Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Mt7yHlPbLCLYefEp4eurV7UkDdw.roa
File: Mt7yHlPbLCLYefEp4eurV7UkDdw.roa (raw, json)
Hash identifier: 3yHCMeoRiFs1wmcwJY4Wau5d1b1LLbP5Q5CxP13WJ60=
Subject key identifier: 32:DE:F2:1E:53:DB:2C:22:D8:79:F1:29:E1:EB:AB:57:B5:24:0D:DC
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 018DD131D9D0497B7A1D11B8D0FE744BA1BC
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Mt7yHlPbLCLYefEp4eurV7UkDdw.roa
Signing time: Thu 22 Feb 2024 14:22:01 +0000
ROA not before: Thu 22 Feb 2024 14:22:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209641
IP address blocks: 2a0c:f642::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 11 Mar 2024 14:42:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:31:d9:d0:49:7b:7a:1d:11:b8:d0:fe:74:4b:a1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Feb 22 14:22:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32def21e53db2c22d879f129e1ebab57b5240ddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f8:98:7c:35:18:c0:37:95:64:27:7b:a8:55:
ae:b9:a8:24:2e:09:88:42:61:14:94:e4:b7:8d:37:
b3:70:95:85:ed:3c:7c:fc:7d:b9:10:02:60:93:72:
22:6a:28:7a:f9:d6:c2:15:50:9a:db:55:7f:68:fd:
48:a0:f6:1c:f9:d9:77:1c:bf:17:ab:b2:8c:28:71:
96:70:e2:b3:64:cc:2e:1c:f1:cd:7c:2a:bd:27:02:
cd:bf:11:b5:62:dc:13:0a:cc:77:08:a0:d9:1c:f8:
84:95:b2:ce:1a:9b:a6:ad:2b:93:54:d3:77:12:d2:
f3:ac:d6:7e:4b:a5:6f:ac:a5:d7:07:3e:fc:6b:59:
6b:b9:0b:00:a3:00:ff:17:24:e9:e0:51:0d:97:88:
19:3d:ef:f1:5d:55:c1:37:d9:5f:ea:98:9d:3a:55:
f1:d8:e3:15:90:25:bb:1a:e8:5e:81:38:54:ae:28:
74:b8:b3:2d:51:6e:76:6f:da:6a:8c:4d:3e:3f:e5:
60:5e:a9:f2:bd:53:fc:8e:8e:e4:e9:85:bf:db:91:
e2:34:aa:eb:41:ec:ec:0f:41:31:89:df:3f:c3:95:
a7:c0:c5:a8:08:e8:e3:20:be:f1:31:76:56:8a:42:
a1:c8:48:ee:bc:6c:26:5b:22:16:49:01:2d:d0:63:
da:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DE:F2:1E:53:DB:2C:22:D8:79:F1:29:E1:EB:AB:57:B5:24:0D:DC
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/Mt7yHlPbLCLYefEp4eurV7UkDdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
05:86:0b:18:87:2c:ad:2a:c1:05:84:10:e0:13:72:be:25:e6:
f0:73:24:50:23:b2:4e:86:b3:2c:93:25:06:1e:f1:ee:9c:bc:
73:7c:9c:65:c4:1b:9a:78:61:3b:a8:ba:1b:22:84:c5:06:29:
da:1c:c0:1f:db:fe:00:87:60:c4:a6:a4:02:5b:db:04:20:c5:
cc:1e:c2:02:92:16:3a:1e:8b:14:b9:f6:16:43:5b:51:f5:2b:
76:7c:ba:58:2e:60:5d:e0:93:b5:73:4a:8e:53:b5:e9:64:11:
ec:dc:89:d7:e7:88:03:8d:83:5d:37:29:e8:1c:55:fa:01:74:
d7:f6:e5:fa:4f:3e:47:24:b5:91:c2:f9:84:81:b6:ec:35:8e:
6e:2d:90:e0:1c:54:1c:34:64:e7:7f:a0:4d:ae:0e:c3:ca:42:
44:0c:4b:79:c2:aa:94:64:54:e3:d2:13:a2:9b:59:70:b6:93:
9d:cd:52:ff:b3:64:4d:d6:45:53:fd:1c:9c:73:a3:60:a0:c1:
06:99:a4:48:3e:55:df:33:1e:e8:20:88:e1:38:cb:97:a1:b8:
dc:2a:1f:42:b1:f0:14:d9:7b:e7:11:52:85:25:b4:99:bb:55:
33:67:1d:73:5d:2b:1c:94:ea:74:3f:b4:32:88:19:dd:32:b3:
80:2d:92:4c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY3RMdnQSXt6HRG40P50S6G8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjQwMjIyMTQyMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmRlZjIxZTUzZGIyYzIyZDg3OWYxMjllMWViYWI1N2I1MjQwZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifiYfDUYwDeVZCd7qFWuuagkLgmI
QmEUlOS3jTezcJWF7Tx8/H25EAJgk3Iiaih6+dbCFVCa21V/aP1IoPYc+dl3HL8X
q7KMKHGWcOKzZMwuHPHNfCq9JwLNvxG1YtwTCsx3CKDZHPiElbLOGpumrSuTVNN3
EtLzrNZ+S6VvrKXXBz78a1lruQsAowD/FyTp4FENl4gZPe/xXVXBN9lf6pidOlXx
2OMVkCW7GuhegThUrih0uLMtUW52b9pqjE0+P+VgXqnyvVP8jo7k6YW/25HiNKrr
QezsD0Exid8/w5WnwMWoCOjjIL7xMXZWikKhyEjuvGwmWyIWSQEt0GPaVQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDLe8h5T2ywi2HnxKeHrq1e1JA3cMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvTXQ3eUhsUGJMQ0xZZWZFcDRldXJWN1VrRGR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgz2QjAN
BgkqhkiG9w0BAQsFAAOCAQEABYYLGIcsrSrBBYQQ4BNyviXm8HMkUCOyToazLJMl
Bh7x7py8c3ycZcQbmnhhO6i6GyKExQYp2hzAH9v+AIdgxKakAlvbBCDFzB7CApIW
Oh6LFLn2FkNbUfUrdny6WC5gXeCTtXNKjlO16WQR7NyJ1+eIA42DXTcp6BxV+gF0
1/bl+k8+RyS1kcL5hIG27DWObi2Q4BxUHDRk53+gTa4Ow8pCRAxLecKqlGRU49IT
optZcLaTnc1S/7NkTdZFU/0cnHOjYKDBBpmkSD5V3zMe6CCI4TjLl6G43CofQrHw
FNl75xFShSW0mbtVM2cdc10rHJTqdD+0MogZ3TKzgC2STA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:58 2024 by rpki-client on console-fra.rpki-client.org