Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mlV6ANW11Ti1wd5g4Dm0vWBzYlY.roa
File: mlV6ANW11Ti1wd5g4Dm0vWBzYlY.roa (raw, json)
Hash identifier: okKRojT7/3KyyMkrpsK7AlmKwxAMiTqUwi9ZedLnaUU=
Subject key identifier: 9A:55:7A:00:D5:B5:D5:38:B5:C1:DE:60:E0:39:B4:BD:60:73:62:56
Certificate issuer: /CN=4a644c1156851803f37adeec0876ccf989d5aef0
Certificate serial: 01939C689FD7B1583F3FFC527C2237F6EF87
Authority key identifier: 4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mlV6ANW11Ti1wd5g4Dm0vWBzYlY.roa
Signing time: Fri 06 Dec 2024 14:38:42 +0000
ROA not before: Fri 06 Dec 2024 14:38:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139589
IP address blocks: 2a0f:5707:ac00::/44 maxlen: 48
2a0f:5707:ac00::/48 maxlen: 48
2a0f:5707:ac01::/48 maxlen: 48
2a0f:5707:ac02::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9c:68:9f:d7:b1:58:3f:3f:fc:52:7c:22:37:f6:ef:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a644c1156851803f37adeec0876ccf989d5aef0
Validity
Not Before: Dec 6 14:38:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a557a00d5b5d538b5c1de60e039b4bd60736256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e3:7a:5f:70:ec:07:5f:58:00:e2:09:4c:cc:
fd:40:8d:91:68:4d:94:55:2f:97:d4:22:26:10:45:
f4:04:df:c3:1e:00:c7:9a:94:1f:7a:63:d0:eb:d7:
fe:33:9e:ba:d9:59:7c:0c:7f:32:36:df:5f:72:b9:
64:42:87:5f:0e:2b:a2:e4:91:69:41:e6:1c:ca:31:
a4:f2:85:49:26:8f:73:d1:ce:3e:60:a4:61:27:70:
eb:9b:83:a9:c5:bb:e8:5f:06:ae:b0:67:8f:70:76:
99:a2:ac:88:9b:a1:04:ac:89:21:62:d0:d5:7d:32:
06:04:91:33:a5:89:cc:81:61:24:8c:cc:65:00:af:
d5:1d:8e:d1:67:f9:a4:36:6d:65:7a:9a:0a:2a:45:
8f:9f:ce:f1:df:7d:08:37:55:67:f2:dd:d4:1a:6b:
49:2f:d1:c2:be:bd:f3:31:a6:ba:8b:b7:4e:ef:fd:
6d:3d:cc:89:0d:d5:a7:93:a9:63:2d:fe:aa:53:38:
f2:13:69:f8:28:04:e1:f6:2f:37:5a:75:1b:79:08:
e5:e4:9c:e3:2b:69:6b:fa:dc:9e:eb:49:82:31:53:
40:23:76:9b:7b:2d:62:4d:fd:df:49:57:3a:05:b0:
04:8c:74:64:c4:7c:dc:de:2b:52:e4:84:8f:e2:bb:
a1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:55:7A:00:D5:B5:D5:38:B5:C1:DE:60:E0:39:B4:BD:60:73:62:56
X509v3 Authority Key Identifier:
keyid:4A:64:4C:11:56:85:18:03:F3:7A:DE:EC:08:76:CC:F9:89:D5:AE:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SmRMEVaFGAPzet7sCHbM-YnVrvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/mlV6ANW11Ti1wd5g4Dm0vWBzYlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/6b0798-3d4f-40e6-b739-cc1c9b5f6640/1/SmRMEVaFGAPzet7sCHbM-YnVrvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5707:ac00::/44
Signature Algorithm: sha256WithRSAEncryption
ae:32:cc:9c:b5:ed:43:d1:87:a9:66:28:92:ae:8d:90:0f:c0:
78:47:18:77:14:42:c8:8b:fe:28:d5:39:35:c5:01:21:97:e7:
16:39:15:c1:d1:0e:23:50:33:a7:b2:5e:24:72:b7:5b:78:3b:
d7:4a:40:fd:b4:a4:41:b6:4c:0f:75:d7:6c:44:58:55:be:0b:
9d:8d:9e:13:50:4e:fe:16:63:08:fe:a3:52:63:6f:5f:27:56:
13:0f:db:48:66:e5:7b:32:fa:d2:5b:fb:24:f7:4a:be:b4:b3:
61:5e:dd:be:39:e1:0e:ac:b7:38:0c:05:1d:11:ca:69:b9:93:
36:24:19:9d:b0:33:d1:f7:5c:e7:6b:eb:e4:c3:ff:75:ad:53:
7c:5f:7c:5d:3d:a5:eb:5d:c2:2a:69:6f:a8:15:36:0e:61:e6:
02:f2:cf:a7:35:30:ae:fc:87:40:f8:6f:6b:6d:e1:04:70:cb:
64:80:05:64:35:f9:26:7c:f4:77:ef:63:f7:f3:89:16:5d:34:
70:cc:ca:99:a3:3b:85:3c:e2:37:93:16:ac:1d:a8:de:42:ed:
11:86:93:d0:2d:73:8e:99:86:a2:7e:40:c8:7a:91:a0:e7:b6:
d4:ed:21:33:91:50:26:f6:50:c4:ba:65:af:26:89:bc:5d:9f:
5c:45:d3:a2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZOcaJ/XsVg/P/xSfCI39u+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNjQ0YzExNTY4NTE4MDNmMzdhZGVlYzA4NzZjY2Y5ODlk
NWFlZjAwHhcNMjQxMjA2MTQzODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTU1N2EwMGQ1YjVkNTM4YjVjMWRlNjBlMDM5YjRiZDYwNzM2MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreN6X3DsB19YAOIJTMz9QI2RaE2U
VS+X1CImEEX0BN/DHgDHmpQfemPQ69f+M5662Vl8DH8yNt9fcrlkQodfDiui5JFp
QeYcyjGk8oVJJo9z0c4+YKRhJ3Drm4OpxbvoXwausGePcHaZoqyIm6EErIkhYtDV
fTIGBJEzpYnMgWEkjMxlAK/VHY7RZ/mkNm1lepoKKkWPn87x330IN1Vn8t3UGmtJ
L9HCvr3zMaa6i7dO7/1tPcyJDdWnk6ljLf6qUzjyE2n4KATh9i83WnUbeQjl5Jzj
K2lr+tye60mCMVNAI3abey1iTf3fSVc6BbAEjHRkxHzc3itS5ISP4ruhMwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJpVegDVtdU4tcHeYOA5tL1gc2JWMB8GA1UdIwQY
MBaAFEpkTBFWhRgD83re7Ah2zPmJ1a7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3Mzkt
Y2MxYzliNWY2NjQwLzEvbWxWNkFOVzExVGkxd2Q1ZzREbTB2V0J6WWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS82YjA3OTgtM2Q0Zi00MGU2LWI3MzktY2MxYzliNWY2NjQw
LzEvU21STUVWYUZHQVB6ZXQ3c0NIYk0tWW5WcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg9XB6wA
MA0GCSqGSIb3DQEBCwUAA4IBAQCuMsycte1D0YepZiiSro2QD8B4Rxh3FELIi/4o
1Tk1xQEhl+cWORXB0Q4jUDOnsl4kcrdbeDvXSkD9tKRBtkwPdddsRFhVvgudjZ4T
UE7+FmMI/qNSY29fJ1YTD9tIZuV7MvrSW/sk90q+tLNhXt2+OeEOrLc4DAUdEcpp
uZM2JBmdsDPR91zna+vkw/91rVN8X3xdPaXrXcIqaW+oFTYOYeYC8s+nNTCu/IdA
+G9rbeEEcMtkgAVkNfkmfPR372P384kWXTRwzMqZozuFPOI3kxasHajeQu0RhpPQ
LXOOmYaifkDIepGg57bU7SEzkVAm9lDEumWvJom8XZ9cRdOi
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:46:43 2025 by rpki-client