfWpcPvbykqXJR
7gON7Uq5v/oVwtnB8qwokW9xP+216aYyZVf4iZL4ENzIzeb+80IGmR/MFeubq1nv
3Y0MJhf19yEQ/ZsN7DwgDG30FV7ge2LiXD2+TZ+90Ea+znF++tTJ93MRAzsflfHm
eBw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:35 2025 by rpki-client