Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/MTfwv1l-bwjVl55iCoWoX0z7QD8.roa
File: MTfwv1l-bwjVl55iCoWoX0z7QD8.roa (raw, json)
Hash identifier: 1LtOUr1YEYIsc7AUYitrLZ6+BGxXPRrdLyfyZvkMt1I=
Subject key identifier: 31:37:F0:BF:59:7E:6F:08:D5:97:9E:62:0A:85:A8:5F:4C:FB:40:3F
Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Certificate serial: 018CC8011DC290D417512DEE7F2063C3C32C
Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/MTfwv1l-bwjVl55iCoWoX0z7QD8.roa
Signing time: Tue 02 Jan 2024 02:29:25 +0000
ROA not before: Tue 02 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21371
IP address blocks: 2a03:6c80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:1d:c2:90:d4:17:51:2d:ee:7f:20:63:c3:c3:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4
Validity
Not Before: Jan 2 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3137f0bf597e6f08d5979e620a85a85f4cfb403f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:6c:d7:3d:38:68:37:ef:b5:5b:14:2f:30:1b:
44:92:e4:30:51:1c:63:2e:e2:7c:ef:c2:fc:05:22:
79:46:e4:e4:e7:94:84:66:4f:50:69:93:0e:07:6c:
3b:8e:db:f7:8e:aa:a2:c4:61:a4:81:a4:b5:02:0b:
ce:e9:c4:fc:ae:0d:43:7f:2f:c3:96:4b:08:0b:07:
1f:72:65:00:2d:1c:e7:22:f2:03:90:ad:c6:bd:e5:
8e:99:b5:3b:be:55:cb:a5:1d:b8:9b:56:f5:1d:e1:
7e:e0:b5:87:22:56:2f:e5:8a:30:bf:e4:cb:c0:55:
3c:97:69:5b:9f:7e:31:ab:d3:94:78:39:ae:a8:4f:
dd:89:bd:af:e0:cf:8c:f7:0e:8c:79:32:37:69:f6:
30:ab:d2:ca:de:bd:d2:c7:7a:b5:77:00:b3:b7:49:
88:40:6a:b2:dd:01:bf:fb:e7:a6:2c:7a:2e:90:e7:
d4:ec:bf:8c:69:46:73:5c:ca:ec:81:8a:6d:f4:cb:
fc:84:78:b6:59:d9:1b:ba:f0:1b:ea:a4:b5:45:67:
81:32:f3:4e:33:97:2f:d6:c5:77:8f:6d:4a:bd:16:
14:88:ee:9f:7e:7f:f2:ed:ea:59:fe:fc:4d:1d:d6:
52:9f:52:12:27:30:e6:33:05:ea:26:99:01:2d:8b:
10:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:37:F0:BF:59:7E:6F:08:D5:97:9E:62:0A:85:A8:5F:4C:FB:40:3F
X509v3 Authority Key Identifier:
keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/MTfwv1l-bwjVl55iCoWoX0z7QD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6c80::/32
Signature Algorithm: sha256WithRSAEncryption
68:6a:55:2c:4a:1a:0c:9a:00:45:d7:90:bc:e2:6c:66:2f:ca:
02:c9:4e:35:6a:29:79:77:ed:c8:6a:96:db:6f:ab:1c:db:4e:
76:57:35:3f:4f:63:6d:d5:c0:b8:f3:1e:bc:05:45:01:c1:f8:
ab:26:c6:cc:e5:14:6f:4c:51:4f:32:2b:81:73:7b:46:59:50:
ee:37:85:b5:ed:07:b2:1a:3d:39:c8:48:26:56:a5:4b:d7:34:
18:66:f3:39:d1:5b:ce:87:6e:ec:d5:c4:fa:65:8b:6b:fb:1c:
2e:5d:0b:05:e9:a8:35:b0:69:98:0d:ef:1b:8b:c0:de:ba:45:
af:02:37:a2:bb:b3:81:51:8e:07:16:3d:cd:82:07:ca:e2:43:
54:6b:d5:f0:99:9c:e7:f7:a1:30:06:da:b4:69:e9:59:f5:f5:
b3:20:b2:25:c8:54:11:22:0a:2f:a6:33:17:53:9a:b5:82:9d:
53:d7:26:66:4a:93:18:01:02:42:be:4a:50:8e:be:11:ed:7f:
94:9c:f9:c8:81:34:c7:36:c3:8e:de:58:dd:64:12:9c:83:0a:
0d:13:84:fd:46:59:54:8f:5f:08:59:20:5f:cb:19:7f:1f:c7:
bc:32:19:60:f4:a6:b7:e5:0e:7e:68:0a:e8:23:6c:1c:17:e5:
09:ee:6c:df
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIAR3CkNQXUS3ufyBjw8MsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm
ZDE5YjQwHhcNMjQwMTAyMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM3ZjBiZjU5N2U2ZjA4ZDU5NzllNjIwYTg1YTg1ZjRjZmI0MDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGzXPThoN++1WxQvMBtEkuQwURxj
LuJ878L8BSJ5RuTk55SEZk9QaZMOB2w7jtv3jqqixGGkgaS1AgvO6cT8rg1Dfy/D
lksICwcfcmUALRznIvIDkK3GveWOmbU7vlXLpR24m1b1HeF+4LWHIlYv5Yowv+TL
wFU8l2lbn34xq9OUeDmuqE/dib2v4M+M9w6MeTI3afYwq9LK3r3Sx3q1dwCzt0mI
QGqy3QG/++emLHoukOfU7L+MaUZzXMrsgYpt9Mv8hHi2WdkbuvAb6qS1RWeBMvNO
M5cv1sV3j21KvRYUiO6ffn/y7epZ/vxNHdZSn1ISJzDmMwXqJpkBLYsQ4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDE38L9Zfm8I1ZeeYgqFqF9M+0A/MB8GA1UdIwQY
MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt
NjFiNzkwMmVlMjA0LzEvTVRmd3YxbC1id2pWbDU1aUNvV29YMHo3UUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0
LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgNsgDAN
BgkqhkiG9w0BAQsFAAOCAQEAaGpVLEoaDJoARdeQvOJsZi/KAslONWopeXftyGqW
22+rHNtOdlc1P09jbdXAuPMevAVFAcH4qybGzOUUb0xRTzIrgXN7RllQ7jeFte0H
sho9OchIJlalS9c0GGbzOdFbzodu7NXE+mWLa/scLl0LBemoNbBpmA3vG4vA3rpF
rwI3oruzgVGOBxY9zYIHyuJDVGvV8Jmc5/ehMAbatGnpWfX1syCyJchUESIKL6Yz
F1OatYKdU9cmZkqTGAECQr5KUI6+Ee1/lJz5yIE0xzbDjt5Y3WQSnIMKDROE/UZZ
VI9fCFkgX8sZfx/HvDIZYPSmt+UOfmgK6CNsHBflCe5s3w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:03 2025 by rpki-client