Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mfWwdmyGYPHq_TN_ENhz2tY_7hQ.roa
File: mfWwdmyGYPHq_TN_ENhz2tY_7hQ.roa (raw, json)
Hash identifier: +nAD8aNRNCFnjFT7wNkRBmU17oJRL6CXUwbvqHWv72Q=
Subject key identifier: 99:F5:B0:76:6C:86:60:F1:EA:FD:33:7F:10:D8:73:DA:D6:3F:EE:14
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 018572BA881C36B65E1E01BB847E5AE67058
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mfWwdmyGYPHq_TN_ENhz2tY_7hQ.roa
Signing time: Mon 02 Jan 2023 13:45:05 +0000
ROA not before: Mon 02 Jan 2023 13:45:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212895
IP address blocks: 2a0f:5707:abf0::/44 maxlen: 48
2a0f:5707:b000::/40 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:88:1c:36:b6:5e:1e:01:bb:84:7e:5a:e6:70:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Jan 2 13:45:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99f5b0766c8660f1eafd337f10d873dad63fee14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c1:77:dd:e6:e6:47:0f:d3:b0:b3:47:45:1d:
6c:16:af:e0:f7:c6:20:4e:ba:f1:d6:94:28:6b:38:
c6:60:0a:0a:c9:1e:be:2c:94:50:c7:ba:bc:57:ff:
05:13:48:89:be:e7:74:34:66:ff:19:27:25:b1:be:
31:46:6e:2a:a0:96:0f:c8:f9:1b:e7:c8:7e:56:dd:
1e:67:da:ac:d1:85:ac:aa:48:59:4c:2d:fe:bb:62:
68:82:c5:0f:31:8a:cb:8b:6e:f6:b3:7c:3a:16:8c:
54:2d:d0:28:9c:fa:e7:16:50:c6:b2:a8:0b:3c:cc:
a1:97:e3:89:0a:20:bc:25:cc:66:eb:41:f7:0b:18:
73:a8:97:7c:1a:f8:0a:bf:1d:af:d4:2c:57:94:c9:
25:ba:ae:4f:18:d8:45:f9:5e:b5:3a:37:0e:57:46:
c9:bc:f5:85:48:d3:f3:03:5a:1e:fa:7c:6e:fe:4c:
26:1e:d0:e1:00:87:33:58:08:7c:8d:9e:68:91:64:
2d:eb:3c:1a:91:eb:6d:4d:4f:5a:f0:3a:a5:e5:9b:
ce:ea:91:69:5e:a9:a1:bf:c0:5f:44:fa:ad:18:a1:
f3:dc:e1:be:88:e1:03:29:57:57:a4:4c:c4:39:3a:
67:dd:cf:67:f0:05:39:91:6f:ce:58:7d:a8:e6:1f:
5f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F5:B0:76:6C:86:60:F1:EA:FD:33:7F:10:D8:73:DA:D6:3F:EE:14
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mfWwdmyGYPHq_TN_ENhz2tY_7hQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:abf0::/44
2a0f:5707:b000::/40
Signature Algorithm: sha256WithRSAEncryption
16:8b:ec:85:ed:e4:ef:1c:49:ff:a1:bd:0f:bd:5e:4b:95:4d:
59:51:cb:a0:16:29:b2:06:e9:cb:84:e6:6c:97:9a:04:31:24:
d0:8c:33:52:12:a3:3b:c1:d7:6a:bf:6e:b0:ff:8c:5c:df:5e:
87:b3:8f:87:e9:13:78:8a:bb:0f:da:87:99:74:e7:17:04:bc:
ed:99:58:bd:be:b2:2e:55:bc:c2:86:72:99:03:e9:17:ff:38:
3d:ff:35:2d:89:de:49:82:64:c9:37:20:7d:04:37:74:b5:74:
4c:fb:a0:8c:ea:8d:3f:cf:0f:9e:f9:8c:a6:30:95:70:dc:9f:
7b:f5:a7:7b:cf:5b:2e:3c:78:cb:09:46:34:c1:ba:6a:ac:ec:
ec:74:79:ef:0f:4d:75:71:75:7b:41:d3:7d:c2:d3:0f:4b:44:
e3:86:15:57:c2:57:d3:2e:87:a2:35:28:bd:a7:0a:36:50:47:
6f:6b:a1:bf:0d:5a:85:08:e2:44:64:2c:61:12:a1:a0:08:f5:
c8:22:3d:0f:77:f4:c5:7e:5e:2c:94:e8:79:f1:e1:88:a7:04:
72:d8:79:4b:4d:0f:d0:f5:91:2f:da:8a:73:9b:ce:ba:da:20:
86:28:bd:da:81:11:de:55:1d:96:99:2d:58:1c:88:a8:23:98:
69:e6:25:4f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYVyuogcNrZeHgG7hH5a5nBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjMwMTAyMTM0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY1YjA3NjZjODY2MGYxZWFmZDMzN2YxMGQ4NzNkYWQ2M2ZlZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsF33ebmRw/TsLNHRR1sFq/g98Yg
Trrx1pQoazjGYAoKyR6+LJRQx7q8V/8FE0iJvud0NGb/GSclsb4xRm4qoJYPyPkb
58h+Vt0eZ9qs0YWsqkhZTC3+u2JogsUPMYrLi272s3w6FoxULdAonPrnFlDGsqgL
PMyhl+OJCiC8Jcxm60H3CxhzqJd8GvgKvx2v1CxXlMkluq5PGNhF+V61OjcOV0bJ
vPWFSNPzA1oe+nxu/kwmHtDhAIczWAh8jZ5okWQt6zwakettTU9a8Dql5ZvO6pFp
Xqmhv8BfRPqtGKHz3OG+iOEDKVdXpEzEOTpn3c9n8AU5kW/OWH2o5h9f2wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFJn1sHZshmDx6v0zfxDYc9rWP+4UMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvbWZXd2RteUdZUEhxX1ROX0VOaHoydFlfN2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKg9XB6vw
AwYAKg9XB7AwDQYJKoZIhvcNAQELBQADggEBABaL7IXt5O8cSf+hvQ+9XkuVTVlR
y6AWKbIG6cuE5myXmgQxJNCMM1ISozvB12q/brD/jFzfXoezj4fpE3iKuw/ah5l0
5xcEvO2ZWL2+si5VvMKGcpkD6Rf/OD3/NS2J3kmCZMk3IH0EN3S1dEz7oIzqjT/P
D575jKYwlXDcn3v1p3vPWy48eMsJRjTBumqs7Ox0ee8PTXVxdXtB033C0w9LROOG
FVfCV9Muh6I1KL2nCjZQR29rob8NWoUI4kRkLGESoaAI9cgiPQ939MV+XiyU6Hnx
4YinBHLYeUtND9D1kS/ainObzrraIIYovdqBEd5VHZaZLVgciKgjmGnmJU8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:22 2024 by rpki-client on console-ams.rpki-client.org