Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/MHIw5qu2jqjGztdFAZQpnZP7y7M.roa
File: MHIw5qu2jqjGztdFAZQpnZP7y7M.roa (raw, json)
Hash identifier: JzxVeuS+kekgyGeddDM+tcZfsKxl7K1dE3pnD07cRrw=
Subject key identifier: 30:72:30:E6:AB:B6:8E:A8:C6:CE:D7:45:01:94:29:9D:93:FB:CB:B3
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 01946A00D3C9D8554121C193AE21D5C70EFA
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/MHIw5qu2jqjGztdFAZQpnZP7y7M.roa
Signing time: Wed 15 Jan 2025 12:47:06 +0000
ROA not before: Wed 15 Jan 2025 12:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 918
IP address blocks: 2a0e:1c80:b::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 18 Jan 2025 13:40:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6a:00:d3:c9:d8:55:41:21:c1:93:ae:21:d5:c7:0e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Jan 15 12:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=307230e6abb68ea8c6ced7450194299d93fbcbb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e9:97:b2:78:23:14:49:19:46:bd:b6:14:c0:
6e:fe:b1:11:ef:94:5a:c3:5c:06:91:da:38:38:a7:
c7:64:3e:19:8c:03:39:96:44:83:fc:ca:40:07:74:
42:82:8d:85:74:05:ae:ab:82:28:18:90:f8:5a:3d:
e8:f9:80:b6:cd:99:0f:cd:d0:1b:46:3b:7d:3e:93:
33:83:9e:ab:3e:6e:b0:05:9e:07:12:b8:92:74:c5:
95:4f:a3:99:aa:34:c8:b2:c8:9e:7e:5d:56:67:8e:
4a:a4:48:86:e8:19:8d:f7:87:1c:3e:63:4f:62:37:
cd:01:14:46:30:1f:e3:e5:fd:11:db:fd:45:22:2b:
f8:9b:73:e8:0c:a1:71:17:f9:96:2f:e9:6a:a5:39:
95:8a:38:87:66:5e:50:7a:d8:d4:74:1e:c1:b0:cb:
b2:25:25:18:03:40:b1:dc:b1:33:83:69:fd:dd:74:
10:68:98:9c:ed:76:cf:25:eb:f6:e5:ae:68:d1:b0:
3a:b7:ca:38:20:ce:8c:a7:d4:93:cc:fa:21:37:50:
85:2b:71:92:8b:21:ed:78:ad:bb:ed:ab:d8:91:d5:
20:01:9b:ae:3b:6c:da:fe:de:a6:62:b7:c0:60:6c:
8d:72:99:cc:de:7b:8a:e9:13:42:aa:4c:8c:65:1b:
a0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:72:30:E6:AB:B6:8E:A8:C6:CE:D7:45:01:94:29:9D:93:FB:CB:B3
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/MHIw5qu2jqjGztdFAZQpnZP7y7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:b::/48
Signature Algorithm: sha256WithRSAEncryption
41:30:7b:21:74:90:8c:f6:dd:01:76:48:68:4e:1c:19:08:2c:
0c:06:58:ea:da:12:42:7a:72:b1:c4:64:46:5c:8f:01:c7:47:
f2:ae:bf:ed:cd:60:f6:3f:a2:c3:63:ad:71:2f:31:71:ef:cd:
19:19:f4:a7:70:c3:1c:32:09:17:c0:c2:2b:5c:06:77:bc:cf:
36:dd:14:c7:38:14:35:e6:1a:a8:19:02:da:97:0a:5b:ed:ac:
41:2b:6a:5e:7c:17:60:1b:ed:fe:39:7b:13:ba:23:13:54:b4:
63:7b:76:1c:6f:55:80:c0:8f:64:22:cc:05:de:1b:12:38:b2:
3c:38:2d:63:88:a4:1e:9c:f1:10:af:5b:c5:d5:d7:38:cf:c9:
7f:e8:4b:d5:c5:19:7d:54:59:22:46:74:c8:cd:78:0b:3d:7a:
38:74:bf:f5:46:43:ea:a1:e3:6d:31:c1:5e:bb:5e:08:45:17:
2a:af:b5:c1:c7:51:fc:0d:89:8d:9b:e1:ef:e9:81:d3:a5:c1:
33:27:b0:de:a7:4c:10:8c:7a:1d:c2:b5:68:97:96:84:af:0c:
c9:06:99:2c:53:21:b4:23:20:60:61:c2:f9:65:22:75:0f:e0:
f1:98:61:9b:db:5e:96:cf:93:7e:df:6f:f8:98:bd:d4:66:b6:
f9:67:28:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZRqANPJ2FVBIcGTriHVxw76MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjUwMTE1MTI0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDcyMzBlNmFiYjY4ZWE4YzZjZWQ3NDUwMTk0Mjk5ZDkzZmJjYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOmXsngjFEkZRr22FMBu/rER75Ra
w1wGkdo4OKfHZD4ZjAM5lkSD/MpAB3RCgo2FdAWuq4IoGJD4Wj3o+YC2zZkPzdAb
Rjt9PpMzg56rPm6wBZ4HEriSdMWVT6OZqjTIssiefl1WZ45KpEiG6BmN94ccPmNP
YjfNARRGMB/j5f0R2/1FIiv4m3PoDKFxF/mWL+lqpTmVijiHZl5QetjUdB7BsMuy
JSUYA0Cx3LEzg2n93XQQaJic7XbPJev25a5o0bA6t8o4IM6Mp9STzPohN1CFK3GS
iyHteK277avYkdUgAZuuO2za/t6mYrfAYGyNcpnM3nuK6RNCqkyMZRugcwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDByMOarto6oxs7XRQGUKZ2T+8uzMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvTUhJdzVxdTJqcWpHenRkRkFaUXBuWlA3eTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cgAAL
MA0GCSqGSIb3DQEBCwUAA4IBAQBBMHshdJCM9t0BdkhoThwZCCwMBljq2hJCenKx
xGRGXI8Bx0fyrr/tzWD2P6LDY61xLzFx780ZGfSncMMcMgkXwMIrXAZ3vM823RTH
OBQ15hqoGQLalwpb7axBK2pefBdgG+3+OXsTuiMTVLRje3Ycb1WAwI9kIswF3hsS
OLI8OC1jiKQenPEQr1vF1dc4z8l/6EvVxRl9VFkiRnTIzXgLPXo4dL/1RkPqoeNt
McFeu14IRRcqr7XBx1H8DYmNm+Hv6YHTpcEzJ7Dep0wQjHodwrVol5aErwzJBpks
UyG0IyBgYcL5ZSJ1D+DxmGGb216Wz5N+32/4mL3UZrb5ZyiL
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:29:48 2025 by rpki-client