Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/M1HZgv8y0Tdlxj6z0fcW8Ght-0c.roa
File: M1HZgv8y0Tdlxj6z0fcW8Ght-0c.roa (raw, json)
Hash identifier: 3BJTwEc+tRh1kYZ6MLdXu80+5rzHl4o8hcWjV40QN2E=
Subject key identifier: 33:51:D9:82:FF:32:D1:37:65:C6:3E:B3:D1:F7:16:F0:68:6D:FB:47
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018D3E00BB5C370206FA4000EE5F9BA0A920
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/M1HZgv8y0Tdlxj6z0fcW8Ght-0c.roa
Signing time: Thu 25 Jan 2024 00:24:11 +0000
ROA not before: Thu 25 Jan 2024 00:24:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a11:4b40::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a11:4b47::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 27 Jan 2024 03:57:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3e:00:bb:5c:37:02:06:fa:40:00:ee:5f:9b:a0:a9:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 25 00:24:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3351d982ff32d13765c63eb3d1f716f0686dfb47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8f:66:37:f8:4e:96:67:62:49:82:ba:5a:6e:
3d:78:47:f8:72:45:83:c5:cb:79:9e:b9:bb:4f:bd:
e8:aa:e1:36:56:1d:0e:90:4d:91:3f:59:79:e2:a1:
dd:78:2a:ff:75:00:f3:42:b1:0b:df:56:8c:0e:ce:
6b:56:c6:e9:5f:03:10:04:94:b2:d1:f5:e0:aa:f8:
1b:9e:a0:b3:80:36:52:1f:0f:33:87:6d:94:4b:ba:
c1:ad:0f:b2:2e:7d:6c:c1:2b:03:97:72:49:27:03:
73:9d:be:5a:5d:4d:e2:d6:e9:d3:7a:e2:8d:54:ef:
dd:05:79:66:be:9a:c6:20:f6:a9:85:d4:dc:6d:71:
2d:1c:27:57:e3:ba:9b:7f:86:57:43:5b:5c:e6:15:
b2:d9:96:49:c6:43:d8:8e:80:b5:08:b4:00:09:40:
0c:f8:42:d6:7f:e9:42:e0:be:17:5c:16:ac:46:eb:
dd:8a:a1:8c:79:08:11:23:0d:57:bc:7f:b1:e8:9e:
8f:c7:83:57:77:66:5e:d4:af:c5:5c:b4:62:45:bd:
1c:92:d2:dc:bb:4b:a3:90:dc:d6:d7:bd:57:76:1e:
79:3b:bb:aa:5a:bb:6c:bf:c5:1d:6f:12:6f:7a:73:
ac:9a:8e:b9:d7:58:1b:c5:3c:68:bb:3e:56:05:12:
26:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:51:D9:82:FF:32:D1:37:65:C6:3E:B3:D1:F7:16:F0:68:6D:FB:47
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/M1HZgv8y0Tdlxj6z0fcW8Ght-0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4b40::/32
2a11:4b44::/30
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
9a:47:c1:83:0e:68:b9:c3:6b:0c:c0:e9:e7:5d:82:e5:fa:82:
a3:a4:d1:7f:67:e4:d0:ad:80:16:de:0b:b5:9d:6e:c5:9a:d0:
cf:e5:f4:48:88:ea:e6:3d:45:40:3c:5c:80:f4:21:df:0f:63:
f2:5d:cb:14:cd:1c:71:51:dc:05:9d:23:04:38:5b:6f:7b:c6:
4f:b1:cd:9c:c9:52:12:b4:dd:d8:04:03:c5:04:29:9b:ca:f1:
dc:6f:cf:02:df:58:a2:77:dc:72:94:1b:ca:16:7c:bb:92:17:
6d:93:34:dc:43:0d:59:21:d2:90:69:24:2a:c9:75:5c:b4:33:
dd:ee:52:c0:f8:9e:19:31:69:a5:24:35:85:ba:98:19:0b:4b:
cd:6f:4f:9d:db:4e:7a:90:72:50:27:16:79:38:4b:34:e1:e4:
b9:a0:1a:63:b6:69:a7:6b:ef:24:aa:6c:f4:f6:bb:a4:6d:c8:
c2:89:04:4f:63:a8:d0:d7:89:b0:d9:23:49:a7:a5:fd:8c:6a:
9c:ba:32:47:7c:cf:5c:c2:8c:42:e8:17:2c:f8:b7:cc:de:4b:
a7:59:84:98:3b:c1:88:97:13:57:71:31:98:01:a6:c8:0e:70:
ed:0c:7a:c9:ed:c4:f5:dc:3b:ed:46:2b:92:bf:23:c6:d7:1c:
59:2b:96:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY0+ALtcNwIG+kAA7l+boKkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTI1MDAyNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzUxZDk4MmZmMzJkMTM3NjVjNjNlYjNkMWY3MTZmMDY4NmRmYjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI9mN/hOlmdiSYK6Wm49eEf4ckWD
xct5nrm7T73oquE2Vh0OkE2RP1l54qHdeCr/dQDzQrEL31aMDs5rVsbpXwMQBJSy
0fXgqvgbnqCzgDZSHw8zh22US7rBrQ+yLn1swSsDl3JJJwNznb5aXU3i1unTeuKN
VO/dBXlmvprGIPaphdTcbXEtHCdX47qbf4ZXQ1tc5hWy2ZZJxkPYjoC1CLQACUAM
+ELWf+lC4L4XXBasRuvdiqGMeQgRIw1XvH+x6J6Px4NXd2Ze1K/FXLRiRb0cktLc
u0ujkNzW171Xdh55O7uqWrtsv8UdbxJvenOsmo6511gbxTxouz5WBRIm5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDNR2YL/MtE3ZcY+s9H3FvBobftHMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTTFIWmd2OHkwVGRseGo2ejBmY1c4R2h0LTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhFLQAMF
AioRS0QDBQAqEqNGMA0GCSqGSIb3DQEBCwUAA4IBAQCaR8GDDmi5w2sMwOnnXYLl
+oKjpNF/Z+TQrYAW3gu1nW7FmtDP5fRIiOrmPUVAPFyA9CHfD2PyXcsUzRxxUdwF
nSMEOFtve8ZPsc2cyVIStN3YBAPFBCmbyvHcb88C31iid9xylBvKFny7khdtkzTc
Qw1ZIdKQaSQqyXVctDPd7lLA+J4ZMWmlJDWFupgZC0vNb0+d2056kHJQJxZ5OEs0
4eS5oBpjtmmna+8kqmz09rukbcjCiQRPY6jQ14mw2SNJp6X9jGqcujJHfM9cwoxC
6Bcs+LfM3kunWYSYO8GIlxNXcTGYAabIDnDtDHrJ7cT13DvtRiuSvyPG1xxZK5Y+
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:05 2025 by rpki-client