Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/CMpv0efkxvLpISnSs9MUGteGH38.roa
File: CMpv0efkxvLpISnSs9MUGteGH38.roa (raw, json)
Hash identifier: iXnD5T9EN+TEuxecetAQXSp6HHw1qBdj8cd+1QFOdvo=
Subject key identifier: 08:CA:6F:D1:E7:E4:C6:F2:E9:21:29:D2:B3:D3:14:1A:D7:86:1F:7F
Certificate issuer: /CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Certificate serial: 018CC725792C918D64C48E957028807BF5B6
Authority key identifier: FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/CMpv0efkxvLpISnSs9MUGteGH38.roa
Signing time: Mon 01 Jan 2024 22:29:31 +0000
ROA not before: Mon 01 Jan 2024 22:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206813
IP address blocks: 2001:bf7:1320::/44 maxlen: 48
2001:bf7:1310::/44 maxlen: 48
2001:bf7:170::/44 maxlen: 48
2001:bf7:1310::/48 maxlen: 48
2001:bf7:1315::/48 maxlen: 48
2001:bf7:1322::/48 maxlen: 48
2001:bf7:1314::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 27 Jan 2024 11:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:79:2c:91:8d:64:c4:8e:95:70:28:80:7b:f5:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff31492473a78c6fe9f539f9fa7d2252560a2b7e
Validity
Not Before: Jan 1 22:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08ca6fd1e7e4c6f2e92129d2b3d3141ad7861f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d7:0c:36:fd:0b:2f:af:48:7d:3d:bb:fa:b8:
7b:69:b4:8d:47:8a:f3:af:79:4d:19:30:a4:b8:25:
d1:a6:d2:3d:51:41:78:c8:cb:b9:73:ac:f5:9f:ee:
e4:a5:a9:ec:dd:92:04:24:77:e6:40:40:78:5b:f7:
7f:de:d4:34:a9:8c:6c:ac:c0:0f:79:1a:1a:f6:3f:
b8:81:d6:ee:be:34:19:12:e4:dd:a2:e3:67:13:63:
e9:6a:9b:7c:bf:00:bc:a0:53:18:12:54:70:10:d5:
a4:3d:56:2f:ca:b3:ef:c4:84:f2:e0:1f:c7:2d:64:
63:62:b9:7b:83:d2:2e:ad:9c:fe:37:ec:b2:83:a0:
b6:15:0b:2a:52:2e:48:c1:18:fb:4c:14:00:50:16:
9a:54:92:3b:ff:68:b2:71:30:19:0e:d9:0b:1d:72:
19:a8:11:77:d8:a6:06:19:22:9b:6e:cb:74:6d:36:
0f:f1:2e:b2:97:a7:ef:a1:74:10:14:bf:ca:01:f0:
12:55:ad:6d:a0:35:87:db:dd:72:11:cb:cf:8e:81:
b4:0a:16:95:81:cb:44:36:78:44:65:c8:67:e5:06:
27:79:7d:6d:7e:03:36:5b:c4:c9:49:2e:6f:e0:fc:
da:c2:8a:3b:53:eb:98:84:bd:28:4e:0a:04:04:64:
14:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CA:6F:D1:E7:E4:C6:F2:E9:21:29:D2:B3:D3:14:1A:D7:86:1F:7F
X509v3 Authority Key Identifier:
keyid:FF:31:49:24:73:A7:8C:6F:E9:F5:39:F9:FA:7D:22:52:56:0A:2B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_zFJJHOnjG_p9Tn5-n0iUlYKK34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/CMpv0efkxvLpISnSs9MUGteGH38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1b4105-3471-4592-bf07-73fd3bc19aa7/1/_zFJJHOnjG_p9Tn5-n0iUlYKK34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:bf7:170::/44
2001:bf7:1310::-2001:bf7:132f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0f:c2:2e:36:d7:ec:35:2b:66:7b:5a:34:9d:7a:e4:6e:d1:b3:
ed:3d:71:d0:67:b9:c4:e7:dd:36:c6:af:75:33:a8:c4:fa:29:
cc:39:8a:ec:83:a7:c0:bf:fe:8b:99:e6:f5:fd:91:de:95:3b:
87:cd:09:cd:17:7c:a7:08:0e:2b:a3:08:13:c6:5f:11:46:87:
7e:89:96:7d:f8:3b:3e:04:37:34:3a:93:53:6f:9c:98:26:42:
b2:a6:1a:31:72:dd:e5:3f:7a:f2:95:3f:08:63:19:13:29:67:
5c:e2:e3:a3:eb:6f:84:35:a8:b1:d7:90:39:50:ed:90:e2:a0:
64:3b:31:41:ce:fb:23:1e:75:52:6e:a8:87:e7:84:3b:11:39:
96:54:cc:76:2b:70:1d:00:74:cd:1a:62:a2:89:a9:9b:8f:4c:
c9:da:01:59:6b:ac:e6:3c:a4:32:69:d8:d0:d1:12:70:8c:3d:
58:f1:d5:67:46:74:66:a2:46:00:67:67:f3:a0:d8:c3:00:c9:
b9:f4:a1:06:e3:63:c4:8c:2a:dd:ca:8b:6d:12:67:ae:ac:03:
05:aa:28:1a:4f:0f:ef:ef:f4:04:96:5a:44:8c:3c:70:0e:93:
ce:07:31:45:5e:05:9a:f2:ce:24:8c:fd:fd:22:de:86:1b:16:
bb:47:f5:2e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzHJXkskY1kxI6VcCiAe/W2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMzE0OTI0NzNhNzhjNmZlOWY1MzlmOWZhN2QyMjUyNTYw
YTJiN2UwHhcNMjQwMTAxMjIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGNhNmZkMWU3ZTRjNmYyZTkyMTI5ZDJiM2QzMTQxYWQ3ODYxZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtcMNv0LL69IfT27+rh7abSNR4rz
r3lNGTCkuCXRptI9UUF4yMu5c6z1n+7kpans3ZIEJHfmQEB4W/d/3tQ0qYxsrMAP
eRoa9j+4gdbuvjQZEuTdouNnE2Ppapt8vwC8oFMYElRwENWkPVYvyrPvxITy4B/H
LWRjYrl7g9IurZz+N+yyg6C2FQsqUi5IwRj7TBQAUBaaVJI7/2iycTAZDtkLHXIZ
qBF32KYGGSKbbst0bTYP8S6yl6fvoXQQFL/KAfASVa1toDWH291yEcvPjoG0ChaV
gctENnhEZchn5QYneX1tfgM2W8TJSS5v4Pzawoo7U+uYhL0oTgoEBGQUawIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAjKb9Hn5Mby6SEp0rPTFBrXhh9/MB8GA1UdIwQY
MBaAFP8xSSRzp4xv6fU5+fp9IlJWCit+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDct
NzNmZDNiYzE5YWE3LzEvQ01wdjBlZmt4dkxwSVNuU3M5TVVHdGVHSDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYjQxMDUtMzQ3MS00NTkyLWJmMDctNzNmZDNiYzE5YWE3
LzEvX3pGSkpIT25qR19wOVRuNS1uMGlVbFlLSzM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcEIAEL9wFw
MBIDBwQgAQv3ExADBwQgAQv3EyAwDQYJKoZIhvcNAQELBQADggEBAA/CLjbX7DUr
ZntaNJ165G7Rs+09cdBnucTn3TbGr3UzqMT6Kcw5iuyDp8C//ouZ5vX9kd6VO4fN
Cc0XfKcIDiujCBPGXxFGh36Jln34Oz4ENzQ6k1NvnJgmQrKmGjFy3eU/evKVPwhj
GRMpZ1zi46Prb4Q1qLHXkDlQ7ZDioGQ7MUHO+yMedVJuqIfnhDsROZZUzHYrcB0A
dM0aYqKJqZuPTMnaAVlrrOY8pDJp2NDREnCMPVjx1WdGdGaiRgBnZ/Og2MMAybn0
oQbjY8SMKt3Ki20SZ66sAwWqKBpPD+/v9ASWWkSMPHAOk84HMUVeBZryziSM/f0i
3oYbFrtH9S4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:46 2024 by rpki-client on console-fra.rpki-client.org