Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Mvdn_touDx_lzdlTSmMyY9bUWL0.roa
File: Mvdn_touDx_lzdlTSmMyY9bUWL0.roa (raw, json)
Hash identifier: HwJ24vFVWzkvRxvsQLbWFOtIFJnp2jflzmhfmCFXYaE=
Subject key identifier: 32:F7:67:FE:DA:2E:0F:1F:E5:CD:D9:53:4A:63:32:63:D6:D4:58:BD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0191BA295FE3361764CBEE83EBE5FD665857
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Mvdn_touDx_lzdlTSmMyY9bUWL0.roa
Signing time: Tue 03 Sep 2024 23:12:39 +0000
ROA not before: Tue 03 Sep 2024 23:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2001:67c:64:ffff:0:190:fdf2:f302/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 04 Sep 2024 00:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ba:29:5f:e3:36:17:64:cb:ee:83:eb:e5:fd:66:58:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Sep 3 23:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32f767feda2e0f1fe5cdd9534a633263d6d458bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e8:e8:c9:de:e7:21:2e:65:f2:98:81:e8:f7:
8d:04:dd:39:f0:28:fe:6a:f9:41:c2:d7:43:c7:28:
2a:ff:50:83:9a:25:78:a4:ac:6d:f7:d3:62:e0:8c:
17:a4:e0:58:85:42:c3:4f:32:e8:c1:5c:4a:8c:c8:
86:c4:70:a6:c2:fc:8a:e1:d1:c3:6c:a0:17:af:ce:
38:d4:00:db:29:04:94:6a:40:46:84:b8:45:fb:c4:
7c:f0:86:d0:83:8a:af:2c:4d:41:29:17:57:ec:98:
93:bc:71:5f:28:e2:4f:6d:6a:d3:e5:3e:80:4e:e7:
33:d5:65:d3:1a:de:61:70:56:d8:51:eb:b6:e6:7a:
30:3e:64:54:5c:39:06:01:16:eb:96:0b:d3:06:02:
bc:1b:0e:df:32:7c:94:6b:31:eb:40:7d:59:b6:4e:
36:5d:b4:80:df:76:37:ff:d5:58:88:10:58:8c:49:
b1:4a:06:58:b6:78:8e:49:1a:2f:13:77:aa:71:c9:
ed:4d:80:f4:8a:9d:03:c7:11:45:44:7a:37:31:36:
a8:08:8b:37:8d:60:f5:41:fc:02:34:da:4b:a6:b8:
f0:53:ff:22:06:06:2d:1b:b2:c1:ee:63:42:0a:2d:
e3:d3:72:dc:da:9e:74:4b:a6:f8:99:4b:07:e5:ad:
5c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F7:67:FE:DA:2E:0F:1F:E5:CD:D9:53:4A:63:32:63:D6:D4:58:BD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Mvdn_touDx_lzdlTSmMyY9bUWL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:64:ffff:0:190:fdf2:f302/128
Signature Algorithm: sha256WithRSAEncryption
3f:72:d5:fd:34:a3:4f:a9:63:6c:1f:a3:4f:fa:1e:b7:c3:5e:
13:08:ff:58:0c:36:0b:93:77:c3:85:e8:1a:3a:b0:62:f6:67:
51:9b:ec:03:e3:77:c4:30:86:45:89:f8:13:e1:c7:0c:b6:c2:
79:08:e1:ed:31:5b:2c:76:11:12:99:10:be:30:50:27:ff:a1:
6a:0b:d6:96:10:5d:95:80:17:e3:c5:5a:80:1a:85:8d:9c:cb:
5c:17:14:bf:99:a0:e9:28:3c:1a:f6:be:15:f4:92:d3:de:10:
dd:05:26:7c:18:28:51:83:d6:7f:0f:01:8d:82:60:bf:16:72:
bb:fb:2c:51:23:13:f6:59:96:11:3f:a5:86:f8:ef:6d:f4:1f:
3c:87:e5:27:59:62:0c:f6:38:c7:e8:e8:a3:d9:03:1b:5a:4d:
f5:50:b8:47:30:a5:ce:d0:de:d8:2d:5f:d1:9b:f4:94:33:da:
92:0d:45:b9:70:2b:48:c9:64:9b:07:9c:1c:7e:0a:56:e0:fc:
93:00:27:bf:61:df:5a:6a:b9:d9:cb:4d:67:9c:0f:b2:d4:e6:
fc:a0:7d:bc:d9:39:3f:df:5f:09:2b:b9:9e:3e:17:98:c5:0e:
6c:45:5d:3e:33:e7:f2:8d:ac:80:b0:8e:9b:91:26:24:64:7e:
c0:bd:83:23
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZG6KV/jNhdky+6D6+X9ZlhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwOTAzMjMxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY3NjdmZWRhMmUwZjFmZTVjZGQ5NTM0YTYzMzI2M2Q2ZDQ1OGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxujoyd7nIS5l8piB6PeNBN058Cj+
avlBwtdDxygq/1CDmiV4pKxt99Ni4IwXpOBYhULDTzLowVxKjMiGxHCmwvyK4dHD
bKAXr8441ADbKQSUakBGhLhF+8R88IbQg4qvLE1BKRdX7JiTvHFfKOJPbWrT5T6A
Tucz1WXTGt5hcFbYUeu25nowPmRUXDkGARbrlgvTBgK8Gw7fMnyUazHrQH1Ztk42
XbSA33Y3/9VYiBBYjEmxSgZYtniOSRovE3eqccntTYD0ip0DxxFFRHo3MTaoCIs3
jWD1QfwCNNpLprjwU/8iBgYtG7LB7mNCCi3j03Lc2p50S6b4mUsH5a1c+wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDL3Z/7aLg8f5c3ZU0pjMmPW1Fi9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTXZkbl90b3VEeF9semRsVFNtTXlZOWJVV0wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATAxEAIAEGfABk
//8AAAGQ/fLzAjANBgkqhkiG9w0BAQsFAAOCAQEAP3LV/TSjT6ljbB+jT/oet8Ne
Ewj/WAw2C5N3w4XoGjqwYvZnUZvsA+N3xDCGRYn4E+HHDLbCeQjh7TFbLHYREpkQ
vjBQJ/+hagvWlhBdlYAX48VagBqFjZzLXBcUv5mg6Sg8Gva+FfSS094Q3QUmfBgo
UYPWfw8BjYJgvxZyu/ssUSMT9lmWET+lhvjvbfQfPIflJ1liDPY4x+joo9kDG1pN
9VC4RzClztDe2C1f0Zv0lDPakg1FuXArSMlkmwecHH4KVuD8kwAnv2HfWmq52ctN
Z5wPstTm/KB9vNk5P99fCSu5nj4XmMUObEVdPjPn8o2sgLCOm5EmJGR+wL2DIw==
-----END CERTIFICATE-----
Generated at Wed Sep 4 02:16:58 2024 by rpki-client on console-fra.rpki-client.org