Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/MTU4XtB6KnHxzP2UBle_hBHm2a4.roa
File: MTU4XtB6KnHxzP2UBle_hBHm2a4.roa (raw, json)
Hash identifier: /enPIKscscTQqI7SobqqoH1APORHfCnSYf4n466kcHg=
Subject key identifier: 31:35:38:5E:D0:7A:2A:71:F1:CC:FD:94:06:57:BF:84:11:E6:D9:AE
Certificate issuer: /CN=52502a29ac06b65e932e1bd97d7fcf29c371cb3d
Certificate serial: 0188B3919898FCDD17D5D963460C5A0AA870
Authority key identifier: 52:50:2A:29:AC:06:B6:5E:93:2E:1B:D9:7D:7F:CF:29:C3:71:CB:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UlAqKawGtl6TLhvZfX_PKcNxyz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/MTU4XtB6KnHxzP2UBle_hBHm2a4.roa
Signing time: Tue 13 Jun 2023 07:04:03 +0000
ROA not before: Tue 13 Jun 2023 07:04:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57027
IP address blocks: 2a09:2b80:2::/48 maxlen: 48
2a09:2b80::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b3:91:98:98:fc:dd:17:d5:d9:63:46:0c:5a:0a:a8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52502a29ac06b65e932e1bd97d7fcf29c371cb3d
Validity
Not Before: Jun 13 07:04:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3135385ed07a2a71f1ccfd940657bf8411e6d9ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6f:44:24:41:36:f9:39:7f:a0:b4:9f:38:67:
02:7f:cd:a0:ff:dd:a9:a3:69:66:34:a5:5c:1a:5c:
56:3c:12:ac:2e:92:45:1d:e0:7c:bc:80:bd:0b:76:
e3:1b:fb:dc:25:d8:fc:c5:39:1d:a5:90:c4:8a:42:
4c:82:6a:c9:f4:e8:e1:95:1e:43:d1:6f:5e:cb:2d:
9f:d3:a1:d9:b2:46:5c:67:7f:e5:44:9c:d7:c3:df:
63:6e:c7:02:a4:15:b2:dc:c2:8a:3d:41:2e:11:93:
52:15:3a:45:81:e8:b6:ae:34:72:9f:1d:4c:4b:7d:
cf:44:ff:ec:38:13:8f:5a:72:3c:c4:f0:04:bc:01:
e1:18:dc:05:af:88:8e:8a:66:87:dd:4d:c7:77:51:
35:1a:ce:72:a3:6e:32:c6:a7:c0:dd:3c:d0:f0:64:
3d:a9:1a:c0:92:52:c9:68:9a:6f:ac:b9:91:bb:cf:
49:96:dd:84:26:c2:13:15:7f:cf:c0:b0:01:6b:ec:
d7:28:c4:09:03:b5:33:3b:26:51:62:42:5b:66:a1:
97:bf:f8:88:c8:82:0e:7f:49:de:44:02:9c:63:e8:
be:3b:02:21:b2:1a:a7:4d:d7:59:5c:f4:fc:f7:fb:
a2:a2:77:ef:7d:71:64:65:4b:64:9b:74:81:c4:97:
f4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:35:38:5E:D0:7A:2A:71:F1:CC:FD:94:06:57:BF:84:11:E6:D9:AE
X509v3 Authority Key Identifier:
keyid:52:50:2A:29:AC:06:B6:5E:93:2E:1B:D9:7D:7F:CF:29:C3:71:CB:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UlAqKawGtl6TLhvZfX_PKcNxyz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/MTU4XtB6KnHxzP2UBle_hBHm2a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d03109-e2dc-4bc9-ba2e-d649e227097f/1/UlAqKawGtl6TLhvZfX_PKcNxyz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2b80::/48
2a09:2b80:2::/48
Signature Algorithm: sha256WithRSAEncryption
03:06:4b:9f:d5:9b:aa:91:b9:82:f1:84:7a:f0:5c:fb:d5:aa:
66:58:2f:a3:d1:39:71:3c:e9:37:2f:62:af:7d:19:ca:87:ce:
7e:07:26:e6:54:de:b5:c9:f9:0d:b1:41:de:cc:69:23:fb:d8:
0d:36:2b:f7:e7:98:3f:52:ce:f7:6d:8d:c1:9a:50:53:9f:0a:
6e:f9:1d:b1:da:1b:c3:35:ca:28:22:be:96:ea:ba:6c:58:3c:
57:02:af:ec:da:cc:a4:77:a5:db:d7:9a:14:79:0a:fb:41:0d:
ba:16:38:77:b3:26:d5:88:94:55:6e:ad:ca:a6:86:8c:e6:1e:
af:ba:8a:1e:6a:a4:35:4e:8a:80:e7:98:31:97:09:e3:fd:02:
be:27:c2:ed:94:60:04:e4:94:6f:d0:7c:e1:6e:5e:22:7d:d8:
8a:30:d2:74:fd:b3:19:23:ed:2d:29:77:ea:79:5d:8a:ba:bb:
c6:d4:c6:60:32:2a:6a:62:e4:d4:71:7b:de:e5:03:13:4a:ac:
49:12:f8:26:17:7a:38:11:26:d2:57:49:af:60:3b:b1:26:2f:
fe:3d:d4:3f:06:47:c4:fd:9f:82:4f:d9:76:97:02:4e:3b:1d:
bc:66:4d:d9:77:a6:e1:3b:4e:81:a8:9d:d1:91:ab:87:56:72:
31:fb:5d:f7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYizkZiY/N0X1dljRgxaCqhwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNTAyYTI5YWMwNmI2NWU5MzJlMWJkOTdkN2ZjZjI5YzM3
MWNiM2QwHhcNMjMwNjEzMDcwNDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM1Mzg1ZWQwN2EyYTcxZjFjY2ZkOTQwNjU3YmY4NDExZTZkOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjG9EJEE2+Tl/oLSfOGcCf82g/92p
o2lmNKVcGlxWPBKsLpJFHeB8vIC9C3bjG/vcJdj8xTkdpZDEikJMgmrJ9OjhlR5D
0W9eyy2f06HZskZcZ3/lRJzXw99jbscCpBWy3MKKPUEuEZNSFTpFgei2rjRynx1M
S33PRP/sOBOPWnI8xPAEvAHhGNwFr4iOimaH3U3Hd1E1Gs5yo24yxqfA3TzQ8GQ9
qRrAklLJaJpvrLmRu89Jlt2EJsITFX/PwLABa+zXKMQJA7UzOyZRYkJbZqGXv/iI
yIIOf0neRAKcY+i+OwIhshqnTddZXPT89/uionfvfXFkZUtkm3SBxJf0iwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDE1OF7Qeipx8cz9lAZXv4QR5tmuMB8GA1UdIwQY
MBaAFFJQKimsBrZeky4b2X1/zynDccs9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWxBcUthd0d0bDZUTGh2WmZYX1BLY054eXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kMDMxMDktZTJkYy00YmM5LWJhMmUt
ZDY0OWUyMjcwOTdmLzEvTVRVNFh0QjZLbkh4elAyVUJsZV9oQkhtMmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kMDMxMDktZTJkYy00YmM5LWJhMmUtZDY0OWUyMjcwOTdm
LzEvVWxBcUthd0d0bDZUTGh2WmZYX1BLY054eXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgkrgAAA
AwcAKgkrgAACMA0GCSqGSIb3DQEBCwUAA4IBAQADBkuf1ZuqkbmC8YR68Fz71apm
WC+j0TlxPOk3L2KvfRnKh85+BybmVN61yfkNsUHezGkj+9gNNiv355g/Us73bY3B
mlBTnwpu+R2x2hvDNcooIr6W6rpsWDxXAq/s2sykd6Xb15oUeQr7QQ26Fjh3sybV
iJRVbq3KpoaM5h6vuooeaqQ1ToqA55gxlwnj/QK+J8LtlGAE5JRv0Hzhbl4ifdiK
MNJ0/bMZI+0tKXfqeV2KurvG1MZgMipqYuTUcXve5QMTSqxJEvgmF3o4ESbSV0mv
YDuxJi/+PdQ/BkfE/Z+CT9l2lwJOOx28Zk3Zd6bhO06BqJ3RkauHVnIx+133
-----END CERTIFICATE-----
Generated at Tue Dec 19 13:09:19 2023 by rpki-client on console-ams.rpki-client.org