Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mDXr9HSfpmLajWk9WVo50yjSiq0.roa
File: mDXr9HSfpmLajWk9WVo50yjSiq0.roa (raw, json)
Hash identifier: C6uIQhkoMws0rgTbFLMpDRA3j33O2Rpp/YXOiBS0lbU=
Subject key identifier: 98:35:EB:F4:74:9F:A6:62:DA:8D:69:3D:59:5A:39:D3:28:D2:8A:AD
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F92CA23ADE879C81F8D4F0CA71A1A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mDXr9HSfpmLajWk9WVo50yjSiq0.roa
Signing time: Thu 02 Jan 2025 05:49:13 +0000
ROA not before: Thu 02 Jan 2025 05:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206150
IP address blocks: 64.43.72.0/24 maxlen: 24
91.234.120.0/24 maxlen: 24
91.234.121.0/24 maxlen: 24
91.238.42.0/23 maxlen: 23
91.238.42.0/24 maxlen: 24
91.238.43.0/24 maxlen: 24
91.245.91.0/24 maxlen: 24
176.103.121.0/24 maxlen: 24
178.213.180.0/24 maxlen: 24
178.213.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 13:31:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:92:ca:23:ad:e8:79:c8:1f:8d:4f:0c:a7:1a:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9835ebf4749fa662da8d693d595a39d328d28aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e3:2a:0b:53:44:62:16:39:11:98:06:38:c6:
b5:26:38:76:7d:1e:22:95:29:73:cb:49:9e:ac:24:
ce:8c:a0:96:6b:e2:dd:b5:bf:6d:b0:3a:3c:bf:8b:
c2:8f:c3:a5:3e:42:31:db:e0:2c:c5:b7:6f:c5:45:
37:e9:eb:3f:43:e9:a9:6e:61:c1:c9:63:73:83:06:
d1:da:61:55:6c:4b:17:01:72:f5:4a:be:94:16:49:
8e:82:2d:56:bd:d5:9f:40:aa:41:44:a2:f8:c7:2b:
d1:3d:0a:dd:d4:be:8d:e3:8e:14:50:28:d3:56:c9:
65:20:e0:dc:a6:3a:ff:9a:22:a8:23:9f:69:7e:fc:
06:61:df:31:e3:04:c1:ef:b4:d6:30:b3:0d:30:02:
cd:d2:15:bb:08:91:c6:6e:36:09:cf:35:9d:f2:14:
6d:4d:1a:07:c7:5f:41:75:88:fd:3a:40:42:6a:54:
c4:fe:e8:74:92:29:97:41:dc:59:75:89:7a:2c:9f:
ce:e3:a7:25:22:e6:40:01:98:fd:08:02:27:1a:76:
f6:0c:9b:a2:12:1e:ba:d0:cd:9c:ca:79:fa:6d:65:
da:2b:fa:31:b2:cc:64:f5:82:a2:b1:0b:d1:f8:ab:
11:5b:44:fc:47:01:47:c0:31:55:f3:c5:49:22:69:
1b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:35:EB:F4:74:9F:A6:62:DA:8D:69:3D:59:5A:39:D3:28:D2:8A:AD
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mDXr9HSfpmLajWk9WVo50yjSiq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.72.0/24
91.234.120.0/23
91.238.42.0/23
91.245.91.0/24
176.103.121.0/24
178.213.180.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:5f:97:2a:70:16:c4:64:28:50:04:fa:92:ef:b3:b1:1f:ff:
a1:11:95:dc:45:f4:0a:53:69:00:3f:c8:ee:e3:9d:05:85:2c:
49:2a:4e:a1:f1:3e:67:d7:1d:8e:8c:b6:a3:c7:ae:9f:2b:2e:
99:2a:1c:23:d8:09:aa:8c:91:c5:bc:dc:fd:f7:39:45:9d:ae:
7e:9d:0f:b7:fe:ce:ff:d1:95:f0:98:5c:05:e5:4d:49:4e:b7:
d9:67:f5:89:1d:48:59:21:82:a2:8e:f9:60:20:ab:f9:e1:21:
ae:b6:1a:8c:5b:70:a1:62:2a:3a:7b:a4:c7:b5:5d:32:93:a5:
e1:60:01:8f:b3:b0:77:98:74:ee:1e:83:7e:0f:3a:1b:ce:8f:
7c:39:da:0b:76:64:ea:60:44:53:47:6e:c0:77:bb:3f:0c:c0:
c8:27:2f:df:e6:dc:fa:5c:f1:ae:ee:a7:36:22:34:26:fb:c2:
cf:46:17:02:dc:86:32:60:24:8f:49:59:28:1a:8a:f5:39:c6:
69:90:79:b5:05:d6:75:da:89:f0:6e:db:b1:1d:ad:87:23:08:
26:e0:04:35:b4:7f:ce:74:33:8e:ac:47:c2:a7:ee:b2:79:e2:
48:88:09:1d:3f:f5:9e:41:2c:b7:fa:5d:95:e1:18:1d:52:35:
b9:01:fd:5b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlj5LKI63oecgfjU8MpxoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM1ZWJmNDc0OWZhNjYyZGE4ZDY5M2Q1OTVhMzlkMzI4ZDI4YWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOMqC1NEYhY5EZgGOMa1Jjh2fR4i
lSlzy0merCTOjKCWa+Ldtb9tsDo8v4vCj8OlPkIx2+AsxbdvxUU36es/Q+mpbmHB
yWNzgwbR2mFVbEsXAXL1Sr6UFkmOgi1WvdWfQKpBRKL4xyvRPQrd1L6N444UUCjT
VsllIODcpjr/miKoI59pfvwGYd8x4wTB77TWMLMNMALN0hW7CJHGbjYJzzWd8hRt
TRoHx19BdYj9OkBCalTE/uh0kimXQdxZdYl6LJ/O46clIuZAAZj9CAInGnb2DJui
Eh660M2cynn6bWXaK/oxssxk9YKisQvR+KsRW0T8RwFHwDFV88VJImkbgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJg16/R0n6Zi2o1pPVlaOdMo0oqtMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbURYcjlIU2ZwbUxhaldrOVdWbzUweWpTaXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAQCtIAwQB
W+p4AwQBW+4qAwQAW/VbAwQAsGd5AwQBstW0MA0GCSqGSIb3DQEBCwUAA4IBAQAe
X5cqcBbEZChQBPqS77OxH/+hEZXcRfQKU2kAP8ju450FhSxJKk6h8T5n1x2OjLaj
x66fKy6ZKhwj2AmqjJHFvNz99zlFna5+nQ+3/s7/0ZXwmFwF5U1JTrfZZ/WJHUhZ
IYKijvlgIKv54SGuthqMW3ChYio6e6THtV0yk6XhYAGPs7B3mHTuHoN+Dzobzo98
OdoLdmTqYERTR27Ad7s/DMDIJy/f5tz6XPGu7qc2IjQm+8LPRhcC3IYyYCSPSVko
Gor1OcZpkHm1BdZ12onwbtuxHa2HIwgm4AQ1tH/OdDOOrEfCp+6yeeJIiAkdP/We
QSy3+l2V4RgdUjW5Af1b
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:41:33 2025 by rpki-client