Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/mtHkdOls_3sQTQu9naO-zQDq6Hk.roa
File: mtHkdOls_3sQTQu9naO-zQDq6Hk.roa (raw, json)
Hash identifier: UlDYRwnfUPDgcRkI8m81UxDRoJU4N+Jlyp4G5o/zXDE=
Subject key identifier: 9A:D1:E4:74:E9:6C:FF:7B:10:4D:0B:BD:9D:A3:BE:CD:00:EA:E8:79
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018D62BE03038A5A01CE3BD7D4977C3531FC
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/mtHkdOls_3sQTQu9naO-zQDq6Hk.roa
Signing time: Thu 01 Feb 2024 03:37:16 +0000
ROA not before: Thu 01 Feb 2024 03:37:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29182
IP address blocks: 2a12:a341::/32 maxlen: 32
2a12:a347::/32 maxlen: 32
2a13:2980::/30 maxlen: 30
2a13:2984::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 26 Mar 2024 11:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:be:03:03:8a:5a:01:ce:3b:d7:d4:97:7c:35:31:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Feb 1 03:37:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ad1e474e96cff7b104d0bbd9da3becd00eae879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3c:79:c1:7e:3a:86:24:4c:ec:cf:fc:80:e5:
f4:4a:60:d5:60:e3:c6:8b:09:5c:a2:63:47:34:43:
dc:7c:b2:a4:25:d0:6e:b9:df:35:2f:3d:4d:ef:6d:
42:48:94:ce:1f:c9:ca:1c:d1:79:1e:3e:ea:fd:82:
33:41:e1:12:42:b9:c0:fb:f7:01:80:65:82:68:8a:
61:01:e2:4f:78:8b:89:95:47:f6:19:c3:18:d1:2a:
2d:2c:5b:87:3a:1a:71:41:76:35:62:e4:4a:32:34:
a6:c2:92:61:02:87:fe:30:d0:7e:d3:19:e2:86:9b:
21:ce:7e:9a:4a:35:97:98:92:15:de:e3:de:bb:8e:
25:07:fb:45:9b:eb:67:78:cc:03:02:1b:17:84:fd:
62:f4:ec:40:f4:dc:9f:2a:40:ab:c4:46:0b:96:c6:
d3:6b:94:d0:6c:e7:ed:05:85:84:9a:c7:66:3b:24:
23:f1:6f:76:57:e6:d9:e2:50:e9:af:85:90:6e:d0:
4f:21:d6:64:6f:ae:2f:2a:4f:c8:a6:c2:39:e0:6e:
fa:15:90:2a:80:b1:66:e6:24:02:7d:01:f4:46:e1:
42:98:2c:a5:67:5b:cb:5e:65:a5:3a:a7:32:90:f2:
32:a8:0f:4f:8b:f1:5b:c9:07:fe:63:63:63:8e:32:
18:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D1:E4:74:E9:6C:FF:7B:10:4D:0B:BD:9D:A3:BE:CD:00:EA:E8:79
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/mtHkdOls_3sQTQu9naO-zQDq6Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a341::/32
2a12:a347::/32
2a13:2980::/29
Signature Algorithm: sha256WithRSAEncryption
48:60:4b:8e:49:94:78:bd:04:66:6b:63:df:cc:25:05:83:3f:
fe:ab:56:40:6e:c4:9f:48:32:70:ca:93:99:39:f8:25:62:1e:
68:55:65:9a:b0:f4:f2:b2:66:99:e1:f6:46:98:33:ed:d4:5a:
c7:19:39:f8:41:b2:c2:21:86:5a:f7:e5:a6:1b:e8:de:88:b5:
a2:0d:5b:b4:ce:e3:13:2e:29:ec:9e:79:5e:77:4d:11:00:e1:
c1:3f:88:31:f0:4b:e0:cf:3b:0a:87:b0:a3:f3:ca:93:21:d2:
29:32:e2:5f:91:ff:f1:8d:00:ce:3b:a5:f2:52:9c:8c:89:a5:
eb:8e:74:33:ed:fb:3a:e0:b8:51:e3:ed:ce:bd:29:32:f4:ae:
25:20:ee:5d:1f:4f:16:b3:67:a7:8c:e2:cc:67:be:ee:93:f4:
9c:82:c9:59:ab:1b:d2:85:8b:58:9f:4f:f5:bc:17:f6:98:89:
9f:45:43:16:03:9a:69:25:85:d1:a6:c3:c3:35:6e:31:77:80:
31:20:5a:7b:a9:29:ab:b6:77:75:a1:b3:3b:98:af:01:e5:15:
90:6e:d6:18:1e:0d:41:9e:81:7c:3c:22:8d:09:dc:30:fb:cc:
5d:8a:4e:fd:1f:7a:72:2c:a2:ff:a0:e0:12:fb:b6:7a:8d:55:
92:59:1a:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1ivgMDiloBzjvX1Jd8NTH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMjAxMDMzNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQxZTQ3NGU5NmNmZjdiMTA0ZDBiYmQ5ZGEzYmVjZDAwZWFlODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDx5wX46hiRM7M/8gOX0SmDVYOPG
iwlcomNHNEPcfLKkJdBuud81Lz1N721CSJTOH8nKHNF5Hj7q/YIzQeESQrnA+/cB
gGWCaIphAeJPeIuJlUf2GcMY0SotLFuHOhpxQXY1YuRKMjSmwpJhAof+MNB+0xni
hpshzn6aSjWXmJIV3uPeu44lB/tFm+tneMwDAhsXhP1i9OxA9NyfKkCrxEYLlsbT
a5TQbOftBYWEmsdmOyQj8W92V+bZ4lDpr4WQbtBPIdZkb64vKk/IpsI54G76FZAq
gLFm5iQCfQH0RuFCmCylZ1vLXmWlOqcykPIyqA9Pi/FbyQf+Y2NjjjIY5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJrR5HTpbP97EE0LvZ2jvs0A6uh5MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbXRIa2RPbHNfM3NRVFF1OW5hTy16UURxNkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhKjQQMF
ACoSo0cDBQMqEymAMA0GCSqGSIb3DQEBCwUAA4IBAQBIYEuOSZR4vQRma2PfzCUF
gz/+q1ZAbsSfSDJwypOZOfglYh5oVWWasPTysmaZ4fZGmDPt1FrHGTn4QbLCIYZa
9+WmG+jeiLWiDVu0zuMTLinsnnled00RAOHBP4gx8EvgzzsKh7Cj88qTIdIpMuJf
kf/xjQDOO6XyUpyMiaXrjnQz7fs64LhR4+3OvSky9K4lIO5dH08Ws2enjOLMZ77u
k/ScgslZqxvShYtYn0/1vBf2mImfRUMWA5ppJYXRpsPDNW4xd4AxIFp7qSmrtnd1
obM7mK8B5RWQbtYYHg1BnoF8PCKNCdww+8xdik79H3pyLKL/oOAS+7Z6jVWSWRor
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:56 2025 by rpki-client