Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/mjCkriOOW33iE1p9mUBVoERo7VM.roa
File: mjCkriOOW33iE1p9mUBVoERo7VM.roa (raw, json)
Hash identifier: GdsWkT/JUrA/2KmlZMVm6tkQ+9jdJr4HGO/6PR5lPOE=
Subject key identifier: 9A:30:A4:AE:23:8E:5B:7D:E2:13:5A:7D:99:40:55:A0:44:68:ED:53
Certificate issuer: /CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Certificate serial: 01947FA85880E0F23DC61E0028904FF12C5B
Authority key identifier: 50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/mjCkriOOW33iE1p9mUBVoERo7VM.roa
Signing time: Sun 19 Jan 2025 17:42:06 +0000
ROA not before: Sun 19 Jan 2025 17:42:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398748
IP address blocks: 37.228.148.0/22 maxlen: 22
37.228.148.0/24 maxlen: 24
37.228.149.0/24 maxlen: 24
37.228.150.0/24 maxlen: 24
37.228.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 23:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:a8:58:80:e0:f2:3d:c6:1e:00:28:90:4f:f1:2c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Validity
Not Before: Jan 19 17:42:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a30a4ae238e5b7de2135a7d994055a04468ed53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2d:41:ba:e9:4c:86:00:ac:4a:7e:bf:77:c1:
62:f2:96:e5:34:1d:f3:1b:35:2d:ea:75:da:32:11:
f7:35:38:28:f6:fd:c7:2e:f9:5e:49:e9:11:68:2b:
11:08:d1:14:86:a1:d5:83:84:d8:a0:f9:39:cc:96:
09:ec:e3:4c:ed:d3:fe:c9:43:2e:e0:32:50:96:ad:
35:d5:3d:4e:54:a1:be:5c:5f:f8:da:69:5c:1d:1e:
62:0a:9c:22:c4:1c:e2:4d:d8:55:83:56:d3:bf:83:
61:b3:dd:b8:e0:16:f6:de:1d:b2:e2:c4:b7:5a:a1:
3f:de:93:31:cb:d1:96:33:c5:ce:30:28:54:f9:8f:
6d:1e:f2:cc:8b:78:27:b3:fe:7e:6f:13:f0:50:e0:
ea:b0:c3:33:87:ed:dd:5a:5f:f7:9e:bd:84:e5:8a:
46:21:71:58:a6:d0:38:a1:95:2f:45:0e:df:b4:76:
37:05:63:7f:8f:a8:4c:e5:a4:fa:26:14:a7:25:ad:
74:00:9d:27:85:c2:d8:b4:45:4c:70:40:d4:61:6c:
c4:3f:ed:8e:2a:15:0f:1d:c6:80:55:1e:d9:ad:d1:
c8:6f:9f:39:94:14:15:a7:8b:e9:1d:32:d9:2a:49:
f0:9a:f6:1b:d3:aa:24:a3:48:37:8d:30:6a:78:51:
95:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:30:A4:AE:23:8E:5B:7D:E2:13:5A:7D:99:40:55:A0:44:68:ED:53
X509v3 Authority Key Identifier:
keyid:50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/mjCkriOOW33iE1p9mUBVoERo7VM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.148.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:b3:38:59:62:2d:0d:4f:02:3d:42:0d:6e:83:b2:20:70:b4:
19:86:25:67:6f:cb:d8:4b:76:1c:33:5a:4f:16:d0:f1:52:15:
0f:a9:21:b3:c0:ba:ef:c6:ef:d0:c7:01:cd:52:ba:f8:99:63:
3d:d4:91:6c:9c:07:e1:ed:f1:d6:dd:e5:75:49:7c:b8:0e:78:
a7:24:ba:b3:b4:5a:48:06:bb:4a:c7:14:b2:a6:eb:c2:fc:84:
1a:e6:41:63:df:ae:36:14:fc:cf:69:e0:33:80:f7:e1:9b:f6:
7a:cb:27:24:a2:e7:1a:7a:e8:a2:8c:c1:43:af:f1:19:cd:44:
f3:cf:11:8a:29:d8:49:2a:df:c9:e8:dc:78:94:2d:8a:b3:90:
27:2a:3f:b1:4a:97:47:61:a4:3a:60:d7:06:76:9f:a6:95:fe:
1d:1a:34:6a:a9:32:d4:64:2a:d1:e5:17:f1:54:0e:fc:07:ea:
bc:0c:a3:2c:72:a5:f7:f6:07:13:56:36:3c:8b:13:1c:3b:7d:
42:15:da:3a:22:0e:a6:6b:59:bb:73:fd:2a:9d:fb:7e:99:3e:
a3:d8:35:c2:14:55:34:d5:da:de:0a:9f:6e:2e:f8:a4:7c:4b:
c0:5a:de:5c:6a:cb:b4:9a:aa:3b:72:0a:d8:64:d6:73:af:86:
2c:1c:1f:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR/qFiA4PI9xh4AKJBP8SxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDE4MTk2YjI5ZjYwZTg1ZDg3MTJkZTQwMzlhNTMxY2Zj
MWFiMzEwHhcNMjUwMTE5MTc0MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTMwYTRhZTIzOGU1YjdkZTIxMzVhN2Q5OTQwNTVhMDQ0NjhlZDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry1BuulMhgCsSn6/d8Fi8pblNB3z
GzUt6nXaMhH3NTgo9v3HLvleSekRaCsRCNEUhqHVg4TYoPk5zJYJ7ONM7dP+yUMu
4DJQlq011T1OVKG+XF/42mlcHR5iCpwixBziTdhVg1bTv4Nhs9244Bb23h2y4sS3
WqE/3pMxy9GWM8XOMChU+Y9tHvLMi3gns/5+bxPwUODqsMMzh+3dWl/3nr2E5YpG
IXFYptA4oZUvRQ7ftHY3BWN/j6hM5aT6JhSnJa10AJ0nhcLYtEVMcEDUYWzEP+2O
KhUPHcaAVR7ZrdHIb585lBQVp4vpHTLZKknwmvYb06oko0g3jTBqeFGVNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJowpK4jjlt94hNafZlAVaBEaO1TMB8GA1UdIwQY
MBaAFFDRgZayn2DoXYcS3kA5pTHPwasxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2Et
YjRhMTgxY2Q0MGY2LzEvbWpDa3JpT09XMzNpRTFwOW1VQlZvRVJvN1ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2EtYjRhMTgxY2Q0MGY2
LzEvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJeSUMA0G
CSqGSIb3DQEBCwUAA4IBAQAfszhZYi0NTwI9Qg1ug7IgcLQZhiVnb8vYS3YcM1pP
FtDxUhUPqSGzwLrvxu/QxwHNUrr4mWM91JFsnAfh7fHW3eV1SXy4DninJLqztFpI
BrtKxxSypuvC/IQa5kFj3642FPzPaeAzgPfhm/Z6yyckoucaeuiijMFDr/EZzUTz
zxGKKdhJKt/J6Nx4lC2Ks5AnKj+xSpdHYaQ6YNcGdp+mlf4dGjRqqTLUZCrR5Rfx
VA78B+q8DKMscqX39gcTVjY8ixMcO31CFdo6Ig6ma1m7c/0qnft+mT6j2DXCFFU0
1dreCp9uLvikfEvAWt5casu0mqo7cgrYZNZzr4YsHB+n
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:10:36 2025 by rpki-client