Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/MatN-f9U5QWJ5sA7bN6IRyD6gQI.roa
File: MatN-f9U5QWJ5sA7bN6IRyD6gQI.roa (raw, json)
Hash identifier: DXaOno8pWYdI8EsP4CSgSEt207XzbvhK5M0/ZiA21eQ=
Subject key identifier: 31:AB:4D:F9:FF:54:E5:05:89:E6:C0:3B:6C:DE:88:47:20:FA:81:02
Certificate issuer: /CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Certificate serial: 018CC56ED5CACF0DFE7847E1C0F42B3A69E7
Authority key identifier: A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/MatN-f9U5QWJ5sA7bN6IRyD6gQI.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216219
IP address blocks: 2a13:f740::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Jan 2024 13:07:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d5:ca:cf:0d:fe:78:47:e1:c0:f4:2b:3a:69:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a8a69009ad2e890986bdd76c633c1b31f06f3a
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31ab4df9ff54e50589e6c03b6cde884720fa8102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b3:ef:44:88:f4:76:f9:ae:8b:50:d4:2a:6a:
d4:a8:59:ef:ea:16:08:e0:0e:49:2c:c9:12:2c:07:
99:55:ad:4d:9f:c4:ef:0d:cc:e2:24:e0:e9:33:32:
6b:98:f8:03:7c:09:d6:d6:8b:ad:b3:b3:6b:ce:29:
10:33:bd:2c:f3:d1:db:6f:02:ea:97:f7:1c:36:71:
6d:11:49:99:2e:0f:3d:9c:10:c3:b7:59:76:2a:de:
cc:7a:10:e3:f6:2f:f9:26:7b:26:33:12:dd:3c:4f:
b5:0e:6d:3b:96:6d:b1:15:3e:70:96:11:47:6d:55:
18:c6:e9:74:00:43:c0:6f:bd:58:b6:31:dc:13:76:
af:56:0d:08:bd:c2:ec:59:55:2b:d7:fd:34:4b:79:
78:f6:80:b7:9d:6e:0a:d4:28:82:04:fe:33:31:30:
fb:36:61:ed:06:f1:15:c7:b3:7d:aa:95:9b:69:d6:
05:5d:07:de:ce:c1:28:5c:67:75:62:b7:92:80:d3:
9e:a8:63:03:89:1d:c2:f4:78:d0:16:cf:66:60:33:
74:29:59:54:cd:15:8f:7d:75:46:69:36:e9:b8:f1:
95:ee:ac:d0:4f:0f:fc:b5:6c:d3:94:75:02:9c:42:
52:b5:5f:19:4d:9c:e1:88:27:e3:1b:35:12:7a:09:
05:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AB:4D:F9:FF:54:E5:05:89:E6:C0:3B:6C:DE:88:47:20:FA:81:02
X509v3 Authority Key Identifier:
keyid:A5:A8:A6:90:09:AD:2E:89:09:86:BD:D7:6C:63:3C:1B:31:F0:6F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paimkAmtLokJhr3XbGM8GzHwbzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/MatN-f9U5QWJ5sA7bN6IRyD6gQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c4dada-1a29-449a-9ac6-b12ebf345bc3/1/paimkAmtLokJhr3XbGM8GzHwbzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:f740::/48
Signature Algorithm: sha256WithRSAEncryption
05:38:59:ac:67:0b:b0:f4:af:db:79:7f:f2:6b:11:31:ce:94:
3c:80:fd:31:08:0c:7b:a8:02:6d:eb:6d:f9:33:c5:da:1a:d1:
6f:6b:48:8b:75:46:41:c8:fb:8e:b9:9d:d1:ec:89:ea:8b:de:
10:35:67:a4:72:0b:ac:03:e2:29:6b:ac:0b:52:52:e0:94:b1:
3b:74:e3:e8:9e:35:9a:25:26:88:29:62:16:bd:39:a1:bc:df:
0b:df:f0:0e:2d:c6:76:58:a4:e1:58:d1:35:e1:92:29:77:c1:
98:7a:cb:38:83:8c:6b:3b:51:4c:ee:ff:2c:69:3a:ad:2d:bc:
16:e9:03:b1:e0:bc:66:43:0f:6e:f1:b4:1b:a9:53:8a:ad:e7:
93:ec:e1:37:20:e2:54:3e:58:64:24:70:e0:58:3f:20:8a:a0:
6c:e9:ee:43:52:12:7d:e0:29:08:3d:9a:7c:42:d6:3e:1d:d0:
e7:47:a0:ce:73:1a:82:9c:4a:40:69:bf:85:f5:b6:9e:f8:1b:
17:a5:08:b1:58:4f:fa:54:d2:ff:c3:29:3d:43:65:bc:0f:aa:
c7:04:55:9c:54:cf:8e:12:6b:1a:8e:48:9e:e0:2f:c9:c7:9b:
0c:cb:5e:31:fd:7c:8b:aa:41:b5:25:11:5c:af:d8:b1:33:48:
67:a9:14:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFbtXKzw3+eEfhwPQrOmnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YThhNjkwMDlhZDJlODkwOTg2YmRkNzZjNjMzYzFiMzFm
MDZmM2EwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFiNGRmOWZmNTRlNTA1ODllNmMwM2I2Y2RlODg0NzIwZmE4MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7PvRIj0dvmui1DUKmrUqFnv6hYI
4A5JLMkSLAeZVa1Nn8TvDcziJODpMzJrmPgDfAnW1outs7NrzikQM70s89HbbwLq
l/ccNnFtEUmZLg89nBDDt1l2Kt7MehDj9i/5JnsmMxLdPE+1Dm07lm2xFT5wlhFH
bVUYxul0AEPAb71YtjHcE3avVg0IvcLsWVUr1/00S3l49oC3nW4K1CiCBP4zMTD7
NmHtBvEVx7N9qpWbadYFXQfezsEoXGd1YreSgNOeqGMDiR3C9HjQFs9mYDN0KVlU
zRWPfXVGaTbpuPGV7qzQTw/8tWzTlHUCnEJStV8ZTZzhiCfjGzUSegkFswIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDGrTfn/VOUFiebAO2zeiEcg+oECMB8GA1UdIwQY
MBaAFKWoppAJrS6JCYa912xjPBsx8G86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYt
YjEyZWJmMzQ1YmMzLzEvTWF0Ti1mOVU1UVdKNXNBN2JONklSeUQ2Z1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jNGRhZGEtMWEyOS00NDlhLTlhYzYtYjEyZWJmMzQ1YmMz
LzEvcGFpbWtBbXRMb2tKaHIzWGJHTThHekh3YnpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhP3QAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAFOFmsZwuw9K/beX/yaxExzpQ8gP0xCAx7qAJt
6235M8XaGtFva0iLdUZByPuOuZ3R7Inqi94QNWekcgusA+Ipa6wLUlLglLE7dOPo
njWaJSaIKWIWvTmhvN8L3/AOLcZ2WKThWNE14ZIpd8GYess4g4xrO1FM7v8saTqt
LbwW6QOx4LxmQw9u8bQbqVOKreeT7OE3IOJUPlhkJHDgWD8giqBs6e5DUhJ94CkI
PZp8QtY+HdDnR6DOcxqCnEpAab+F9bae+BsXpQixWE/6VNL/wyk9Q2W8D6rHBFWc
VM+OEmsajkie4C/Jx5sMy14x/XyLqkG1JRFcr9ixM0hnqRRN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:58 2025 by rpki-client