Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/rMWPy0hT6r2aLpS1-5IDNfJsvmE.roa
File: rMWPy0hT6r2aLpS1-5IDNfJsvmE.roa (raw, json)
Hash identifier: BIBAUHxwg6DcuSt3N2CxeE3iWFL3Q/W4s1rWoVY1JsE=
Subject key identifier: AC:C5:8F:CB:48:53:EA:BD:9A:2E:94:B5:FB:92:03:35:F2:6C:BE:61
Certificate issuer: /CN=9788de1b757eaaab5e76b196e178b60b5e6c240c
Certificate serial: 018EF6C6FEB41E72863D43C654B5D639EFBC
Authority key identifier: 97:88:DE:1B:75:7E:AA:AB:5E:76:B1:96:E1:78:B6:0B:5E:6C:24:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4jeG3V-qqtedrGW4Xi2C15sJAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/rMWPy0hT6r2aLpS1-5IDNfJsvmE.roa
Signing time: Fri 19 Apr 2024 14:33:40 +0000
ROA not before: Fri 19 Apr 2024 14:33:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2a14:4340::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:c6:fe:b4:1e:72:86:3d:43:c6:54:b5:d6:39:ef:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9788de1b757eaaab5e76b196e178b60b5e6c240c
Validity
Not Before: Apr 19 14:33:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acc58fcb4853eabd9a2e94b5fb920335f26cbe61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c9:a5:50:a7:3a:ec:c2:46:b6:a0:30:7d:c0:
c2:97:f5:d2:52:17:e4:fe:f5:b2:2d:8d:97:0c:a4:
5e:27:05:92:a2:23:dd:75:62:e0:41:af:6b:e5:dd:
ca:45:e7:70:b0:07:52:4c:f8:25:59:75:c3:5f:0d:
9f:99:6e:7f:0f:be:2a:1b:2a:ad:eb:39:94:bb:97:
63:5e:05:7d:e6:87:69:af:5e:2b:f9:c9:ba:45:13:
1c:c1:70:f6:51:08:bd:02:38:e3:39:e1:df:e6:33:
4d:f7:4d:da:9b:0b:f7:c2:35:66:15:7a:e0:b4:40:
3e:52:bf:9e:2c:16:a0:72:35:32:41:a2:a9:cd:b4:
cb:43:c5:d1:a1:fa:52:8a:e0:7d:d5:7d:f3:f7:3f:
11:3c:1f:5a:8b:0e:03:bc:b4:10:22:ad:4c:20:8d:
fd:0d:92:58:a7:51:22:8d:ff:2e:43:96:9c:3a:4d:
6b:97:f8:05:06:8f:8a:f5:80:e2:51:d4:a0:1c:1a:
74:15:28:c6:e7:05:68:56:85:2d:a3:31:db:91:2a:
c7:40:7b:90:23:1d:72:22:cd:d0:f6:87:b5:f7:12:
af:f8:e5:b0:6b:9e:31:0e:98:e1:86:8c:26:78:8f:
78:92:f1:3c:7c:47:fd:72:94:c5:14:e0:19:b6:dc:
f7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C5:8F:CB:48:53:EA:BD:9A:2E:94:B5:FB:92:03:35:F2:6C:BE:61
X509v3 Authority Key Identifier:
keyid:97:88:DE:1B:75:7E:AA:AB:5E:76:B1:96:E1:78:B6:0B:5E:6C:24:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4jeG3V-qqtedrGW4Xi2C15sJAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/rMWPy0hT6r2aLpS1-5IDNfJsvmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/l4jeG3V-qqtedrGW4Xi2C15sJAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:4340::/29
Signature Algorithm: sha256WithRSAEncryption
b6:50:13:8a:db:39:ca:c4:88:9a:aa:53:87:18:4d:6d:8a:9c:
83:72:0d:db:9d:f3:e4:81:46:5d:c3:9d:b9:3e:9b:75:5a:44:
1a:af:cc:1e:4e:78:ff:b9:02:3e:0b:14:3c:9a:00:b7:02:93:
0a:03:57:bc:d0:e6:3e:51:a2:80:40:d8:18:c4:76:fe:01:ea:
3a:49:51:3d:09:c2:fe:7d:4a:e3:92:39:b7:f7:4a:0e:78:a1:
9c:8e:f4:bc:97:11:56:99:78:73:b3:98:9e:2a:00:d1:4f:f8:
5e:37:79:02:d6:99:5f:b5:c1:3c:2b:1d:90:e1:2c:e0:72:88:
9f:60:c4:a0:08:bb:43:1e:6f:93:47:40:b8:ba:b2:4c:2c:d5:
d4:8a:f9:87:a0:63:9f:33:24:65:43:e7:e9:40:7c:32:88:6e:
2b:a9:f7:30:db:50:fd:f2:96:dc:c0:a9:4b:95:1c:70:0d:ea:
ca:9c:df:ac:5c:e8:d6:70:54:b4:da:6f:92:2d:51:c6:96:e0:
2e:7b:f8:0b:7c:75:62:06:38:2a:d5:56:7d:8b:3b:0c:82:90:
e3:29:03:37:98:79:8e:e8:fd:72:10:d7:36:da:f6:52:d0:95:
fe:f6:13:57:ae:ea:88:58:23:59:04:ad:d2:6b:78:c2:04:2f:
69:5f:a3:e7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY72xv60HnKGPUPGVLXWOe+8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODhkZTFiNzU3ZWFhYWI1ZTc2YjE5NmUxNzhiNjBiNWU2
YzI0MGMwHhcNMjQwNDE5MTQzMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M1OGZjYjQ4NTNlYWJkOWEyZTk0YjVmYjkyMDMzNWYyNmNiZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cmlUKc67MJGtqAwfcDCl/XSUhfk
/vWyLY2XDKReJwWSoiPddWLgQa9r5d3KRedwsAdSTPglWXXDXw2fmW5/D74qGyqt
6zmUu5djXgV95odpr14r+cm6RRMcwXD2UQi9AjjjOeHf5jNN903amwv3wjVmFXrg
tEA+Ur+eLBagcjUyQaKpzbTLQ8XRofpSiuB91X3z9z8RPB9aiw4DvLQQIq1MII39
DZJYp1Eijf8uQ5acOk1rl/gFBo+K9YDiUdSgHBp0FSjG5wVoVoUtozHbkSrHQHuQ
Ix1yIs3Q9oe19xKv+OWwa54xDpjhhowmeI94kvE8fEf9cpTFFOAZttz3mwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKzFj8tIU+q9mi6UtfuSAzXybL5hMB8GA1UdIwQY
MBaAFJeI3ht1fqqrXnaxluF4tgtebCQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRqZUczVi1xcXRlZHJHVzRYaTJDMTVzSkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy83M2NhNTctNGVlZS00YzI5LTgxNGEt
ODE3OTBmNjFlNzk0LzEvck1XUHkwaFQ2cjJhTHBTMS01SUROZkpzdm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy83M2NhNTctNGVlZS00YzI5LTgxNGEtODE3OTBmNjFlNzk0
LzEvbDRqZUczVi1xcXRlZHJHVzRYaTJDMTVzSkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhRDQDAN
BgkqhkiG9w0BAQsFAAOCAQEAtlATits5ysSImqpThxhNbYqcg3IN253z5IFGXcOd
uT6bdVpEGq/MHk54/7kCPgsUPJoAtwKTCgNXvNDmPlGigEDYGMR2/gHqOklRPQnC
/n1K45I5t/dKDnihnI70vJcRVpl4c7OYnioA0U/4Xjd5AtaZX7XBPCsdkOEs4HKI
n2DEoAi7Qx5vk0dAuLqyTCzV1Ir5h6BjnzMkZUPn6UB8MohuK6n3MNtQ/fKW3MCp
S5UccA3qypzfrFzo1nBUtNpvki1RxpbgLnv4C3x1YgY4KtVWfYs7DIKQ4ykDN5h5
juj9chDXNtr2UtCV/vYTV67qiFgjWQSt0mt4wgQvaV+j5w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:08:54 2025 by rpki-client