Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MKdKERHJdhvhzWiqiNNv66PSx2M.roa
File: MKdKERHJdhvhzWiqiNNv66PSx2M.roa (raw, json)
Hash identifier: QYDtkOzRs59EvfJ885iHnM3222wLkfYFOa9iehtUjVQ=
Subject key identifier: 30:A7:4A:11:11:C9:76:1B:E1:CD:68:AA:88:D3:6F:EB:A3:D2:C7:63
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C31FC5F4ED808D1D1118A49430E390
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MKdKERHJdhvhzWiqiNNv66PSx2M.roa
Signing time: Mon 02 Jan 2023 09:14:51 +0000
ROA not before: Mon 02 Jan 2023 09:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206479
IP address blocks: 2a06:e881:2100::/44 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:1f:c5:f4:ed:80:8d:1d:11:18:a4:94:30:e3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30a74a1111c9761be1cd68aa88d36feba3d2c763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:09:6c:b6:d8:cb:47:70:06:3c:3a:1b:ab:6a:
ee:12:d4:0d:5a:0b:c4:5b:2a:c2:8c:df:e0:94:af:
a1:3e:ec:48:be:c1:b7:c5:09:5e:68:6e:d5:f6:a7:
27:e1:67:a9:ab:9d:73:b9:e0:fd:b2:c0:67:a0:cf:
46:f4:7b:5e:ce:96:ce:e4:37:3a:d8:59:df:83:c9:
d3:f5:7a:c9:54:8f:f3:44:aa:5a:5c:d9:66:b5:55:
46:7f:51:e2:31:c6:8a:de:09:cb:b1:aa:16:15:2b:
6d:89:3f:4f:f3:01:bf:3c:f7:20:9f:5c:56:12:8c:
0a:c9:54:d9:06:35:d4:90:51:48:78:96:a0:01:bf:
01:9f:d3:42:1d:e6:e9:18:44:eb:48:dc:99:3f:d9:
ac:e1:45:61:da:1f:5f:7b:51:5b:68:df:a5:56:f0:
5e:d9:84:41:df:95:14:1d:cd:fa:68:a5:0e:76:bb:
8f:82:69:2f:33:c4:3e:0c:77:3c:b7:d2:b9:cb:3c:
b1:24:9d:bd:e5:33:6c:50:e4:87:a8:5d:01:c8:3a:
12:dd:6b:59:53:61:5c:87:d7:79:89:4d:a7:ff:f2:
a3:08:c5:9b:92:44:8b:75:a9:80:6e:28:14:cc:c2:
19:af:7f:5e:ca:95:be:73:49:8d:70:6f:30:ae:70:
80:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A7:4A:11:11:C9:76:1B:E1:CD:68:AA:88:D3:6F:EB:A3:D2:C7:63
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MKdKERHJdhvhzWiqiNNv66PSx2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:2100::/44
Signature Algorithm: sha256WithRSAEncryption
60:cb:db:65:70:94:0b:c0:e2:fe:98:fe:9a:73:e6:56:0d:86:
84:3e:ce:ad:7a:2e:02:ff:05:36:5d:ab:49:a6:3f:6b:5b:1b:
d8:ed:3e:69:d3:62:98:f3:35:24:b7:87:83:be:4a:6f:59:2a:
fd:33:98:1b:c6:04:e2:ec:b5:ba:03:9a:28:e9:b5:9d:b7:6b:
be:9a:d6:21:a1:a4:9c:14:0b:b0:96:f9:fd:ad:cf:81:f0:96:
00:f9:54:9d:08:8b:a7:d7:f4:d7:b1:7f:64:70:98:6f:9c:c3:
be:d7:72:b6:b0:82:53:11:ed:24:a7:f8:2b:97:3f:4a:09:38:
b0:05:60:e0:5b:25:96:80:c6:c7:37:c4:41:6d:5d:f7:c9:cd:
d0:b4:00:b6:d8:f8:00:3f:2d:3e:37:ff:68:62:2c:14:7b:fb:
04:9f:84:cc:8f:22:48:9c:45:be:6c:9d:9d:c4:9d:68:32:6d:
fd:b1:54:fa:bb:ca:f8:08:27:76:a0:59:5a:4e:68:3b:56:d6:
6f:fe:73:24:8f:45:f7:83:48:27:a8:50:9d:c2:69:c7:47:5a:
3f:6b:57:3c:b9:3e:d3:fe:be:d6:a5:c6:b3:ce:96:37:39:70:
22:3f:85:86:b9:f4:bb:98:01:f3:89:5c:49:7d:6e:89:15:c9:
34:0c:3d:8a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVxwx/F9O2AjR0RGKSUMOOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE3NGExMTExYzk3NjFiZTFjZDY4YWE4OGQzNmZlYmEzZDJjNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwlsttjLR3AGPDobq2ruEtQNWgvE
WyrCjN/glK+hPuxIvsG3xQleaG7V9qcn4Wepq51zueD9ssBnoM9G9HtezpbO5Dc6
2Fnfg8nT9XrJVI/zRKpaXNlmtVVGf1HiMcaK3gnLsaoWFSttiT9P8wG/PPcgn1xW
EowKyVTZBjXUkFFIeJagAb8Bn9NCHebpGETrSNyZP9ms4UVh2h9fe1FbaN+lVvBe
2YRB35UUHc36aKUOdruPgmkvM8Q+DHc8t9K5yzyxJJ295TNsUOSHqF0ByDoS3WtZ
U2Fch9d5iU2n//KjCMWbkkSLdamAbigUzMIZr39eypW+c0mNcG8wrnCADQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDCnShERyXYb4c1oqojTb+uj0sdjMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvTUtkS0VSSEpkaHZoeldpcWlOTnY2NlBTeDJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgbogSEA
MA0GCSqGSIb3DQEBCwUAA4IBAQBgy9tlcJQLwOL+mP6ac+ZWDYaEPs6tei4C/wU2
XatJpj9rWxvY7T5p02KY8zUkt4eDvkpvWSr9M5gbxgTi7LW6A5oo6bWdt2u+mtYh
oaScFAuwlvn9rc+B8JYA+VSdCIun1/TXsX9kcJhvnMO+13K2sIJTEe0kp/grlz9K
CTiwBWDgWyWWgMbHN8RBbV33yc3QtAC22PgAPy0+N/9oYiwUe/sEn4TMjyJInEW+
bJ2dxJ1oMm39sVT6u8r4CCd2oFlaTmg7VtZv/nMkj0X3g0gnqFCdwmnHR1o/a1c8
uT7T/r7WpcazzpY3OXAiP4WGufS7mAHziVxJfW6JFck0DD2K
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:16 2024 by rpki-client on console-fra.rpki-client.org