Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mbDiVbC5k8eBOZvyWjzuU3DQmy8.roa
File: mbDiVbC5k8eBOZvyWjzuU3DQmy8.roa (raw, json)
Hash identifier: dE4uICipW0H5uy4dBG9OPfuAVvdvqeT1jRZ+slp303A=
Subject key identifier: 99:B0:E2:55:B0:B9:93:C7:81:39:9B:F2:5A:3C:EE:53:70:D0:9B:2F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01903F09560A5702F4B49F6C0E2FBFA0ABCF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mbDiVbC5k8eBOZvyWjzuU3DQmy8.roa
Signing time: Sat 22 Jun 2024 08:21:34 +0000
ROA not before: Sat 22 Jun 2024 08:21:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 2a0e:5800::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a11:3500::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 25 Jun 2024 13:45:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:3f:09:56:0a:57:02:f4:b4:9f:6c:0e:2f:bf:a0:ab:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 22 08:21:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99b0e255b0b993c781399bf25a3cee5370d09b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0e:15:ac:a0:7a:96:56:c5:4d:dd:06:dc:d6:
c4:6c:5d:10:ab:ae:48:05:06:e8:76:9c:2c:6d:9c:
bb:4e:9c:2d:62:2f:76:d7:39:15:b8:34:97:c6:b2:
22:21:ac:8b:08:1e:cf:bd:78:bb:87:dd:81:f7:52:
16:52:5a:c1:68:be:4c:78:55:cc:46:69:70:28:53:
46:d5:6e:8c:7d:a6:50:2f:2e:dd:06:94:d5:c3:63:
6c:4d:40:2a:d7:60:e5:32:64:84:cd:db:1e:ca:9e:
e6:25:23:16:fe:14:57:5f:2f:86:83:bc:bd:9b:f4:
22:a7:74:c9:01:23:af:75:73:91:dc:e4:89:84:c8:
60:32:1e:34:9e:da:29:29:e0:f8:18:f9:a2:b3:aa:
ec:00:5b:cd:b7:23:0d:16:ce:0a:7d:b5:54:07:99:
f6:8a:dd:e7:60:05:f7:e1:d9:ec:76:2a:46:6c:d3:
d4:3b:b5:71:d6:81:67:26:ed:7c:b2:14:06:a8:8e:
83:1f:7a:68:f9:3a:fa:d7:1d:7f:86:59:a0:4f:73:
30:12:cf:1b:98:24:79:e7:68:e7:9d:ee:ee:89:ec:
ec:4f:18:3b:66:35:f8:f9:4f:fc:26:51:c3:7a:0a:
5f:33:74:2a:43:39:b2:96:9a:f9:1b:99:7a:68:de:
fc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B0:E2:55:B0:B9:93:C7:81:39:9B:F2:5A:3C:EE:53:70:D0:9B:2F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/mbDiVbC5k8eBOZvyWjzuU3DQmy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5800::/29
2a0f:2500::/29
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
b6:49:24:d5:42:c3:38:b5:33:0e:fc:b7:3d:d2:d3:53:fa:8a:
7e:38:c3:92:5e:7a:5c:fa:32:e6:53:3d:14:65:86:00:d6:4d:
93:e6:18:26:ec:47:3c:e6:3c:bb:6d:0c:e2:12:ca:f4:77:05:
82:d0:c0:90:e7:9e:2e:94:c8:69:55:f5:22:a2:40:0e:10:14:
60:12:f8:a2:da:2c:04:6a:36:77:2b:40:9c:f1:ce:cc:5f:d0:
c1:a4:21:a4:9d:70:02:7f:13:fa:a4:68:56:12:b9:04:d7:11:
8a:ee:78:3e:3b:81:37:d8:90:4a:0e:72:03:b7:89:5c:ba:59:
9a:06:34:6c:e1:32:12:80:65:45:a1:41:c6:1d:1e:cd:bf:90:
a8:76:0f:7f:ae:e9:28:26:34:ce:bb:2c:62:48:5d:b8:82:c8:
34:41:70:7e:95:c1:f4:3d:b4:6c:a9:34:37:49:0f:cf:2e:93:
77:2a:bf:f2:a8:55:db:a9:da:09:8b:bd:56:f5:84:4b:2f:25:
ae:c5:3a:00:48:6f:fc:d1:9d:2b:26:0d:fd:c5:10:20:e6:e8:
94:e3:c7:24:48:38:68:e8:0b:10:68:6a:d8:f6:e8:50:7c:79:
73:9f:ec:35:7d:36:30:32:52:ba:8f:d8:29:17:f1:11:09:3a:
1e:7d:df:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZA/CVYKVwL0tJ9sDi+/oKvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNjIyMDgyMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWIwZTI1NWIwYjk5M2M3ODEzOTliZjI1YTNjZWU1MzcwZDA5YjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2w4VrKB6llbFTd0G3NbEbF0Qq65I
BQbodpwsbZy7TpwtYi921zkVuDSXxrIiIayLCB7PvXi7h92B91IWUlrBaL5MeFXM
RmlwKFNG1W6MfaZQLy7dBpTVw2NsTUAq12DlMmSEzdseyp7mJSMW/hRXXy+Gg7y9
m/Qip3TJASOvdXOR3OSJhMhgMh40ntopKeD4GPmis6rsAFvNtyMNFs4KfbVUB5n2
it3nYAX34dnsdipGbNPUO7Vx1oFnJu18shQGqI6DH3po+Tr61x1/hlmgT3MwEs8b
mCR552jnne7uiezsTxg7ZjX4+U/8JlHDegpfM3QqQzmylpr5G5l6aN78GwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJmw4lWwuZPHgTmb8lo87lNw0JsvMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbWJEaVZiQzVrOGVCT1p2eVdqenVVM0RRbXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5YAAMF
AyoPJQADBQMqETUAMA0GCSqGSIb3DQEBCwUAA4IBAQC2SSTVQsM4tTMO/Lc90tNT
+op+OMOSXnpc+jLmUz0UZYYA1k2T5hgm7Ec85jy7bQziEsr0dwWC0MCQ554ulMhp
VfUiokAOEBRgEvii2iwEajZ3K0Cc8c7MX9DBpCGknXACfxP6pGhWErkE1xGK7ng+
O4E32JBKDnIDt4lculmaBjRs4TISgGVFoUHGHR7Nv5Codg9/rukoJjTOuyxiSF24
gsg0QXB+lcH0PbRsqTQ3SQ/PLpN3Kr/yqFXbqdoJi71W9YRLLyWuxToASG/80Z0r
Jg39xRAg5uiU48ckSDho6AsQaGrY9uhQfHlzn+w1fTYwMlK6j9gpF/ERCToefd9x
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:13:18 2025 by rpki-client