Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/mTnpJfUrnJ4wv2FdahyCJecLYG0.roa
File: mTnpJfUrnJ4wv2FdahyCJecLYG0.roa (raw, json)
Hash identifier: sG2EBe5v2NbrXcivEJtefjYSQBuXrDyWQIwwKkw4sqA=
Subject key identifier: 99:39:E9:25:F5:2B:9C:9E:30:BF:61:5D:6A:1C:82:25:E7:0B:60:6D
Certificate issuer: /CN=5f0226a704cf620eb2000f27e7a919ce730991be
Certificate serial: 01899BABB1029AD096E97517565F23D16672
Authority key identifier: 5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/mTnpJfUrnJ4wv2FdahyCJecLYG0.roa
Signing time: Fri 28 Jul 2023 08:44:27 +0000
ROA not before: Fri 28 Jul 2023 08:44:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 2a0c:b840:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:ab:b1:02:9a:d0:96:e9:75:17:56:5f:23:d1:66:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f0226a704cf620eb2000f27e7a919ce730991be
Validity
Not Before: Jul 28 08:44:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9939e925f52b9c9e30bf615d6a1c8225e70b606d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6b:71:a8:68:58:a2:db:5a:56:bb:ee:e7:04:
90:dc:41:61:ff:73:49:60:65:ed:71:04:b7:a2:eb:
2a:f1:3b:92:8d:98:10:41:2a:1f:40:5e:99:f1:45:
35:5c:e4:04:2e:21:09:a0:1e:e4:17:dd:0f:b6:7a:
6e:a5:03:d4:44:57:8a:85:bc:bd:77:8c:ce:1e:25:
f3:1f:fa:55:37:05:a4:43:f5:67:9c:a6:39:9b:78:
5c:94:01:df:2a:3f:f2:f4:ce:84:43:88:f6:65:75:
e7:13:ac:ca:cb:94:b9:99:5b:2d:26:30:66:88:42:
3d:6f:b3:87:ae:f6:95:0c:58:42:58:19:8c:a8:86:
16:82:f9:a3:69:42:6e:f9:53:40:ed:8c:58:e9:1c:
14:c1:8a:b4:f6:ba:be:c6:3a:2a:e8:9f:77:65:85:
ed:a5:07:8c:72:61:74:fb:e0:84:73:74:9f:39:8a:
1b:bd:15:b1:2d:52:44:5c:96:d7:3d:25:b0:b3:9a:
dc:ee:96:fd:8b:80:2e:4d:40:6f:cc:1b:84:84:ca:
28:1b:dd:97:1f:9a:18:30:d2:2e:21:a9:1a:ca:f9:
45:4c:5d:03:93:d7:95:ed:c5:e7:5a:cf:97:87:19:
c8:c7:c0:76:1c:d8:68:4f:b3:bb:d2:29:3a:d6:2e:
6a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:39:E9:25:F5:2B:9C:9E:30:BF:61:5D:6A:1C:82:25:E7:0B:60:6D
X509v3 Authority Key Identifier:
keyid:5F:02:26:A7:04:CF:62:0E:B2:00:0F:27:E7:A9:19:CE:73:09:91:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwImpwTPYg6yAA8n56kZznMJkb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/mTnpJfUrnJ4wv2FdahyCJecLYG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/63efb8-bf24-48c2-8c50-75d9ce5b8d9c/1/XwImpwTPYg6yAA8n56kZznMJkb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:b840:2::/48
Signature Algorithm: sha256WithRSAEncryption
46:aa:2e:fd:d4:a2:33:92:c8:0f:f9:e7:bb:42:23:7b:3f:86:
bc:0c:ae:3d:6b:f6:ee:a9:01:df:81:ea:19:0f:5f:79:2a:fa:
d6:16:c8:a1:ca:d3:5b:d1:d3:b0:4f:81:47:61:f8:84:0d:21:
55:4f:25:22:3b:a0:d4:b6:15:e5:46:4a:62:ea:e1:76:47:bd:
51:02:06:9e:e1:13:6f:36:bd:2c:a5:b4:ee:3a:f3:ae:f8:b6:
8d:6b:2d:f8:7a:39:a1:0a:54:e2:b9:d2:ae:7b:d6:5f:3a:3e:
fc:6d:de:1a:5a:db:72:0c:14:78:e9:87:39:48:6b:a4:cf:da:
76:8a:97:fd:c2:52:73:f5:37:f8:33:7b:54:3e:e0:f7:55:ce:
fa:cb:37:9d:dd:8c:f4:dd:f4:11:de:a2:02:6a:67:60:59:ea:
21:97:72:0a:c8:a8:29:b0:51:60:dd:bc:a7:42:b7:9e:27:f4:
de:2d:29:df:5f:da:0e:9d:5c:a1:0e:0e:45:50:1a:fd:b4:4e:
cd:85:93:2f:86:a8:b3:8e:92:7b:16:eb:31:65:0b:dd:b7:78:
fe:08:5a:b2:52:62:ac:02:0f:49:be:69:39:c5:dd:2b:f6:11:
4e:a8:15:9e:a6:b7:87:17:76:22:84:c5:c0:71:a6:60:2b:a7:
4a:d2:12:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYmbq7ECmtCW6XUXVl8j0WZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDIyNmE3MDRjZjYyMGViMjAwMGYyN2U3YTkxOWNlNzMw
OTkxYmUwHhcNMjMwNzI4MDg0NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTM5ZTkyNWY1MmI5YzllMzBiZjYxNWQ2YTFjODIyNWU3MGI2MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmtxqGhYottaVrvu5wSQ3EFh/3NJ
YGXtcQS3ousq8TuSjZgQQSofQF6Z8UU1XOQELiEJoB7kF90PtnpupQPURFeKhby9
d4zOHiXzH/pVNwWkQ/VnnKY5m3hclAHfKj/y9M6EQ4j2ZXXnE6zKy5S5mVstJjBm
iEI9b7OHrvaVDFhCWBmMqIYWgvmjaUJu+VNA7YxY6RwUwYq09rq+xjoq6J93ZYXt
pQeMcmF0++CEc3SfOYobvRWxLVJEXJbXPSWws5rc7pb9i4AuTUBvzBuEhMooG92X
H5oYMNIuIakayvlFTF0Dk9eV7cXnWs+XhxnIx8B2HNhoT7O70ik61i5q6wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJk56SX1K5yeML9hXWocgiXnC2BtMB8GA1UdIwQY
MBaAFF8CJqcEz2IOsgAPJ+epGc5zCZG+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdJbXB3VFBZZzZ5QUE4bjU2a1p6bk1Ka2I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC82M2VmYjgtYmYyNC00OGMyLThjNTAt
NzVkOWNlNWI4ZDljLzEvbVRucEpmVXJuSjR3djJGZGFoeUNKZWNMWUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC82M2VmYjgtYmYyNC00OGMyLThjNTAtNzVkOWNlNWI4ZDlj
LzEvWHdJbXB3VFBZZzZ5QUE4bjU2a1p6bk1Ka2I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgy4QAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBGqi791KIzksgP+ee7QiN7P4a8DK49a/buqQHf
geoZD195KvrWFsihytNb0dOwT4FHYfiEDSFVTyUiO6DUthXlRkpi6uF2R71RAgae
4RNvNr0spbTuOvOu+LaNay34ejmhClTiudKue9ZfOj78bd4aWttyDBR46Yc5SGuk
z9p2ipf9wlJz9Tf4M3tUPuD3Vc76yzed3Yz03fQR3qICamdgWeohl3IKyKgpsFFg
3bynQreeJ/TeLSnfX9oOnVyhDg5FUBr9tE7NhZMvhqizjpJ7FusxZQvdt3j+CFqy
UmKsAg9Jvmk5xd0r9hFOqBWepreHF3YihMXAcaZgK6dK0hIH
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:32 2024 by rpki-client on console-fra.rpki-client.org