Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/MpJDvh8dxB6dq5nWF4D9CoJNZMs.roa
File: MpJDvh8dxB6dq5nWF4D9CoJNZMs.roa (raw, json)
Hash identifier: XfBFQQFmw6KcCNHHnVCCs7rU/USXjNQmY4lHtUNqy/o=
Subject key identifier: 32:92:43:BE:1F:1D:C4:1E:9D:AB:99:D6:17:80:FD:0A:82:4D:64:CB
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 019461D7ABA723143036C9EBBB79FED22EA5
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/MpJDvh8dxB6dq5nWF4D9CoJNZMs.roa
Signing time: Mon 13 Jan 2025 22:45:11 +0000
ROA not before: Mon 13 Jan 2025 22:45:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214709
IP address blocks: 192.189.157.0/24 maxlen: 24
2a14:3f87:9000::/38 maxlen: 38
Validation: Failed, certificate revoked on Wed 22 Jan 2025 08:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:d7:ab:a7:23:14:30:36:c9:eb:bb:79:fe:d2:2e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Jan 13 22:45:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=329243be1f1dc41e9dab99d61780fd0a824d64cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a7:69:a7:f2:cf:3b:4c:f0:71:44:81:af:f3:
e4:04:d4:3f:80:dd:8e:85:3c:89:c3:ff:74:68:71:
cb:52:ad:f2:9d:aa:42:e4:8e:81:04:93:d2:36:a6:
62:9a:7a:e0:35:05:b9:ae:a3:02:29:c1:98:a9:21:
87:86:14:a6:42:9a:fd:e8:9f:c5:3a:6f:2d:04:ba:
76:7c:f3:8e:65:bb:5c:bb:40:d9:39:96:1b:2f:b3:
ba:0f:66:ec:4c:c8:5f:04:fa:b4:8a:ad:11:0b:9f:
22:7d:60:9d:88:c4:1f:c8:12:a6:a9:66:fb:fd:8f:
d1:30:df:48:26:2c:dc:60:01:d8:9a:ac:dd:66:2f:
70:65:ac:e5:1c:c2:fe:7d:2d:d1:4f:d3:7b:4a:38:
fa:62:48:fa:a1:52:1b:5d:29:a9:c6:a1:1c:fc:6d:
be:74:09:d6:ea:2b:80:27:1f:d5:41:52:00:fe:b4:
6b:6b:6d:31:af:32:01:4c:29:55:64:09:62:ea:30:
33:2d:99:6f:ec:76:cc:b0:d8:39:ea:34:4e:eb:ea:
d4:7e:84:1a:ed:c5:0f:cd:a3:c6:6a:ab:7f:17:4c:
aa:6f:8c:e7:41:aa:3c:6a:1c:08:8d:67:ef:9b:b5:
1c:48:0a:f3:c4:ba:93:06:d2:66:90:be:cb:20:22:
90:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:92:43:BE:1F:1D:C4:1E:9D:AB:99:D6:17:80:FD:0A:82:4D:64:CB
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/MpJDvh8dxB6dq5nWF4D9CoJNZMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.189.157.0/24
IPv6:
2a14:3f87:9000::/38
Signature Algorithm: sha256WithRSAEncryption
25:d1:9c:8f:d8:d1:d8:e4:c6:f1:9a:54:4e:b7:08:b1:ae:a3:
12:28:4e:be:07:30:48:6a:90:45:92:ef:df:e2:86:98:b2:22:
05:8c:3f:fa:07:8c:92:4b:01:07:f4:02:87:94:37:01:f2:21:
f5:fe:dc:8a:36:e0:7c:ae:fb:e3:bb:4b:c7:a9:19:e4:66:91:
2e:8d:c2:3d:ea:b7:65:34:4b:60:08:1a:b7:d9:80:c9:b6:f4:
64:25:8e:1e:df:d2:b8:7d:10:14:93:7f:f1:ca:db:29:94:e8:
d0:00:e0:0d:91:c9:7a:45:ea:a2:61:00:64:6d:d8:a6:0d:9a:
9f:f5:5a:51:6c:d4:e8:ac:f8:2d:55:49:c8:de:ec:c8:97:76:
da:3c:65:67:20:31:8c:76:c5:bd:8f:f2:46:35:03:e8:ac:1f:
46:7b:44:55:f1:c2:2a:e0:99:94:e8:e6:82:7f:59:0b:b8:60:
a9:84:74:2c:b8:57:f0:81:2d:7f:ca:da:ce:52:7e:c1:82:de:
07:1d:a7:36:be:52:78:f6:d1:5a:3c:65:a5:77:cf:7f:01:39:
cc:89:48:f9:e4:8f:2c:12:67:7e:67:63:a7:15:f4:71:75:de:
a9:58:a3:d2:e2:32:41:d6:8d:4f:f3:35:ef:e9:cb:33:86:02:
4e:fe:55:82
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZRh16unIxQwNsnru3n+0i6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjUwMTEzMjI0NTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjkyNDNiZTFmMWRjNDFlOWRhYjk5ZDYxNzgwZmQwYTgyNGQ2NGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiadpp/LPO0zwcUSBr/PkBNQ/gN2O
hTyJw/90aHHLUq3ynapC5I6BBJPSNqZimnrgNQW5rqMCKcGYqSGHhhSmQpr96J/F
Om8tBLp2fPOOZbtcu0DZOZYbL7O6D2bsTMhfBPq0iq0RC58ifWCdiMQfyBKmqWb7
/Y/RMN9IJizcYAHYmqzdZi9wZazlHML+fS3RT9N7Sjj6Ykj6oVIbXSmpxqEc/G2+
dAnW6iuAJx/VQVIA/rRra20xrzIBTClVZAli6jAzLZlv7HbMsNg56jRO6+rUfoQa
7cUPzaPGaqt/F0yqb4znQao8ahwIjWfvm7UcSArzxLqTBtJmkL7LICKQDQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDKSQ74fHcQenauZ1heA/QqCTWTLMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvTXBKRHZoOGR4QjZkcTVuV0Y0RDlDb0pOWk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwL2dMA4E
AgACMAgDBgIqFD+HkDANBgkqhkiG9w0BAQsFAAOCAQEAJdGcj9jR2OTG8ZpUTrcI
sa6jEihOvgcwSGqQRZLv3+KGmLIiBYw/+geMkksBB/QCh5Q3AfIh9f7cijbgfK77
47tLx6kZ5GaRLo3CPeq3ZTRLYAgat9mAybb0ZCWOHt/SuH0QFJN/8crbKZTo0ADg
DZHJekXqomEAZG3Ypg2an/VaUWzU6Kz4LVVJyN7syJd22jxlZyAxjHbFvY/yRjUD
6KwfRntEVfHCKuCZlOjmgn9ZC7hgqYR0LLhX8IEtf8razlJ+wYLeBx2nNr5SePbR
WjxlpXfPfwE5zIlI+eSPLBJnfmdjpxX0cXXeqVij0uIyQdaNT/M17+nLM4YCTv5V
gg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:51:15 2025 by rpki-client