Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/mcfKaSPGmcKw50ohHVDHwNmrizs.roa
File: mcfKaSPGmcKw50ohHVDHwNmrizs.roa (raw, json)
Hash identifier: qQgaDi1y0HEl5ffZoVJIR34PG100S0UGETt67OGC7Ac=
Subject key identifier: 99:C7:CA:69:23:C6:99:C2:B0:E7:4A:21:1D:50:C7:C0:D9:AB:8B:3B
Certificate issuer: /CN=eae2653179cafe5ff6651c6058b67ad2d2c8485e
Certificate serial: 0193B5366A0082703CDB4B5C1048D3CB0B49
Authority key identifier: EA:E2:65:31:79:CA:FE:5F:F6:65:1C:60:58:B6:7A:D2:D2:C8:48:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/mcfKaSPGmcKw50ohHVDHwNmrizs.roa
Signing time: Wed 11 Dec 2024 10:14:22 +0000
ROA not before: Wed 11 Dec 2024 10:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213291
IP address blocks: 195.242.7.0/24 maxlen: 24
195.242.8.0/21 maxlen: 24
195.242.16.0/20 maxlen: 24
2a13:5947::/40 maxlen: 48
2a13:5947:130::/48 maxlen: 48
2a13:5947:150::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:36:6a:00:82:70:3c:db:4b:5c:10:48:d3:cb:0b:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eae2653179cafe5ff6651c6058b67ad2d2c8485e
Validity
Not Before: Dec 11 10:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99c7ca6923c699c2b0e74a211d50c7c0d9ab8b3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7c:d0:9c:c0:d2:e2:50:34:d6:21:d6:32:f8:
a0:ac:da:85:87:36:15:ca:02:f6:8a:92:a1:8c:d6:
4d:a4:26:7b:01:47:61:d6:41:92:3a:47:fe:79:7e:
a2:ba:5b:c3:64:c9:70:b9:d4:89:e2:8d:3b:73:d8:
e8:1d:54:21:26:a0:de:ad:27:f3:04:4f:f2:c9:d4:
78:fc:58:ea:1f:38:03:2c:f7:df:d6:c6:9e:d4:b9:
b8:05:d9:58:2f:0f:02:f5:8c:be:73:c6:82:6a:2c:
10:b3:65:79:b5:13:fd:87:30:64:d5:1c:71:2c:38:
dc:1f:e4:78:a5:af:69:1b:a8:22:91:b5:fb:18:e4:
d2:eb:cf:89:26:99:df:2e:dd:cb:80:ce:a0:ce:36:
80:af:ec:1b:fd:40:46:4d:6d:01:8a:7f:28:a1:b2:
95:d5:a8:b3:76:43:6a:46:63:47:99:5d:50:5f:b3:
f7:96:cb:35:17:73:48:17:4e:15:5d:7d:29:a9:92:
9d:d5:7c:0f:3b:77:7f:09:bd:93:57:43:e7:fe:71:
9a:a2:7e:aa:0c:5f:dc:a2:8b:d0:89:d0:ca:78:f3:
87:69:f4:07:e9:02:4a:83:c1:11:34:2e:d2:ce:d6:
7e:47:80:2c:fb:e4:f4:ac:7b:d9:31:d4:cb:ed:e0:
20:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C7:CA:69:23:C6:99:C2:B0:E7:4A:21:1D:50:C7:C0:D9:AB:8B:3B
X509v3 Authority Key Identifier:
keyid:EA:E2:65:31:79:CA:FE:5F:F6:65:1C:60:58:B6:7A:D2:D2:C8:48:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6uJlMXnK_l_2ZRxgWLZ60tLISF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/mcfKaSPGmcKw50ohHVDHwNmrizs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/19e9c5-82e2-438b-a0e9-992d797f4bbb/1/6uJlMXnK_l_2ZRxgWLZ60tLISF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.7.0-195.242.31.255
IPv6:
2a13:5947::/40
2a13:5947:130::/48
2a13:5947:150::/48
Signature Algorithm: sha256WithRSAEncryption
0f:fa:50:7a:37:4a:c9:5d:7b:d7:22:34:87:27:c1:2f:b7:b0:
33:e8:42:10:87:8c:fa:fd:6e:e4:e9:3f:96:de:9c:99:dc:50:
4f:5d:4d:52:31:5f:ef:3a:6f:f1:4b:e9:a1:a1:e1:ad:12:bd:
3a:05:50:6f:99:04:29:5d:09:02:22:31:54:cb:cc:5f:bb:73:
4c:9d:a5:fd:e8:e7:e3:94:fc:2b:be:f1:11:a6:70:06:be:64:
63:00:0d:76:d3:a2:1a:2d:00:7a:bb:55:50:d2:bc:f7:38:dd:
cf:35:ef:eb:f9:68:8c:e1:9c:f0:dd:b0:32:98:c7:d0:aa:45:
76:a3:76:49:39:1e:cb:ef:6f:d7:f8:f1:37:be:56:00:69:22:
af:fe:6a:b0:ce:95:20:80:f1:46:78:a7:06:0c:ea:1f:54:fc:
ed:54:fb:44:83:11:cc:5f:e5:14:cc:9f:1e:7b:07:40:7b:98:
3f:3c:72:a4:b8:42:19:65:f8:81:b1:de:74:35:45:e3:33:cd:
89:82:11:73:ab:d6:17:cb:f9:9d:5f:98:a1:93:8b:34:a1:0a:
dd:42:46:c1:f2:23:77:c0:78:eb:e0:30:55:40:e3:e5:2d:40:
ad:73:8f:09:f7:b5:f6:2c:9f:2c:81:51:c9:86:39:97:a6:39:
9f:4a:23:f2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZO1NmoAgnA820tcEEjTywtJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZTI2NTMxNzljYWZlNWZmNjY1MWM2MDU4YjY3YWQyZDJj
ODQ4NWUwHhcNMjQxMjExMTAxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWM3Y2E2OTIzYzY5OWMyYjBlNzRhMjExZDUwYzdjMGQ5YWI4YjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHzQnMDS4lA01iHWMvigrNqFhzYV
ygL2ipKhjNZNpCZ7AUdh1kGSOkf+eX6iulvDZMlwudSJ4o07c9joHVQhJqDerSfz
BE/yydR4/FjqHzgDLPff1sae1Lm4BdlYLw8C9Yy+c8aCaiwQs2V5tRP9hzBk1Rxx
LDjcH+R4pa9pG6gikbX7GOTS68+JJpnfLt3LgM6gzjaAr+wb/UBGTW0Bin8oobKV
1aizdkNqRmNHmV1QX7P3lss1F3NIF04VXX0pqZKd1XwPO3d/Cb2TV0Pn/nGaon6q
DF/coovQidDKePOHafQH6QJKg8ERNC7SztZ+R4As++T0rHvZMdTL7eAgwQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJnHymkjxpnCsOdKIR1Qx8DZq4s7MB8GA1UdIwQY
MBaAFOriZTF5yv5f9mUcYFi2etLSyEheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnVKbE1YbktfbF8yWlJ4Z1dMWjYwdExJU0Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xOWU5YzUtODJlMi00MzhiLWEwZTkt
OTkyZDc5N2Y0YmJiLzEvbWNmS2FTUEdtY0t3NTBvaEhWREh3Tm1yaXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xOWU5YzUtODJlMi00MzhiLWEwZTktOTkyZDc5N2Y0YmJi
LzEvNnVKbE1YbktfbF8yWlJ4Z1dMWjYwdExJU0Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAUBAIAATAOMAwDBADD8gcD
BAXD8gAwIAQCAAIwGgMGACoTWUcAAwcAKhNZRwEwAwcAKhNZRwFQMA0GCSqGSIb3
DQEBCwUAA4IBAQAP+lB6N0rJXXvXIjSHJ8Evt7Az6EIQh4z6/W7k6T+W3pyZ3FBP
XU1SMV/vOm/xS+mhoeGtEr06BVBvmQQpXQkCIjFUy8xfu3NMnaX96OfjlPwrvvER
pnAGvmRjAA1206IaLQB6u1VQ0rz3ON3PNe/r+WiM4Zzw3bAymMfQqkV2o3ZJOR7L
72/X+PE3vlYAaSKv/mqwzpUggPFGeKcGDOofVPztVPtEgxHMX+UUzJ8eewdAe5g/
PHKkuEIZZfiBsd50NUXjM82JghFzq9YXy/mdX5ihk4s0oQrdQkbB8iN3wHjr4DBV
QOPlLUCtc48J97X2LJ8sgVHJhjmXpjmfSiPy
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:07:17 2025 by rpki-client