Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/mkm73dIXvLaGZMPKELEJVRP_rRU.roa
File: mkm73dIXvLaGZMPKELEJVRP_rRU.roa (raw, json)
Hash identifier: EigNvZqip+z1BhWCHkBzMCL5JPwlQr7M6MlMg46XjFQ=
Subject key identifier: 9A:49:BB:DD:D2:17:BC:B6:86:64:C3:CA:10:B1:09:55:13:FF:AD:15
Certificate issuer: /CN=3e2bbf346ebd4aa0b76e10c58321ad33d72d519f
Certificate serial: 01941FFAAC1DAC54450D4A3A7833BA5EE8F1
Authority key identifier: 3E:2B:BF:34:6E:BD:4A:A0:B7:6E:10:C5:83:21:AD:33:D7:2D:51:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Piu_NG69SqC3bhDFgyGtM9ctUZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/mkm73dIXvLaGZMPKELEJVRP_rRU.roa
Signing time: Wed 01 Jan 2025 03:48:29 +0000
ROA not before: Wed 01 Jan 2025 03:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47777
IP address blocks: 185.160.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 23 Jan 2025 09:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:ac:1d:ac:54:45:0d:4a:3a:78:33:ba:5e:e8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e2bbf346ebd4aa0b76e10c58321ad33d72d519f
Validity
Not Before: Jan 1 03:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a49bbddd217bcb68664c3ca10b1095513ffad15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:09:f7:56:8d:b5:a5:54:fd:b3:3d:2c:2f:64:
1a:79:85:f5:27:36:ff:e8:23:c0:9e:f7:44:7f:d9:
05:1e:ec:01:8d:f2:cf:89:66:26:6e:a7:1c:f6:13:
58:80:f6:38:72:ff:c9:d1:12:40:f8:b4:84:05:a2:
4c:cb:db:70:0d:c3:cf:13:b2:3a:51:07:76:ee:b3:
9e:2f:5b:f6:f3:7d:11:6d:c1:5a:db:92:b4:d8:b3:
ae:12:f7:5b:07:79:c8:01:50:87:b2:25:ed:19:a4:
8b:62:bf:b4:eb:20:c9:80:ee:f0:d5:13:ce:55:13:
d0:ff:0f:0b:18:31:9a:9d:ec:60:e0:24:02:d8:c7:
9f:2a:99:0f:0d:9d:84:18:7c:5c:48:5a:42:97:49:
b9:ab:3d:2a:24:14:5a:33:0b:73:32:06:43:4b:be:
c5:ea:a8:66:21:39:77:4c:4f:6a:b4:b3:78:49:05:
7e:3b:e0:1f:84:4c:36:5f:8d:bf:99:41:9c:dd:b1:
e4:c3:c9:c8:01:a6:4e:df:04:95:c4:36:01:40:63:
31:d6:16:a8:57:0d:11:0a:ee:b0:68:bc:64:9e:9a:
a2:3d:6c:02:72:5b:5e:ea:0f:ce:5f:1c:fc:38:f7:
e9:f7:a7:d8:34:53:5b:ab:6f:c1:6f:d2:98:da:c3:
c2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:49:BB:DD:D2:17:BC:B6:86:64:C3:CA:10:B1:09:55:13:FF:AD:15
X509v3 Authority Key Identifier:
keyid:3E:2B:BF:34:6E:BD:4A:A0:B7:6E:10:C5:83:21:AD:33:D7:2D:51:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Piu_NG69SqC3bhDFgyGtM9ctUZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/mkm73dIXvLaGZMPKELEJVRP_rRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/Piu_NG69SqC3bhDFgyGtM9ctUZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.96.0/22
Signature Algorithm: sha256WithRSAEncryption
22:fc:e9:21:37:f9:72:94:a2:cd:16:12:d0:b6:98:5d:d0:61:
03:a8:eb:20:1e:eb:98:bf:e8:fb:e2:94:3a:ed:21:a9:83:ef:
ab:89:82:d0:d0:2f:e7:13:cc:f8:e5:52:4f:da:f1:1a:33:42:
d0:df:12:d1:fb:79:2f:05:0c:25:2d:ec:45:5c:83:76:76:3a:
65:17:93:5f:36:bc:9a:26:ce:2e:01:81:a9:84:62:ab:39:95:
d0:ec:0c:70:58:26:06:6d:9c:69:29:46:6f:22:53:29:35:0d:
b8:e2:0e:ea:02:c1:b6:bc:56:d0:57:a1:a7:2f:8c:4f:e7:fa:
f1:57:1f:3f:d9:3f:0c:b1:cd:4f:d9:70:7b:0d:eb:ca:31:fc:
32:bf:15:ec:50:e6:d0:ac:f0:21:2c:50:4f:86:df:0c:19:19:
b0:39:1b:01:d7:4e:14:f3:4f:22:73:36:b9:d7:7c:36:1b:30:
6d:c5:07:21:02:e7:ac:49:e0:5c:c2:d7:b4:96:84:eb:db:7b:
4c:f4:f6:53:fc:db:44:71:ca:cd:9e:ba:bc:64:8e:7b:26:fb:
27:85:1f:60:1a:f1:ec:eb:36:48:70:30:38:61:81:5c:ae:57:
c9:05:21:71:ef:c1:ba:c5:e2:98:c4:1d:c1:f1:74:9a:a6:7f:
c7:85:e2:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+qwdrFRFDUo6eDO6XujxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMmJiZjM0NmViZDRhYTBiNzZlMTBjNTgzMjFhZDMzZDcy
ZDUxOWYwHhcNMjUwMTAxMDM0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQ5YmJkZGQyMTdiY2I2ODY2NGMzY2ExMGIxMDk1NTEzZmZhZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gn3Vo21pVT9sz0sL2QaeYX1Jzb/
6CPAnvdEf9kFHuwBjfLPiWYmbqcc9hNYgPY4cv/J0RJA+LSEBaJMy9twDcPPE7I6
UQd27rOeL1v2830RbcFa25K02LOuEvdbB3nIAVCHsiXtGaSLYr+06yDJgO7w1RPO
VRPQ/w8LGDGanexg4CQC2MefKpkPDZ2EGHxcSFpCl0m5qz0qJBRaMwtzMgZDS77F
6qhmITl3TE9qtLN4SQV+O+AfhEw2X42/mUGc3bHkw8nIAaZO3wSVxDYBQGMx1hao
Vw0RCu6waLxknpqiPWwCclte6g/OXxz8OPfp96fYNFNbq2/Bb9KY2sPCCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpJu93SF7y2hmTDyhCxCVUT/60VMB8GA1UdIwQY
MBaAFD4rvzRuvUqgt24QxYMhrTPXLVGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGl1X05HNjlTcUMzYmhERmd5R3RNOWN0VVo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYzUxY2ItZGUwYy00ODgxLWIwYjEt
MWFhMjc3ZGYzNzY5LzEvbWttNzNkSVh2TGFHWk1QS0VMRUpWUlBfclJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iYzUxY2ItZGUwYy00ODgxLWIwYjEtMWFhMjc3ZGYzNzY5
LzEvUGl1X05HNjlTcUMzYmhERmd5R3RNOWN0VVo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaBgMA0G
CSqGSIb3DQEBCwUAA4IBAQAi/OkhN/lylKLNFhLQtphd0GEDqOsgHuuYv+j74pQ6
7SGpg++riYLQ0C/nE8z45VJP2vEaM0LQ3xLR+3kvBQwlLexFXIN2djplF5NfNrya
Js4uAYGphGKrOZXQ7AxwWCYGbZxpKUZvIlMpNQ244g7qAsG2vFbQV6GnL4xP5/rx
Vx8/2T8Msc1P2XB7DevKMfwyvxXsUObQrPAhLFBPht8MGRmwORsB104U808icza5
13w2GzBtxQchAuesSeBcwte0loTr23tM9PZT/NtEccrNnrq8ZI57JvsnhR9gGvHs
6zZIcDA4YYFcrlfJBSFx78G6xeKYxB3B8XSapn/HheIs
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:01 2025 by rpki-client