Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/mTUZlDHbkDta3fA8yiZRPMxCd4A.roa
File: mTUZlDHbkDta3fA8yiZRPMxCd4A.roa (raw, json)
Hash identifier: y5ypsNNMIHcJ1qGKisJQUvvNh8ucTCZCM09fp7xGM1U=
Subject key identifier: 99:35:19:94:31:DB:90:3B:5A:DD:F0:3C:CA:26:51:3C:CC:42:77:80
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 018C88977C1F9264D28150B208F12FDC4759
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/mTUZlDHbkDta3fA8yiZRPMxCd4A.roa
Signing time: Wed 20 Dec 2023 18:57:58 +0000
ROA not before: Wed 20 Dec 2023 18:57:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211286
IP address blocks: 2a0d:8d04:71a::/48 maxlen: 48
2a0d:8d04:71d::/48 maxlen: 48
2a0d:8d04:5::/48 maxlen: 48
2a0d:8d04::/32 maxlen: 48
2a0d:8d04:71b::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:88:97:7c:1f:92:64:d2:81:50:b2:08:f1:2f:dc:47:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Dec 20 18:57:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9935199431db903b5addf03cca26513ccc427780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:07:79:80:01:d0:82:cb:da:0f:b2:f5:84:6a:
58:97:7d:21:55:d8:a6:13:54:35:bf:5a:63:b5:95:
4c:86:7e:d8:01:89:be:b4:6e:e1:ab:1b:88:e6:80:
ea:d5:42:63:69:cc:92:ec:31:4c:91:50:78:5e:8c:
a4:b0:64:be:f9:6a:fd:17:52:a8:04:b9:aa:50:e2:
28:a0:59:b0:85:2f:c5:2d:f8:59:8b:04:cf:23:d1:
52:91:38:c9:58:db:2f:28:19:70:8f:50:8d:46:c9:
e5:77:b6:6d:a2:f1:6f:77:36:81:54:3d:f8:12:3a:
1a:de:61:1a:64:bf:d4:e5:66:27:10:9d:a5:78:04:
80:2d:28:20:8a:0c:96:9e:5c:de:27:f7:0a:5c:8f:
82:3a:62:a6:da:8d:bc:2e:53:1d:56:42:65:a8:e3:
b5:0c:69:e3:bb:e9:49:98:81:8a:b7:05:b6:a5:77:
30:7e:d6:73:2c:d6:a7:d4:8d:8e:ba:57:29:97:6d:
d1:15:00:12:57:e7:ba:d2:85:43:22:e4:4c:b7:e9:
a6:c3:14:5d:bf:83:45:42:ee:88:1c:ce:b3:aa:6f:
e6:7a:42:a8:2d:3c:e5:c7:9f:16:ac:d6:81:d2:cb:
f9:71:26:f8:f0:a1:3a:c3:7e:56:03:5e:37:61:a3:
08:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:35:19:94:31:DB:90:3B:5A:DD:F0:3C:CA:26:51:3C:CC:42:77:80
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/mTUZlDHbkDta3fA8yiZRPMxCd4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8d04::/32
Signature Algorithm: sha256WithRSAEncryption
70:e7:fd:d9:c6:0a:96:1c:36:c8:6c:b4:4a:e9:b8:a1:f5:47:
8c:63:b9:f4:7a:91:62:c8:a9:91:12:73:02:33:f3:7d:9c:43:
4f:03:c6:c2:43:2b:f5:1e:34:71:71:30:4d:61:c3:7a:1e:37:
df:ae:62:1c:64:49:11:66:21:b5:96:60:13:39:f6:8e:cd:64:
df:10:96:6d:6b:a8:d7:c8:ff:f9:c4:ef:bf:d8:3e:a0:f5:33:
91:8c:ee:95:d3:da:d8:20:be:18:4e:50:3f:a4:ff:29:b7:9a:
ae:b7:3c:85:a9:fc:d2:db:75:10:c1:e6:9d:a4:55:9e:5a:c4:
4b:66:86:7e:ea:31:33:82:8f:22:3b:fc:90:9d:a2:ed:f7:16:
c4:c7:7c:fc:81:7b:33:37:8d:eb:29:5f:f8:9b:3c:6c:f9:79:
4d:03:d6:42:26:08:7b:cd:75:fe:03:73:39:bf:af:13:cb:08:
6c:08:86:1f:5c:f1:40:2f:d8:8a:57:62:0c:d5:f5:0f:ea:c9:
89:9d:c2:88:1c:ed:45:8b:17:d2:ba:e3:9b:62:78:6d:79:c4:
23:e5:02:e4:c4:4a:2e:e1:d6:63:1c:91:3c:0e:26:75:6e:b0:
27:0a:65:ce:de:7d:19:62:79:26:7a:f8:62:6d:6b:42:22:05:
44:f1:94:cc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyIl3wfkmTSgVCyCPEv3EdZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjMxMjIwMTg1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTM1MTk5NDMxZGI5MDNiNWFkZGYwM2NjYTI2NTEzY2NjNDI3NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwd5gAHQgsvaD7L1hGpYl30hVdim
E1Q1v1pjtZVMhn7YAYm+tG7hqxuI5oDq1UJjacyS7DFMkVB4XoyksGS++Wr9F1Ko
BLmqUOIooFmwhS/FLfhZiwTPI9FSkTjJWNsvKBlwj1CNRsnld7ZtovFvdzaBVD34
Ejoa3mEaZL/U5WYnEJ2leASALSggigyWnlzeJ/cKXI+COmKm2o28LlMdVkJlqOO1
DGnju+lJmIGKtwW2pXcwftZzLNan1I2Oulcpl23RFQASV+e60oVDIuRMt+mmwxRd
v4NFQu6IHM6zqm/mekKoLTzlx58WrNaB0sv5cSb48KE6w35WA143YaMImwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJk1GZQx25A7Wt3wPMomUTzMQneAMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvbVRVWmxESGJrRHRhM2ZBOHlpWlJQTXhDZDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg2NBDAN
BgkqhkiG9w0BAQsFAAOCAQEAcOf92cYKlhw2yGy0Sum4ofVHjGO59HqRYsipkRJz
AjPzfZxDTwPGwkMr9R40cXEwTWHDeh43365iHGRJEWYhtZZgEzn2js1k3xCWbWuo
18j/+cTvv9g+oPUzkYzuldPa2CC+GE5QP6T/Kbearrc8han80tt1EMHmnaRVnlrE
S2aGfuoxM4KPIjv8kJ2i7fcWxMd8/IF7MzeN6ylf+Js8bPl5TQPWQiYIe811/gNz
Ob+vE8sIbAiGH1zxQC/YildiDNX1D+rJiZ3CiBztRYsX0rrjm2J4bXnEI+UC5MRK
LuHWYxyRPA4mdW6wJwplzt59GWJ5Jnr4Ym1rQiIFRPGUzA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:01:42 2024 by rpki-client on console.sobornost.net