Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/MCx4ZNxUIJwoL_i6av6HXBIF-dA.roa
File: MCx4ZNxUIJwoL_i6av6HXBIF-dA.roa (raw, json)
Hash identifier: sxh0s+yGrwfg8BkuSMgK8IuzsWClR0sJWRkKYvrzlnk=
Subject key identifier: 30:2C:78:64:DC:54:20:9C:28:2F:F8:BA:6A:FE:87:5C:12:05:F9:D0
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 019408C20044651018D14990DE11044E07C1
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/MCx4ZNxUIJwoL_i6av6HXBIF-dA.roa
Signing time: Fri 27 Dec 2024 15:35:19 +0000
ROA not before: Fri 27 Dec 2024 15:35:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 2a11:b787::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:c2:00:44:65:10:18:d1:49:90:de:11:04:4e:07:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Dec 27 15:35:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=302c7864dc54209c282ff8ba6afe875c1205f9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:70:6a:2d:61:19:04:2f:51:4c:c3:ee:35:b0:
7d:c7:12:c1:d3:f7:8c:6a:1a:72:ca:d2:5f:fa:2d:
45:0b:b8:0b:f2:ad:ed:8e:fc:8f:fc:d7:10:a7:52:
10:7f:40:79:4a:15:24:8d:cc:71:00:e8:c9:32:d2:
4b:1d:15:28:21:e3:a4:a5:c6:bc:7d:7c:3a:02:8a:
17:8c:71:c2:62:63:f6:b3:81:95:4a:04:43:43:ef:
21:d3:40:76:80:af:c4:81:4b:22:1d:4b:35:b9:6d:
b0:4a:99:68:ae:cc:1f:68:b3:29:4f:58:88:9f:87:
81:b7:93:69:3d:36:10:24:1e:c8:ac:c0:b4:33:f7:
0a:77:6a:fe:d6:bd:5d:5c:dc:de:7d:26:1d:c2:03:
21:0b:8e:eb:69:65:15:4a:fb:7e:20:ba:4f:86:1a:
a8:26:cb:b6:34:99:79:40:eb:a8:89:9d:ae:01:ed:
f6:ab:4d:ee:8c:73:e9:6b:55:75:eb:25:69:f8:e9:
b5:1d:d0:3f:42:48:f2:7c:4b:2a:6b:d4:e7:40:b2:
46:fb:59:c3:9d:3a:ca:1e:7c:d2:47:3d:50:44:8b:
af:b3:90:f6:ac:aa:6e:3c:92:cb:2c:13:87:b3:09:
9f:6b:cb:25:a7:8b:7b:49:c4:6e:bc:9f:53:b6:2f:
5b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2C:78:64:DC:54:20:9C:28:2F:F8:BA:6A:FE:87:5C:12:05:F9:D0
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/MCx4ZNxUIJwoL_i6av6HXBIF-dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b787::/32
Signature Algorithm: sha256WithRSAEncryption
29:98:41:e8:44:18:5b:c3:5b:d8:ed:40:1a:24:d0:c6:cf:e2:
f9:30:0a:66:5a:2e:32:a1:3b:bb:7e:46:67:8f:9e:d6:67:66:
d3:74:bf:b7:29:83:46:99:cf:fc:49:79:96:70:42:82:a3:77:
46:f2:d8:25:41:5f:f7:ad:b7:03:68:f5:89:54:77:e5:d0:6a:
85:41:55:20:d9:52:12:44:7c:bc:72:19:cf:dc:ed:6e:91:fb:
27:0a:fc:36:ac:22:d9:20:9b:99:83:bd:c6:da:d7:39:e2:39:
2b:83:58:d4:1f:0c:8e:ff:29:f2:5c:d9:2c:10:7d:b9:bc:66:
42:50:5f:0f:a0:90:66:bd:43:1f:8e:e0:49:63:c9:f5:b1:10:
65:3b:c7:20:c8:49:2f:8c:a2:8a:5e:27:c4:0c:15:a6:1d:b8:
f5:53:7f:b3:38:1b:dd:8a:81:cd:97:96:67:a3:4e:fc:2b:f7:
b2:7b:20:9b:15:1e:26:14:2e:eb:20:e9:6a:1c:65:a9:21:ea:
f3:8a:68:24:91:21:f0:d7:cb:6b:65:b8:24:81:32:35:b0:b3:
e2:76:23:40:46:4f:d9:e7:1b:d6:74:31:41:62:c8:17:30:70:
3e:f3:cb:b3:37:1b:ac:95:8a:9e:7c:56:08:59:60:44:93:48:
d7:c2:20:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQIwgBEZRAY0UmQ3hEETgfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjQxMjI3MTUzNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDJjNzg2NGRjNTQyMDljMjgyZmY4YmE2YWZlODc1YzEyMDVmOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXBqLWEZBC9RTMPuNbB9xxLB0/eM
ahpyytJf+i1FC7gL8q3tjvyP/NcQp1IQf0B5ShUkjcxxAOjJMtJLHRUoIeOkpca8
fXw6AooXjHHCYmP2s4GVSgRDQ+8h00B2gK/EgUsiHUs1uW2wSplorswfaLMpT1iI
n4eBt5NpPTYQJB7IrMC0M/cKd2r+1r1dXNzefSYdwgMhC47raWUVSvt+ILpPhhqo
Jsu2NJl5QOuoiZ2uAe32q03ujHPpa1V16yVp+Om1HdA/QkjyfEsqa9TnQLJG+1nD
nTrKHnzSRz1QRIuvs5D2rKpuPJLLLBOHswmfa8slp4t7ScRuvJ9Tti9bxQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDAseGTcVCCcKC/4umr+h1wSBfnQMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvTUN4NFpOeFVJSndvTF9pNmF2NkhYQklGLWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhG3hzAN
BgkqhkiG9w0BAQsFAAOCAQEAKZhB6EQYW8Nb2O1AGiTQxs/i+TAKZlouMqE7u35G
Z4+e1mdm03S/tymDRpnP/El5lnBCgqN3RvLYJUFf9623A2j1iVR35dBqhUFVINlS
EkR8vHIZz9ztbpH7Jwr8Nqwi2SCbmYO9xtrXOeI5K4NY1B8Mjv8p8lzZLBB9ubxm
QlBfD6CQZr1DH47gSWPJ9bEQZTvHIMhJL4yiil4nxAwVph249VN/szgb3YqBzZeW
Z6NO/Cv3snsgmxUeJhQu6yDpahxlqSHq84poJJEh8NfLa2W4JIEyNbCz4nYjQEZP
2ecb1nQxQWLIFzBwPvPLszcbrJWKnnxWCFlgRJNI18IgxQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 02:36:56 2025 by rpki-client