Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/MCCgqvKxAgOhG1Ag4uzuJ_hRtkM.roa
File: MCCgqvKxAgOhG1Ag4uzuJ_hRtkM.roa (raw, json)
Hash identifier: x2XDUHHugcIrrZbCjJfpA1BMylJnC2LDQJ1eRSWW83M=
Subject key identifier: 30:20:A0:AA:F2:B1:02:03:A1:1B:50:20:E2:EC:EE:27:F8:51:B6:43
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018DF9A7ED8A77633750634CAEE5F586C6C3
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/MCCgqvKxAgOhG1Ag4uzuJ_hRtkM.roa
Signing time: Fri 01 Mar 2024 10:55:48 +0000
ROA not before: Fri 01 Mar 2024 10:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a09:e5c0::/32 maxlen: 32
2a09:e5c1::/32 maxlen: 32
2a09:e5c2::/32 maxlen: 32
2a09:e5c3::/32 maxlen: 32
2a09:e5c4::/32 maxlen: 32
2a09:e5c5::/32 maxlen: 32
2a09:e5c6::/32 maxlen: 32
2a0e:b140::/29 maxlen: 29
2a11:4b40::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a11:4b47::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a344::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 Apr 2024 05:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:a7:ed:8a:77:63:37:50:63:4c:ae:e5:f5:86:c6:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 1 10:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3020a0aaf2b10203a11b5020e2ecee27f851b643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d9:6b:02:a0:f4:05:e8:4c:82:68:b2:14:9c:
cc:30:2a:7e:9a:39:dc:82:a2:49:d9:d7:de:50:85:
80:15:76:91:d4:2f:87:da:f0:6f:df:32:2e:90:2e:
e0:29:d9:00:42:b5:ec:60:41:11:7d:6c:88:8a:cd:
31:35:9f:5f:ac:44:d9:19:14:24:5f:67:bf:84:24:
8e:fb:b0:07:bc:3e:f0:ed:14:1b:b4:fa:cf:b0:27:
47:1a:f5:54:0d:f3:d7:32:c5:48:a4:44:af:d3:f8:
8c:82:f6:fc:1f:ae:c3:a4:c0:27:2b:1b:ce:53:f3:
30:b8:99:86:fb:33:bd:6f:fa:c5:f5:29:82:0e:5d:
bd:ae:c4:28:94:cf:b5:70:ea:b6:61:b6:8f:cc:66:
a6:ec:bd:cd:a8:7d:94:34:ec:d1:4c:a4:b3:70:53:
65:85:5c:70:3b:86:9f:df:19:17:a2:c1:c3:e2:93:
a5:fa:d5:2b:12:fb:7e:38:a1:7f:9f:ed:91:51:66:
e1:cc:87:02:66:70:17:a1:e1:09:85:7b:54:93:64:
5d:65:6a:6c:7c:a5:42:c0:f5:43:90:4e:e6:ca:de:
4a:3a:62:e6:d3:53:f4:c7:0b:81:46:d2:a2:a9:9a:
39:b5:23:64:ab:25:a4:6b:76:54:42:99:09:d3:9f:
80:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:20:A0:AA:F2:B1:02:03:A1:1B:50:20:E2:EC:EE:27:F8:51:B6:43
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/MCCgqvKxAgOhG1Ag4uzuJ_hRtkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e5c0::-2a09:e5c6:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:b140::/29
2a11:4b40::/32
2a11:4b44::/30
2a12:a343::-2a12:a344:ffff:ffff:ffff:ffff:ffff:ffff
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
d8:9c:6f:25:f8:7e:9e:3b:be:2e:c9:10:f8:53:b5:fe:40:a9:
35:c0:17:a6:09:1c:fa:2e:7a:37:48:e2:94:98:af:8d:5c:dd:
99:65:03:e9:3a:90:b7:1b:39:43:ae:c3:e1:23:49:2f:dc:83:
1b:7f:1c:96:38:20:91:d9:ff:af:e6:cc:63:d2:c7:42:54:95:
e1:a7:fa:f2:0b:ac:b7:62:15:c8:fc:80:91:14:42:c3:7a:38:
d9:8b:ff:62:a5:d1:1a:e9:be:db:f7:1e:ad:7d:7e:26:24:0f:
ad:e3:d7:8b:51:79:23:25:b3:a8:5f:75:3b:e2:a7:7a:9f:20:
e6:83:31:bf:49:2d:17:99:f1:4f:60:2b:63:73:be:bd:3e:aa:
77:7b:fe:f3:55:60:0d:77:85:93:d6:89:0a:2d:04:44:c3:13:
e2:ca:2a:ea:a8:bb:c0:f6:ee:7e:79:9a:1d:d7:f5:3a:7a:82:
89:b6:f4:11:84:f6:8b:4c:9c:08:5a:f2:2a:04:72:be:62:12:
43:4c:cc:6f:01:14:a4:c6:7d:c4:a8:77:81:b7:52:63:77:6f:
39:aa:00:f3:a4:b9:87:a2:10:e3:bd:67:c2:af:8a:1c:68:0d:
27:58:93:15:5b:91:d0:ec:b5:98:67:59:b7:5b:c8:97:3a:69:
68:f6:82:58
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY35p+2Kd2M3UGNMruX1hsbDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMzAxMTA1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDIwYTBhYWYyYjEwMjAzYTExYjUwMjBlMmVjZWUyN2Y4NTFiNjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9lrAqD0BehMgmiyFJzMMCp+mjnc
gqJJ2dfeUIWAFXaR1C+H2vBv3zIukC7gKdkAQrXsYEERfWyIis0xNZ9frETZGRQk
X2e/hCSO+7AHvD7w7RQbtPrPsCdHGvVUDfPXMsVIpESv0/iMgvb8H67DpMAnKxvO
U/MwuJmG+zO9b/rF9SmCDl29rsQolM+1cOq2YbaPzGam7L3NqH2UNOzRTKSzcFNl
hVxwO4af3xkXosHD4pOl+tUrEvt+OKF/n+2RUWbhzIcCZnAXoeEJhXtUk2RdZWps
fKVCwPVDkE7myt5KOmLm01P0xwuBRtKiqZo5tSNkqyWka3ZUQpkJ05+ASwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDAgoKrysQIDoRtQIOLs7if4UbZDMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTUNDZ3F2S3hBZ09oRzFBZzR1enVKX2hSdGtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAAjA8MA4DBQYqCeXA
AwUAKgnlxgMFAyoOsUADBQAqEUtAAwUCKhFLRDAOAwUAKhKjQwMFACoSo0QDBQAq
EqNGMA0GCSqGSIb3DQEBCwUAA4IBAQDYnG8l+H6eO74uyRD4U7X+QKk1wBemCRz6
Lno3SOKUmK+NXN2ZZQPpOpC3GzlDrsPhI0kv3IMbfxyWOCCR2f+v5sxj0sdCVJXh
p/ryC6y3YhXI/ICRFELDejjZi/9ipdEa6b7b9x6tfX4mJA+t49eLUXkjJbOoX3U7
4qd6nyDmgzG/SS0XmfFPYCtjc769Pqp3e/7zVWANd4WT1okKLQREwxPiyirqqLvA
9u5+eZod1/U6eoKJtvQRhPaLTJwIWvIqBHK+YhJDTMxvARSkxn3EqHeBt1Jjd285
qgDzpLmHohDjvWfCr4ocaA0nWJMVW5HQ7LWYZ1m3W8iXOmlo9oJY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:01 2024 by rpki-client on console-fra.rpki-client.org