Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e8b85a-f375-4771-af3d-125e1e1f159b/1/mdx24I47LUpm9Pq1grBe3DPYLWw.roa
File: mdx24I47LUpm9Pq1grBe3DPYLWw.roa (raw, json)
Hash identifier: 4XHVJL3mQcZ8/FkcL/+HBdp2cGET+kN9MV8X7EvIl4M=
Subject key identifier: 99:DC:76:E0:8E:3B:2D:4A:66:F4:FA:B5:82:B0:5E:DC:33:D8:2D:6C
Certificate issuer: /CN=79e376c8e490d28620c24f97e2b933d62fd0238b
Certificate serial: 0195D262434C5F71385C4ECA98CA3129CE38
Authority key identifier: 79:E3:76:C8:E4:90:D2:86:20:C2:4F:97:E2:B9:33:D6:2F:D0:23:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eeN2yOSQ0oYgwk-X4rkz1i_QI4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e8b85a-f375-4771-af3d-125e1e1f159b/1/mdx24I47LUpm9Pq1grBe3DPYLWw.roa
Signing time: Wed 26 Mar 2025 12:16:49 +0000
ROA not before: Wed 26 Mar 2025 12:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58277
IP address blocks: 185.247.220.0/22 maxlen: 22
185.247.221.0/24 maxlen: 24
185.247.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 15:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d2:62:43:4c:5f:71:38:5c:4e:ca:98:ca:31:29:ce:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79e376c8e490d28620c24f97e2b933d62fd0238b
Validity
Not Before: Mar 26 12:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99dc76e08e3b2d4a66f4fab582b05edc33d82d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:51:db:9c:1a:9e:69:fa:0d:ff:a5:d5:d2:54:
fb:50:56:20:4e:ae:3a:38:1f:85:eb:cb:7c:d1:73:
ec:85:ce:bb:ad:87:3c:b2:f9:50:60:23:2c:4d:36:
49:c2:1f:74:fe:75:2e:e5:6e:5a:fe:06:85:28:31:
33:d9:3d:64:22:7d:c7:91:d1:15:7e:40:c8:88:74:
d8:32:37:66:b8:a5:62:59:30:32:d7:e9:4a:60:8c:
43:25:e1:3a:23:83:fe:72:4b:cc:87:d3:45:d3:6a:
df:9e:ae:42:2b:b8:e0:64:c4:06:73:7f:ea:89:ae:
a6:0b:aa:35:80:cd:d8:54:d5:ae:88:d4:42:49:60:
35:d6:64:50:52:72:11:f0:87:c0:81:42:2c:11:c2:
c8:5b:1c:6e:44:b6:f5:9c:7f:ef:1a:64:40:f4:8c:
fe:48:82:4d:36:cd:3d:5e:6a:a5:5b:2f:20:d0:e0:
be:1d:a7:97:69:f5:a9:82:5b:74:b3:50:fc:94:13:
05:8f:43:a9:82:16:2f:71:ba:33:04:5f:e0:65:47:
ad:f0:25:56:12:d4:95:8c:fd:18:c6:2c:39:83:09:
30:65:9c:90:3d:19:ba:99:f7:fb:9c:53:2d:b5:39:
27:21:ce:12:b9:3e:20:3c:1f:01:a1:16:2a:37:d8:
68:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DC:76:E0:8E:3B:2D:4A:66:F4:FA:B5:82:B0:5E:DC:33:D8:2D:6C
X509v3 Authority Key Identifier:
keyid:79:E3:76:C8:E4:90:D2:86:20:C2:4F:97:E2:B9:33:D6:2F:D0:23:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eeN2yOSQ0oYgwk-X4rkz1i_QI4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e8b85a-f375-4771-af3d-125e1e1f159b/1/mdx24I47LUpm9Pq1grBe3DPYLWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e8b85a-f375-4771-af3d-125e1e1f159b/1/eeN2yOSQ0oYgwk-X4rkz1i_QI4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.220.0/22
Signature Algorithm: sha256WithRSAEncryption
06:e4:f4:15:de:5f:16:3a:0f:15:97:1f:7e:4c:a2:b5:5c:eb:
ae:fd:eb:46:17:3d:4b:10:cb:84:d7:4e:4e:a3:87:2a:df:9f:
5e:84:3b:5a:47:63:ea:c5:99:3b:3c:76:93:61:2c:3e:7a:be:
1c:9b:33:b5:07:04:5c:23:88:e8:ff:e8:3a:c2:78:0b:a0:cf:
65:55:04:6b:6c:c9:0d:05:d8:35:ff:38:9c:e6:67:91:aa:7f:
f5:5e:1b:18:cb:8e:ed:79:8f:73:dd:61:c3:3e:e4:18:45:0e:
b0:90:39:dc:d8:e8:b1:ec:dc:5a:1d:2a:77:f7:15:da:8e:b1:
73:26:7b:bf:1b:0b:bd:32:a0:6c:61:d8:d3:e1:04:fc:23:12:
9c:24:55:2f:00:d1:4f:69:e7:f8:d4:38:e9:ec:d4:a5:29:4c:
89:f9:3b:d3:8a:36:9c:0f:ef:b9:e0:ba:7c:eb:fd:a8:4b:fd:
33:39:a8:49:30:09:ce:3f:1d:96:c1:f2:3f:0b:da:23:3f:df:
b6:e2:e2:11:c2:04:5e:3a:4b:f5:34:ef:3b:e6:4b:b6:7e:cd:
15:9c:b8:c0:58:3c:7e:76:15:b7:5f:f8:87:1d:28:f2:40:e0:
45:8d:ac:fd:d0:fc:3a:d7:ff:ec:e4:e9:9a:e3:b6:e8:06:8a:
d1:64:9a:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXSYkNMX3E4XE7KmMoxKc44MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZTM3NmM4ZTQ5MGQyODYyMGMyNGY5N2UyYjkzM2Q2MmZk
MDIzOGIwHhcNMjUwMzI2MTIxNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWRjNzZlMDhlM2IyZDRhNjZmNGZhYjU4MmIwNWVkYzMzZDgyZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1HbnBqeafoN/6XV0lT7UFYgTq46
OB+F68t80XPshc67rYc8svlQYCMsTTZJwh90/nUu5W5a/gaFKDEz2T1kIn3HkdEV
fkDIiHTYMjdmuKViWTAy1+lKYIxDJeE6I4P+ckvMh9NF02rfnq5CK7jgZMQGc3/q
ia6mC6o1gM3YVNWuiNRCSWA11mRQUnIR8IfAgUIsEcLIWxxuRLb1nH/vGmRA9Iz+
SIJNNs09XmqlWy8g0OC+HaeXafWpglt0s1D8lBMFj0OpghYvcbozBF/gZUet8CVW
EtSVjP0Yxiw5gwkwZZyQPRm6mff7nFMttTknIc4SuT4gPB8BoRYqN9hoswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJncduCOOy1KZvT6tYKwXtwz2C1sMB8GA1UdIwQY
MBaAFHnjdsjkkNKGIMJPl+K5M9Yv0COLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWVOMnlPU1Ewb1lnd2stWDRya3oxaV9RSTRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lOGI4NWEtZjM3NS00NzcxLWFmM2Qt
MTI1ZTFlMWYxNTliLzEvbWR4MjRJNDdMVXBtOVBxMWdyQmUzRFBZTFd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lOGI4NWEtZjM3NS00NzcxLWFmM2QtMTI1ZTFlMWYxNTli
LzEvZWVOMnlPU1Ewb1lnd2stWDRya3oxaV9RSTRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuffcMA0G
CSqGSIb3DQEBCwUAA4IBAQAG5PQV3l8WOg8Vlx9+TKK1XOuu/etGFz1LEMuE105O
o4cq359ehDtaR2PqxZk7PHaTYSw+er4cmzO1BwRcI4jo/+g6wngLoM9lVQRrbMkN
Bdg1/zic5meRqn/1XhsYy47teY9z3WHDPuQYRQ6wkDnc2Oix7NxaHSp39xXajrFz
Jnu/Gwu9MqBsYdjT4QT8IxKcJFUvANFPaef41Djp7NSlKUyJ+TvTijacD++54Lp8
6/2oS/0zOahJMAnOPx2WwfI/C9ojP9+24uIRwgReOkv1NO875ku2fs0VnLjAWDx+
dhW3X/iHHSjyQOBFjaz90Pw61//s5Oma47boBorRZJpe
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:00:52 2025 by rpki-client