Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/MHxVL6l252Hwaisw173l4ceZBF4.roa
File: MHxVL6l252Hwaisw173l4ceZBF4.roa (raw, json)
Hash identifier: tFyGbJL0WcXFyan3HvqlbqwLJqyDZkc7epVS4HEXyOc=
Subject key identifier: 30:7C:55:2F:A9:76:E7:61:F0:6A:2B:30:D7:BD:E5:E1:C7:99:04:5E
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 01961411C09E81B9C467137690F77C1EE31E
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/MHxVL6l252Hwaisw173l4ceZBF4.roa
Signing time: Tue 08 Apr 2025 06:23:49 +0000
ROA not before: Tue 08 Apr 2025 06:23:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a11:7682::/32 maxlen: 32
2a11:b780::/32 maxlen: 32
2a11:b785::/32 maxlen: 32
2a11:c441::/32 maxlen: 32
2a11:cd02::/32 maxlen: 32
2a11:d082::/32 maxlen: 32
2a12:4c06::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 08 Apr 2025 18:16:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:11:c0:9e:81:b9:c4:67:13:76:90:f7:7c:1e:e3:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Apr 8 06:23:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=307c552fa976e761f06a2b30d7bde5e1c799045e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6c:3e:c5:af:6c:2b:f8:e2:ab:0c:ff:db:82:
24:88:d7:bb:7e:6f:4f:2e:88:df:dc:d9:95:ea:86:
70:93:e2:56:f9:cb:e8:34:e0:2f:d0:b8:4b:07:d4:
e0:cc:7a:37:09:11:a8:76:10:3b:72:40:a2:b1:10:
8d:7a:ee:2d:24:a8:7f:39:c5:1f:ef:cd:fb:05:a0:
61:88:08:ed:1c:9f:f5:10:01:b5:c8:f3:f5:4f:c3:
c8:fd:02:3d:5d:8b:15:a6:cd:c8:76:a1:79:49:ed:
a7:d6:ef:96:93:f1:bc:fa:0f:f8:de:ca:09:19:d5:
8b:84:aa:5a:32:fe:9f:d2:6b:8c:06:61:f8:1f:38:
9b:49:98:2d:24:e8:46:70:c3:50:fa:da:14:5b:c3:
a6:9e:82:56:e4:5c:8e:b7:fd:b0:0c:09:87:a2:4e:
d7:30:61:ea:fc:8a:35:2f:40:74:8c:f1:d7:5d:e2:
c6:39:04:95:ff:9f:c8:2d:11:41:9c:72:03:55:34:
c2:68:89:14:37:cf:3a:63:a5:91:2d:a8:e2:5c:18:
09:af:5f:6a:b1:1b:19:ca:60:2b:73:a2:af:06:9a:
1d:03:b7:22:02:60:c7:4c:ca:eb:58:63:38:aa:8e:
50:10:4b:03:33:34:5d:4b:24:8f:36:15:ea:e8:da:
12:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7C:55:2F:A9:76:E7:61:F0:6A:2B:30:D7:BD:E5:E1:C7:99:04:5E
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/MHxVL6l252Hwaisw173l4ceZBF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:7682::/32
2a11:b780::/32
2a11:b785::/32
2a11:c441::/32
2a11:cd02::/32
2a11:d082::/32
2a12:4c06::/32
Signature Algorithm: sha256WithRSAEncryption
a0:bc:ef:c8:06:4e:2c:bf:82:f9:35:77:e4:80:cf:c3:e6:4a:
57:d1:bb:b3:64:1f:6c:ca:00:fe:6f:eb:a8:66:47:aa:1f:ed:
19:d4:35:5a:9c:c2:5a:93:4d:e9:55:1b:03:8a:a9:18:9c:1e:
28:16:c2:17:14:10:6f:be:2a:76:4c:bf:3f:84:f8:ed:c5:dc:
5e:f4:37:ab:38:43:7b:e6:af:fd:b4:c9:f7:34:f5:ed:79:19:
d8:7e:5e:a6:20:ab:4d:bf:ea:ea:7e:af:b9:19:53:55:32:c2:
e4:77:ef:c8:10:4a:c9:06:d9:7b:b4:d7:52:19:7d:d9:d5:e6:
d7:a8:a8:1b:ff:a7:e1:2d:73:8f:7a:44:36:2d:f3:97:49:26:
e0:82:24:30:ec:e2:d1:6d:90:c6:6a:ab:54:e2:bf:15:14:ef:
e4:92:69:7e:5d:1c:47:79:c5:09:df:a5:59:0f:63:82:cc:50:
d3:c9:fa:eb:c4:de:f6:ef:31:fe:fc:05:19:d7:de:c7:4d:f1:
61:f6:c1:17:f4:73:1c:78:62:9f:04:31:4e:c9:18:9f:b3:60:
8e:dc:7a:4a:d7:27:ea:cf:62:c2:c4:72:c4:aa:87:5a:6d:66:
26:1e:3e:de:32:b2:e1:4f:8b:18:a2:55:a5:b1:47:25:27:20:
72:bc:a1:d3
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZYUEcCegbnEZxN2kPd8HuMeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwNDA4MDYyMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDdjNTUyZmE5NzZlNzYxZjA2YTJiMzBkN2JkZTVlMWM3OTkwNDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmw+xa9sK/jiqwz/24IkiNe7fm9P
Lojf3NmV6oZwk+JW+cvoNOAv0LhLB9TgzHo3CRGodhA7ckCisRCNeu4tJKh/OcUf
7837BaBhiAjtHJ/1EAG1yPP1T8PI/QI9XYsVps3IdqF5Se2n1u+Wk/G8+g/43soJ
GdWLhKpaMv6f0muMBmH4HzibSZgtJOhGcMNQ+toUW8OmnoJW5FyOt/2wDAmHok7X
MGHq/Io1L0B0jPHXXeLGOQSV/5/ILRFBnHIDVTTCaIkUN886Y6WRLajiXBgJr19q
sRsZymArc6KvBpodA7ciAmDHTMrrWGM4qo5QEEsDMzRdSySPNhXq6NoSiQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDB8VS+pdudh8GorMNe95eHHmQReMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvTUh4Vkw2bDI1Mkh3YWlzdzE3M2w0Y2VaQkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKhF2ggMF
ACoRt4ADBQAqEbeFAwUAKhHEQQMFACoRzQIDBQAqEdCCAwUAKhJMBjANBgkqhkiG
9w0BAQsFAAOCAQEAoLzvyAZOLL+C+TV35IDPw+ZKV9G7s2QfbMoA/m/rqGZHqh/t
GdQ1WpzCWpNN6VUbA4qpGJweKBbCFxQQb74qdky/P4T47cXcXvQ3qzhDe+av/bTJ
9zT17XkZ2H5epiCrTb/q6n6vuRlTVTLC5HfvyBBKyQbZe7TXUhl92dXm16ioG/+n
4S1zj3pENi3zl0km4IIkMOzi0W2QxmqrVOK/FRTv5JJpfl0cR3nFCd+lWQ9jgsxQ
08n668Te9u8x/vwFGdfex03xYfbBF/RzHHhinwQxTskYn7Ngjtx6Stcn6s9iwsRy
xKqHWm1mJh4+3jKy4U+LGKJVpbFHJScgcryh0w==
-----END CERTIFICATE-----
Generated at Wed Apr 23 17:31:59 2025 by rpki-client