Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/Mc47KTFx7mNW6T9AzwFQnORKxNA.roa
File: Mc47KTFx7mNW6T9AzwFQnORKxNA.roa (raw, json)
Hash identifier: SjjFKuGqGuYp+l50qhtRRNH//gXH48uDegO8KJESJaQ=
Subject key identifier: 31:CE:3B:29:31:71:EE:63:56:E9:3F:40:CF:01:50:9C:E4:4A:C4:D0
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 018AA79E169B2366B1EAA8940AA4462D8A33
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/Mc47KTFx7mNW6T9AzwFQnORKxNA.roa
Signing time: Mon 18 Sep 2023 09:27:50 +0000
ROA not before: Mon 18 Sep 2023 09:27:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207021
IP address blocks: 2a04:2b00:14dd::/48 maxlen: 48
2a04:2b00:14ee::/48 maxlen: 48
2a04:2b00:14cc::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:9e:16:9b:23:66:b1:ea:a8:94:0a:a4:46:2d:8a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Sep 18 09:27:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31ce3b293171ee6356e93f40cf01509ce44ac4d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:71:59:d1:c7:79:a9:1a:8b:ca:cd:73:13:08:
94:a9:43:82:22:16:53:22:10:b1:c0:c1:fb:79:83:
00:17:94:26:76:fe:fc:78:e0:0b:0d:4e:8e:c6:b8:
a4:e8:6d:37:42:d4:45:4f:c9:90:de:49:09:6b:c2:
d5:fa:1e:71:ae:31:d0:08:4f:4e:cb:f9:d9:37:cb:
07:e8:d6:2f:85:87:ad:9d:21:b0:8e:e9:2c:0b:da:
f9:65:f3:7b:14:7b:ba:f7:e6:32:f6:20:a2:fd:bc:
1f:e9:ab:d4:40:8f:62:f4:6c:78:f6:a1:70:5d:b9:
19:ab:8f:eb:42:b4:a6:d7:a3:61:e0:8e:98:b7:9b:
96:30:14:b2:50:ee:b5:df:cc:93:8a:55:08:0b:5f:
bb:b2:24:b3:11:72:f7:36:24:cc:7b:b9:0f:74:4f:
bd:d3:8c:8a:fa:53:90:6a:af:2a:bf:37:5c:8a:6e:
a4:ab:10:f9:06:da:39:bb:d4:fb:5d:2d:b8:ef:78:
97:c6:de:37:4d:82:64:83:6f:60:ef:57:28:13:46:
df:de:12:dd:84:26:80:5e:81:97:54:3d:2d:25:60:
1c:06:cd:7c:17:15:92:d7:3a:32:b0:f7:9d:65:a9:
ac:89:61:90:2c:cd:3b:c9:8e:23:7d:44:57:4f:87:
06:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CE:3B:29:31:71:EE:63:56:E9:3F:40:CF:01:50:9C:E4:4A:C4:D0
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/Mc47KTFx7mNW6T9AzwFQnORKxNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:2b00:14cc::/48
2a04:2b00:14dd::/48
2a04:2b00:14ee::/48
Signature Algorithm: sha256WithRSAEncryption
18:e5:da:73:a2:ec:08:4b:e7:d0:ad:0d:fd:b5:10:11:06:ec:
5c:36:9d:71:78:79:f8:31:a5:a4:b5:e0:68:fa:7f:5f:97:fb:
fe:b4:f7:24:ec:38:f9:19:ed:fe:1d:e7:d8:06:c8:e1:c7:34:
4b:83:4d:67:e3:d5:3a:5a:09:ef:e3:70:df:4a:8d:db:4b:a5:
30:d2:61:b5:87:cf:99:4b:df:19:34:4a:e0:0d:3c:c9:a6:09:
2e:36:91:25:05:e3:d4:7d:a9:c5:95:60:af:d2:e0:4e:cf:b0:
ca:7e:aa:b4:bc:9e:0b:e8:3d:6f:6b:19:8d:bb:19:e3:f4:63:
c3:d1:22:67:e6:78:d0:d9:0a:52:b9:13:06:3e:17:09:be:e2:
e3:ce:b8:24:21:ec:09:4b:76:27:06:91:82:1a:1c:52:22:7f:
d0:9f:c0:87:c2:e7:8a:52:c2:b2:07:6d:bd:e4:2a:68:4c:51:
cd:66:50:fb:bd:15:52:c4:77:35:5e:e9:af:b6:d3:cd:f2:c8:
fe:ae:34:a7:1c:98:4a:ec:70:98:fe:ec:47:28:f0:10:9c:df:
b2:03:25:10:65:a2:b0:2f:90:b2:44:b6:e6:42:a4:85:33:55:
2b:85:cb:5c:21:7a:d8:ad:df:59:97:a8:6a:3c:93:e0:c1:00:
9c:77:74:ae
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYqnnhabI2ax6qiUCqRGLYozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjMwOTE4MDkyNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNlM2IyOTMxNzFlZTYzNTZlOTNmNDBjZjAxNTA5Y2U0NGFjNGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXFZ0cd5qRqLys1zEwiUqUOCIhZT
IhCxwMH7eYMAF5Qmdv78eOALDU6Oxrik6G03QtRFT8mQ3kkJa8LV+h5xrjHQCE9O
y/nZN8sH6NYvhYetnSGwjuksC9r5ZfN7FHu69+Yy9iCi/bwf6avUQI9i9Gx49qFw
XbkZq4/rQrSm16Nh4I6Yt5uWMBSyUO6138yTilUIC1+7siSzEXL3NiTMe7kPdE+9
04yK+lOQaq8qvzdcim6kqxD5Bto5u9T7XS2473iXxt43TYJkg29g71coE0bf3hLd
hCaAXoGXVD0tJWAcBs18FxWS1zoysPedZamsiWGQLM07yY4jfURXT4cGDQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDHOOykxce5jVuk/QM8BUJzkSsTQMB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvTWM0N0tURng3bU5XNlQ5QXp3RlFuT1JLeE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgQrABTM
AwcAKgQrABTdAwcAKgQrABTuMA0GCSqGSIb3DQEBCwUAA4IBAQAY5dpzouwIS+fQ
rQ39tRARBuxcNp1xeHn4MaWkteBo+n9fl/v+tPck7Dj5Ge3+HefYBsjhxzRLg01n
49U6Wgnv43DfSo3bS6Uw0mG1h8+ZS98ZNErgDTzJpgkuNpElBePUfanFlWCv0uBO
z7DKfqq0vJ4L6D1vaxmNuxnj9GPD0SJn5njQ2QpSuRMGPhcJvuLjzrgkIewJS3Yn
BpGCGhxSIn/Qn8CHwueKUsKyB2295CpoTFHNZlD7vRVSxHc1XumvttPN8sj+rjSn
HJhK7HCY/uxHKPAQnN+yAyUQZaKwL5CyRLbmQqSFM1UrhctcIXrYrd9Zl6hqPJPg
wQCcd3Su
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:32 2024 by rpki-client on console-ams.rpki-client.org