Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/vMtZPJ4kUtksr6gLcXUeBnehIhI.roa
File: vMtZPJ4kUtksr6gLcXUeBnehIhI.roa (raw, json)
Hash identifier: DdRgp6Qkh05LfzmrfBTFEBFoxp7FvSvhk/CzDJr5MWg=
Subject key identifier: BC:CB:59:3C:9E:24:52:D9:2C:AF:A8:0B:71:75:1E:06:77:A1:22:12
Certificate issuer: /CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Certificate serial: 0194258F80516FB8086CFA2EB93C305BD721
Authority key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/vMtZPJ4kUtksr6gLcXUeBnehIhI.roa
Signing time: Thu 02 Jan 2025 05:49:09 +0000
ROA not before: Thu 02 Jan 2025 05:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12481
IP address blocks: 5.100.232.0/21 maxlen: 21
94.142.144.0/21 maxlen: 21
212.103.192.0/19 maxlen: 19
Validation: Failed, certificate revoked on Thu 27 Mar 2025 09:37:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:80:51:6f:b8:08:6c:fa:2e:b9:3c:30:5b:d7:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Validity
Not Before: Jan 2 05:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bccb593c9e2452d92cafa80b71751e0677a12212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0d:6e:d8:1a:92:c0:41:ed:bb:e7:51:10:b4:
c2:c3:b5:34:bc:cb:b2:7d:b8:73:c5:b6:73:19:96:
b3:59:31:94:2e:e3:09:ef:89:fb:8f:5f:ca:f5:cb:
aa:8e:af:84:72:b4:42:0c:20:fe:d4:18:a9:b4:92:
e1:97:8a:00:c5:af:af:1b:c9:a6:2d:d4:60:2a:e3:
a2:8a:08:ca:26:67:2f:fe:b9:b8:56:fb:ee:35:f4:
2b:29:02:97:44:13:d5:2c:c9:4f:5a:e0:84:89:a9:
ef:b3:10:71:55:8b:e0:93:9b:1a:47:73:fc:94:78:
a8:74:f9:c8:a9:7a:f4:0e:72:1d:5a:10:04:a6:3b:
e5:b7:f2:2b:a6:c0:23:d9:a5:ee:e5:e5:dc:b0:fe:
d8:5b:8d:62:72:20:51:ff:78:4e:4b:c7:d9:55:a9:
59:dc:88:20:9b:f5:e0:f4:2f:97:d0:15:73:94:a6:
7b:86:e0:d2:63:1e:8e:8f:e2:1c:72:de:46:3b:14:
b2:c8:c0:af:7d:8d:a4:ac:76:4b:b8:8d:ca:e3:16:
2d:30:28:84:a0:d6:0e:d2:b0:33:e1:28:ec:d7:77:
f8:84:89:b8:af:31:8c:fb:6b:63:bf:7f:d1:48:d3:
9f:07:42:f5:cd:63:e1:25:25:53:c8:2f:8b:59:1d:
3b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:CB:59:3C:9E:24:52:D9:2C:AF:A8:0B:71:75:1E:06:77:A1:22:12
X509v3 Authority Key Identifier:
keyid:31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/vMtZPJ4kUtksr6gLcXUeBnehIhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.232.0/21
94.142.144.0/21
212.103.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:cf:5a:35:f5:5d:6b:8e:de:8d:d7:4d:18:54:25:20:31:65:
84:24:26:b9:0d:8a:ce:44:44:8e:32:3e:f6:23:88:34:ad:3a:
02:e7:b3:4e:30:37:24:a5:3a:2e:d6:06:97:5d:6a:a2:6c:01:
a7:9f:a3:f1:5a:8c:33:39:da:00:87:f8:9c:ab:73:f3:67:2a:
7f:8d:92:8d:9d:2f:f0:7d:e6:81:df:3f:fa:9c:d2:c4:2e:1d:
40:87:e2:2e:5a:28:02:ff:d4:d8:ae:98:97:d1:35:08:58:2e:
0d:5b:92:33:b9:23:fb:7b:4c:69:b3:1c:32:95:ce:d5:87:77:
27:59:3d:3d:27:50:40:8e:1f:e4:2e:04:04:57:24:fb:7a:21:
d1:3f:b6:c8:bd:d9:b0:30:b9:e6:ef:a6:49:b9:1e:da:f2:88:
7a:f4:e7:2c:fa:aa:27:fd:d1:96:86:d5:9e:72:27:64:72:63:
cc:84:f1:99:94:5c:85:05:15:71:07:97:23:19:ad:b7:96:9f:
05:31:56:66:e5:ad:cc:db:d8:94:1c:0d:ce:c8:55:d6:16:ba:
37:ff:63:48:74:21:4c:49:33:7b:45:2e:e1:76:83:0c:2b:c5:
ac:b0:62:00:de:52:45:b0:bf:c2:6a:0f:13:4b:7a:ff:3d:ec:
c7:05:63:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQlj4BRb7gIbPouuTwwW9chMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjBmNjRjNjlkMzMwYjY2ZWJjZDAzYTliZjBmZGMxOWYz
MTQ3ZDgwHhcNMjUwMTAyMDU0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2NiNTkzYzllMjQ1MmQ5MmNhZmE4MGI3MTc1MWUwNjc3YTEyMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg1u2BqSwEHtu+dRELTCw7U0vMuy
fbhzxbZzGZazWTGULuMJ74n7j1/K9cuqjq+EcrRCDCD+1BiptJLhl4oAxa+vG8mm
LdRgKuOiigjKJmcv/rm4VvvuNfQrKQKXRBPVLMlPWuCEianvsxBxVYvgk5saR3P8
lHiodPnIqXr0DnIdWhAEpjvlt/IrpsAj2aXu5eXcsP7YW41iciBR/3hOS8fZValZ
3Iggm/Xg9C+X0BVzlKZ7huDSYx6Oj+Icct5GOxSyyMCvfY2krHZLuI3K4xYtMCiE
oNYO0rAz4Sjs13f4hIm4rzGM+2tjv3/RSNOfB0L1zWPhJSVTyC+LWR07uQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLzLWTyeJFLZLK+oC3F1HgZ3oSISMB8GA1UdIwQY
MBaAFDGw9kxp0zC2brzQOpvw/cGfMUfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAt
ZDQ5MzQ0OTNhNjc5LzEvdk10WlBKNGtVdGtzcjZnTGNYVWVCbmVoSWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAtZDQ5MzQ0OTNhNjc5
LzEvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBWToAwQD
Xo6QAwQF1GfAMA0GCSqGSIb3DQEBCwUAA4IBAQB7z1o19V1rjt6N100YVCUgMWWE
JCa5DYrORESOMj72I4g0rToC57NOMDckpTou1gaXXWqibAGnn6PxWowzOdoAh/ic
q3PzZyp/jZKNnS/wfeaB3z/6nNLELh1Ah+IuWigC/9TYrpiX0TUIWC4NW5IzuSP7
e0xpsxwylc7Vh3cnWT09J1BAjh/kLgQEVyT7eiHRP7bIvdmwMLnm76ZJuR7a8oh6
9Ocs+qon/dGWhtWecidkcmPMhPGZlFyFBRVxB5cjGa23lp8FMVZm5a3M29iUHA3O
yFXWFro3/2NIdCFMSTN7RS7hdoMMK8WssGIA3lJFsL/Cag8TS3r/PezHBWOi
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:51:11 2025 by rpki-client