Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MrATmkbPCJ3VIuYmi3CtoS71BEo.roa
File: MrATmkbPCJ3VIuYmi3CtoS71BEo.roa (raw, json)
Hash identifier: J2Ay9yk7Vgo2teFIOwmk2ThUvRPPlLAFVRpJI3+6h9w=
Subject key identifier: 32:B0:13:9A:46:CF:08:9D:D5:22:E6:26:8B:70:AD:A1:2E:F5:04:4A
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 0189F6E06426A34DAE09B2B8D2BE227B02EA
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MrATmkbPCJ3VIuYmi3CtoS71BEo.roa
Signing time: Tue 15 Aug 2023 01:47:28 +0000
ROA not before: Tue 15 Aug 2023 01:47:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 2a06:e881:73ff::/48 maxlen: 48
2a06:e881:650f::/48 maxlen: 48
2a06:e881:9200::/45 maxlen: 48
2a06:e881:7340::/42 maxlen: 48
2a06:e881:9300::/44 maxlen: 48
2a06:e881:9700::/44 maxlen: 44
2a06:e881:9600::/48 maxlen: 48
2a06:e881:9700::/48 maxlen: 48
2a06:e881:9701::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f6:e0:64:26:a3:4d:ae:09:b2:b8:d2:be:22:7b:02:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Aug 15 01:47:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32b0139a46cf089dd522e6268b70ada12ef5044a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:13:03:1b:02:fd:e0:ad:04:15:89:40:25:be:
f5:8c:e5:82:90:88:49:52:29:0c:09:6e:77:43:de:
85:cc:bf:08:b8:0a:0c:73:83:35:43:76:1c:62:c7:
d7:cf:e2:d5:4b:5b:7b:0e:22:1d:f1:19:5b:95:d9:
3f:bc:a7:ff:4c:e7:46:03:17:3c:6f:2e:d2:a3:fe:
8e:06:90:77:7e:a1:09:49:6f:f2:d6:b8:6c:f0:69:
29:9f:c9:aa:ba:24:59:4a:6d:b9:81:64:3f:fa:c1:
a9:12:b1:03:62:4a:f3:d6:6e:6e:cf:68:4b:3a:4c:
a1:6b:f2:ca:d5:02:be:84:13:71:fe:34:9a:1e:7f:
68:48:6f:d7:72:39:5e:8f:cd:9f:f6:01:63:7b:b6:
56:a4:03:71:48:81:b8:9c:a9:9c:6f:d6:99:11:ea:
47:6a:e0:c7:49:e0:7c:d5:32:4f:f9:e0:bb:f2:03:
fa:c1:9c:5e:38:4e:85:cf:bf:56:fb:ad:63:8f:7b:
97:a3:89:81:b0:2a:bc:c2:6d:d4:71:6d:48:47:64:
4a:22:fe:c2:de:01:ca:48:e4:6e:a7:44:25:33:7f:
51:07:a9:fa:50:8b:7a:8a:cf:8d:8f:97:32:dd:a1:
8e:50:c0:79:17:26:44:0e:61:88:9c:82:2b:b0:30:
3d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B0:13:9A:46:CF:08:9D:D5:22:E6:26:8B:70:AD:A1:2E:F5:04:4A
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/MrATmkbPCJ3VIuYmi3CtoS71BEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:e881:650f::/48
2a06:e881:7340::/42
2a06:e881:73ff::/48
2a06:e881:9200::/45
2a06:e881:9300::/44
2a06:e881:9600::/48
2a06:e881:9700::/44
Signature Algorithm: sha256WithRSAEncryption
6b:47:f1:ba:48:b6:dd:0c:23:5c:9e:42:64:27:3f:f3:06:d8:
df:72:29:0e:7f:b5:e6:bd:a3:8f:5c:c0:eb:29:c1:a6:47:c8:
1a:9c:ac:2b:e7:1d:24:ca:ba:a8:90:03:1d:5f:b2:d9:4c:62:
02:e5:6f:5e:00:9a:69:df:79:26:17:f6:54:16:74:94:dc:48:
68:11:c9:28:3c:d6:24:d7:ae:97:40:6d:30:05:6b:28:8b:4f:
2a:81:15:8a:8a:fc:e6:ac:85:52:e9:d5:72:70:08:c9:07:ee:
39:ae:1f:89:df:40:0a:37:4c:52:10:c4:8b:83:b3:f7:de:06:
fd:bd:b1:b2:16:85:98:e4:cc:0f:c5:ec:13:fb:9e:6c:0d:f2:
01:83:54:e6:b2:c7:f3:5f:a2:22:91:78:e8:53:29:e2:d8:dd:
0e:71:ce:0b:bc:57:84:9a:a9:59:b0:2c:a9:c4:9b:c4:d4:a2:
bb:32:11:5e:23:49:0d:b1:a1:51:7e:44:4b:a1:21:de:e8:c0:
f1:51:e3:73:87:a5:1f:0c:98:7a:f6:b4:db:14:73:db:e0:32:
aa:d1:08:50:f7:ca:6e:7d:ba:43:15:2a:24:01:c9:f4:cc:89:
6f:a7:17:89:58:84:d2:0e:17:85:7b:2e:bd:e5:1d:10:e6:47:
05:69:a6:4b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYn24GQmo02uCbK40r4iewLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwODE1MDE0NzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmIwMTM5YTQ2Y2YwODlkZDUyMmU2MjY4YjcwYWRhMTJlZjUwNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhMDGwL94K0EFYlAJb71jOWCkIhJ
UikMCW53Q96FzL8IuAoMc4M1Q3YcYsfXz+LVS1t7DiId8Rlbldk/vKf/TOdGAxc8
by7So/6OBpB3fqEJSW/y1rhs8Gkpn8mquiRZSm25gWQ/+sGpErEDYkrz1m5uz2hL
Okyha/LK1QK+hBNx/jSaHn9oSG/Xcjlej82f9gFje7ZWpANxSIG4nKmcb9aZEepH
auDHSeB81TJP+eC78gP6wZxeOE6Fz79W+61jj3uXo4mBsCq8wm3UcW1IR2RKIv7C
3gHKSORup0QlM39RB6n6UIt6is+Nj5cy3aGOUMB5FyZEDmGInIIrsDA9XQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDKwE5pGzwid1SLmJotwraEu9QRKMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvTXJBVG1rYlBDSjNWSXVZbWkzQ3RvUzcxQkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKgbogWUP
AwcGKgbogXNAAwcAKgbogXP/AwcDKgbogZIAAwcEKgbogZMAAwcAKgbogZYAAwcE
KgbogZcAMA0GCSqGSIb3DQEBCwUAA4IBAQBrR/G6SLbdDCNcnkJkJz/zBtjfcikO
f7XmvaOPXMDrKcGmR8ganKwr5x0kyrqokAMdX7LZTGIC5W9eAJpp33kmF/ZUFnSU
3EhoEckoPNYk166XQG0wBWsoi08qgRWKivzmrIVS6dVycAjJB+45rh+J30AKN0xS
EMSLg7P33gb9vbGyFoWY5MwPxewT+55sDfIBg1TmssfzX6IikXjoUyni2N0Occ4L
vFeEmqlZsCypxJvE1KK7MhFeI0kNsaFRfkRLoSHe6MDxUeNzh6UfDJh69rTbFHPb
4DKq0QhQ98pufbpDFSokAcn0zIlvpxeJWITSDheFey695R0Q5kcFaaZL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org