Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/MTjO3FDYosMu1KsvqPnu5ku5W5Y.roa
File: MTjO3FDYosMu1KsvqPnu5ku5W5Y.roa (raw, json)
Hash identifier: fUOW/aQX93duPPomFokTU6qV2wPR155wlm2s0PAYfnQ=
Subject key identifier: 31:38:CE:DC:50:D8:A2:C3:2E:D4:AB:2F:A8:F9:EE:E6:4B:B9:5B:96
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0195EF9EB2E283CED2A1987E275414D42228
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/MTjO3FDYosMu1KsvqPnu5ku5W5Y.roa
Signing time: Tue 01 Apr 2025 04:31:49 +0000
ROA not before: Tue 01 Apr 2025 04:31:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.239.150.0/24 maxlen: 24
92.62.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 13:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ef:9e:b2:e2:83:ce:d2:a1:98:7e:27:54:14:d4:22:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Apr 1 04:31:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3138cedc50d8a2c32ed4ab2fa8f9eee64bb95b96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ad:ba:98:0a:50:5e:42:3b:cd:5c:8b:0b:d5:
a0:68:5e:27:23:d2:ac:d7:75:db:c6:54:db:a5:13:
75:8d:48:58:4f:59:28:73:81:30:50:c1:02:93:1d:
fa:4f:95:7e:aa:5b:b3:1f:ad:f5:27:71:07:3f:93:
d1:a1:6f:aa:cc:6a:ff:71:8a:4a:d0:0c:d7:a0:f6:
3d:a1:df:4d:ee:27:27:a0:5c:d9:4b:f1:86:79:28:
4b:ca:df:2d:d8:45:11:36:05:0d:9b:4a:6f:c3:5c:
f2:ca:8b:1f:91:a0:60:10:48:17:ac:c6:32:0e:bb:
2a:1e:f5:3f:6a:7a:3c:56:d3:e8:67:1a:ce:6f:7c:
1c:38:27:6f:98:ab:7b:8b:39:e2:f0:23:46:a3:3d:
02:85:a5:99:80:7e:04:9c:15:54:dd:db:cd:7b:47:
65:fc:b6:3e:e5:97:d8:83:3a:f7:c7:b5:c9:6b:70:
fc:61:cf:45:b8:e9:40:87:56:0c:ab:fa:e9:e2:c0:
42:27:3b:d9:84:1a:58:5d:95:1b:3c:24:f5:e4:21:
2a:49:fb:d9:db:d6:bf:af:db:67:68:94:87:9f:20:
50:ea:56:60:cb:57:fd:00:2e:1e:b3:c5:5a:cc:26:
f4:ca:c1:18:78:b0:c1:30:ab:11:f3:52:70:4f:08:
f0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:38:CE:DC:50:D8:A2:C3:2E:D4:AB:2F:A8:F9:EE:E6:4B:B9:5B:96
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/MTjO3FDYosMu1KsvqPnu5ku5W5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.150.0/24
92.62.253.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:b7:79:d2:0f:3f:c1:8d:35:68:57:6c:b6:28:81:6b:6d:35:
f4:f7:5e:2f:1b:17:07:4e:e1:33:a7:36:3c:82:8b:b1:5c:cd:
1e:47:2a:1d:29:ce:5f:0d:c3:54:4f:e1:5d:c1:fb:ea:90:74:
3c:47:4c:43:2a:a6:8f:df:65:38:5d:ff:95:92:25:2f:f0:03:
48:25:01:fe:d9:a9:76:e7:bb:6f:ad:f9:86:c8:33:a5:5d:8b:
64:f6:6a:92:1d:22:95:37:70:00:de:b9:b5:00:ec:c0:64:bf:
05:08:90:81:93:e0:2c:4b:49:52:d0:0c:53:cb:a0:ff:28:a3:
ea:f9:e3:a5:99:d3:94:02:32:f6:3a:ce:5f:bb:c8:78:e8:c6:
9d:9a:60:d2:ad:0c:cb:e7:c6:fc:cd:fd:bb:4b:08:e3:23:b4:
89:d8:05:70:2f:ec:95:9a:df:e4:ca:2b:7d:4b:56:3b:b4:45:
6c:44:ae:36:53:56:f4:1d:3b:db:ac:22:5d:cf:06:a4:5d:22:
23:5d:45:d1:78:d4:5c:5b:9d:d5:7f:71:73:1f:56:74:b3:6f:
af:a0:61:0c:96:dd:81:b1:1d:8f:fd:ee:db:00:89:5b:03:c8:
10:aa:2a:43:2f:1b:f0:0c:7f:c0:17:36:a1:0a:a6:90:2d:44:
35:79:d5:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXvnrLig87SoZh+J1QU1CIoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNDAxMDQzMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM4Y2VkYzUwZDhhMmMzMmVkNGFiMmZhOGY5ZWVlNjRiYjk1Yjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2a26mApQXkI7zVyLC9WgaF4nI9Ks
13XbxlTbpRN1jUhYT1koc4EwUMECkx36T5V+qluzH631J3EHP5PRoW+qzGr/cYpK
0AzXoPY9od9N7icnoFzZS/GGeShLyt8t2EURNgUNm0pvw1zyyosfkaBgEEgXrMYy
DrsqHvU/ano8VtPoZxrOb3wcOCdvmKt7izni8CNGoz0ChaWZgH4EnBVU3dvNe0dl
/LY+5ZfYgzr3x7XJa3D8Yc9FuOlAh1YMq/rp4sBCJzvZhBpYXZUbPCT15CEqSfvZ
29a/r9tnaJSHnyBQ6lZgy1f9AC4es8VazCb0ysEYeLDBMKsR81JwTwjwywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDE4ztxQ2KLDLtSrL6j57uZLuVuWMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvTVRqTzNGRFlvc011MUtzdnFQbnU1a3U1VzVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe+WAwQA
XD79MA0GCSqGSIb3DQEBCwUAA4IBAQAft3nSDz/BjTVoV2y2KIFrbTX0914vGxcH
TuEzpzY8gouxXM0eRyodKc5fDcNUT+FdwfvqkHQ8R0xDKqaP32U4Xf+VkiUv8ANI
JQH+2al257tvrfmGyDOlXYtk9mqSHSKVN3AA3rm1AOzAZL8FCJCBk+AsS0lS0AxT
y6D/KKPq+eOlmdOUAjL2Os5fu8h46MadmmDSrQzL58b8zf27SwjjI7SJ2AVwL+yV
mt/kyit9S1Y7tEVsRK42U1b0HTvbrCJdzwakXSIjXUXReNRcW53Vf3FzH1Z0s2+v
oGEMlt2BsR2P/e7bAIlbA8gQqipDLxvwDH/AFzahCqaQLUQ1edWt
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:00:01 2025 by rpki-client