Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/McKDgqkYCXcXbAZIiHUkIqicJ2c.roa
File: McKDgqkYCXcXbAZIiHUkIqicJ2c.roa (raw, json)
Hash identifier: GLzXRqlPbCzY6HloSmBqHi9tBpme15cgBB6VGeBBgGQ=
Subject key identifier: 31:C2:83:82:A9:18:09:77:17:6C:06:48:88:75:24:22:A8:9C:27:67
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0196FD9704E50F6A8DB349FE474B1BB6D087
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/McKDgqkYCXcXbAZIiHUkIqicJ2c.roa
Signing time: Fri 23 May 2025 14:40:54 +0000
ROA not before: Fri 23 May 2025 14:40:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 62.84.16.0/20 maxlen: 20
85.254.8.0/24 maxlen: 24
85.254.9.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
217.24.64.0/20 maxlen: 22
Validation: Failed, certificate revoked on Wed 28 May 2025 13:54:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:97:04:e5:0f:6a:8d:b3:49:fe:47:4b:1b:b6:d0:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: May 23 14:40:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31c28382a9180977176c064888752422a89c2767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3b:c1:df:c8:f0:1d:12:c1:0c:99:22:29:a4:
5a:27:4b:4e:28:f8:78:74:f9:08:a6:b6:82:ff:cf:
98:8f:05:ad:7b:be:d6:e1:50:53:4d:d7:45:a4:42:
0f:c2:68:1d:0f:55:96:d0:e1:d4:f1:a0:ed:64:95:
55:80:79:cb:22:a7:c7:93:35:2c:9a:ff:45:27:b9:
5a:58:92:a0:c1:49:df:9b:72:e0:42:51:ae:86:dc:
32:5a:ae:6b:c8:95:eb:d6:c8:a3:16:e1:d4:e0:b9:
e8:02:b9:eb:24:43:13:65:72:43:be:ae:11:3d:0f:
f7:67:40:08:27:97:96:3d:f7:d8:87:56:b6:8b:97:
ef:c3:26:ba:49:2d:93:44:e7:a1:c3:b5:4b:e0:e7:
15:b3:c0:58:4a:cc:dc:95:35:f2:bb:c7:19:37:22:
f2:60:4f:aa:40:e7:15:21:20:59:f1:49:c4:bc:13:
be:f2:b8:ff:ff:da:d8:6c:ea:cb:74:55:23:96:99:
e8:8f:87:99:9a:3b:bd:ac:be:9c:6d:68:a2:de:22:
d0:f8:44:7e:65:79:ef:0e:0b:65:4b:44:8c:97:4b:
bd:6c:db:e6:6c:f4:54:c3:1f:8a:83:1a:b8:2b:9e:
cb:d8:d0:eb:30:0a:3a:2b:6d:93:d0:0b:25:dc:9e:
ae:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C2:83:82:A9:18:09:77:17:6C:06:48:88:75:24:22:A8:9C:27:67
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/McKDgqkYCXcXbAZIiHUkIqicJ2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.16.0/20
85.254.8.0/23
85.254.11.0-85.254.15.255
85.254.117.0-85.254.119.255
217.24.64.0/20
Signature Algorithm: sha256WithRSAEncryption
86:6e:bc:7a:88:a4:d6:b1:68:9e:2c:ac:64:07:2c:22:19:1d:
56:03:af:41:13:55:82:bf:5e:0b:4b:d7:7f:ef:73:94:04:72:
fe:b6:91:9e:16:eb:9c:be:a5:5f:e6:aa:41:24:8b:0f:a6:9a:
76:0c:0c:76:e9:b1:05:2f:63:31:49:0b:2c:4d:8f:64:13:0b:
89:57:16:b4:1f:fa:0d:e6:ee:0c:0e:8d:0e:4b:a3:ce:ac:ed:
7c:a7:1b:09:12:fd:ce:0b:59:14:a1:3d:9d:0a:44:93:0a:23:
fa:e9:21:21:a8:71:43:3a:27:aa:60:6d:90:a9:c8:b2:08:8c:
d3:57:97:e5:db:16:ce:f2:f6:be:e9:8b:53:4d:d6:71:02:d4:
cd:4d:33:02:71:ac:1e:9a:25:62:70:de:f6:aa:7c:e4:99:c0:
0d:4b:d0:96:4f:0a:cf:34:8b:21:b3:be:ea:5c:3f:cb:91:50:
58:d4:81:3f:87:dd:e2:6a:6e:c6:b7:92:71:82:3c:0d:83:52:
34:92:7e:4e:bb:de:89:69:d6:e8:7e:91:da:34:6c:16:de:05:
0e:64:8b:68:ba:f1:18:8b:1f:b1:44:f2:42:db:db:15:8d:3c:
e2:ec:b1:46:14:d8:bc:ce:04:4e:a4:87:1b:43:9e:99:0e:aa:
79:f7:d3:bb
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZb9lwTlD2qNs0n+R0sbttCHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNTIzMTQ0MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWMyODM4MmE5MTgwOTc3MTc2YzA2NDg4ODc1MjQyMmE4OWMyNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjvB38jwHRLBDJkiKaRaJ0tOKPh4
dPkIpraC/8+YjwWte77W4VBTTddFpEIPwmgdD1WW0OHU8aDtZJVVgHnLIqfHkzUs
mv9FJ7laWJKgwUnfm3LgQlGuhtwyWq5ryJXr1sijFuHU4LnoArnrJEMTZXJDvq4R
PQ/3Z0AIJ5eWPffYh1a2i5fvwya6SS2TROehw7VL4OcVs8BYSszclTXyu8cZNyLy
YE+qQOcVISBZ8UnEvBO+8rj//9rYbOrLdFUjlpnoj4eZmju9rL6cbWii3iLQ+ER+
ZXnvDgtlS0SMl0u9bNvmbPRUwx+Kgxq4K57L2NDrMAo6K22T0Asl3J6ufQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDHCg4KpGAl3F2wGSIh1JCKonCdnMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTWNLRGdxa1lDWGNYYkFaSWlIVWtJcWljSjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQEPlQQAwQB
Vf4IMAwDBABV/gsDBARV/gAwDAMEAFX+dQMEA1X+cAMEBNkYQDANBgkqhkiG9w0B
AQsFAAOCAQEAhm68eoik1rFoniysZAcsIhkdVgOvQRNVgr9eC0vXf+9zlARy/raR
nhbrnL6lX+aqQSSLD6aadgwMdumxBS9jMUkLLE2PZBMLiVcWtB/6DebuDA6NDkuj
zqztfKcbCRL9zgtZFKE9nQpEkwoj+ukhIahxQzonqmBtkKnIsgiM01eX5dsWzvL2
vumLU03WcQLUzU0zAnGsHpolYnDe9qp85JnADUvQlk8KzzSLIbO+6lw/y5FQWNSB
P4fd4mpuxreScYI8DYNSNJJ+TrveiWnW6H6R2jRsFt4FDmSLaLrxGIsfsUTyQtvb
FY084uyxRhTYvM4ETqSHG0OemQ6qeffTuw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 05:13:12 2025 by rpki-client