Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mfoGPNi4azf3MK8LPjIHrPp84hE.roa
File: mfoGPNi4azf3MK8LPjIHrPp84hE.roa (raw, json)
Hash identifier: DfV/0WB4twivvOOKoTFiHH1lYaupkAc5oLWUhNoKOM8=
Subject key identifier: 99:FA:06:3C:D8:B8:6B:37:F7:30:AF:0B:3E:32:07:AC:FA:7C:E2:11
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0194B88624F83B07DF0F41A259E697F23FF0
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mfoGPNi4azf3MK8LPjIHrPp84hE.roa
Signing time: Thu 30 Jan 2025 18:43:06 +0000
ROA not before: Thu 30 Jan 2025 18:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207108
IP address blocks: 2a13:e040::/29 maxlen: 29
2a14:1100::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
2a14:6a40::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 19 Mar 2025 13:14:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b8:86:24:f8:3b:07:df:0f:41:a2:59:e6:97:f2:3f:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jan 30 18:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99fa063cd8b86b37f730af0b3e3207acfa7ce211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:59:2c:78:d6:4a:d5:f1:db:e4:87:72:c4:70:
34:ad:83:cd:9d:a5:d3:7a:2e:36:e5:48:9c:83:08:
ec:5c:1f:7b:8b:e5:9c:36:6c:11:4b:ea:6d:da:c2:
42:79:37:29:16:15:2f:a7:95:9f:7a:dd:17:6f:dc:
00:ff:96:e8:6f:40:79:32:f6:64:29:81:4d:7c:5d:
70:10:a1:f0:8a:f0:df:11:15:1f:95:19:35:26:72:
fe:93:12:e3:cf:dc:31:0a:18:43:45:bd:f6:c4:1e:
02:13:21:91:0c:9b:a1:47:7e:56:e7:09:6e:2c:24:
db:37:c0:ba:2f:88:74:2e:af:aa:8f:db:52:24:2e:
53:04:47:ff:d8:b1:c9:89:3b:d1:3d:86:a8:33:7f:
15:bd:b3:db:92:91:54:0f:7c:0d:21:3b:70:57:7d:
d2:5d:05:ad:95:ef:e8:f0:f6:05:c5:39:24:07:62:
e6:d2:cd:e9:33:dd:4b:20:be:a8:05:50:1a:4d:34:
5f:51:b2:41:da:87:fa:30:4e:4b:db:17:19:64:cd:
39:1e:78:a2:45:4b:1b:e1:2e:30:97:aa:ba:7d:bd:
8c:57:e6:54:02:f6:90:f5:51:93:48:c3:5a:6c:7a:
54:9a:4e:4d:fb:f3:f9:d5:98:27:ae:e6:0b:ee:98:
07:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FA:06:3C:D8:B8:6B:37:F7:30:AF:0B:3E:32:07:AC:FA:7C:E2:11
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/mfoGPNi4azf3MK8LPjIHrPp84hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:e040::/29
2a14:1100::/29
2a14:62c0::/29
2a14:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
61:4a:dc:bc:12:50:0b:62:c2:99:d9:5c:a4:05:12:30:af:c7:
c0:3a:ce:1a:df:0d:d1:d0:79:65:8a:99:df:21:23:ea:47:15:
7b:5f:4d:2b:bb:22:95:b1:95:8d:60:71:7c:d2:39:5f:86:c7:
fc:00:ec:d8:f5:78:7c:dc:c0:50:f8:3e:4c:18:5a:dc:e2:86:
5d:b5:71:be:81:45:c4:68:7e:f2:bf:aa:56:10:44:cf:03:f7:
58:ee:bb:91:7c:ef:bb:c4:cc:d3:0a:2e:ba:de:1b:0b:69:d8:
b9:a0:48:c5:d3:1a:2a:58:55:97:d1:76:7a:1f:87:78:4a:c0:
6e:9c:9d:90:c4:12:23:e0:87:0e:db:4f:91:03:c8:48:ee:3a:
a9:9f:db:66:2d:df:61:07:dc:9e:50:aa:f4:6f:33:f7:b2:63:
26:36:85:80:4d:aa:e7:d7:23:d1:bf:da:d1:ac:14:f1:4a:90:
e5:02:01:71:f4:5a:dc:0b:86:03:d5:5f:6d:81:58:51:55:1a:
73:bb:29:60:51:32:47:0b:af:fa:f9:c1:4b:f0:b3:e2:61:a8:
26:9d:d1:95:30:72:08:2f:9d:ed:cd:d4:13:8e:c4:a3:54:eb:
21:e7:bc:f9:bb:0d:cc:53:4e:91:84:60:14:62:7a:ca:0d:df:
43:f6:74:30
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZS4hiT4OwffD0GiWeaX8j/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjUwMTMwMTg0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZhMDYzY2Q4Yjg2YjM3ZjczMGFmMGIzZTMyMDdhY2ZhN2NlMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVkseNZK1fHb5IdyxHA0rYPNnaXT
ei425UicgwjsXB97i+WcNmwRS+pt2sJCeTcpFhUvp5Wfet0Xb9wA/5bob0B5MvZk
KYFNfF1wEKHwivDfERUflRk1JnL+kxLjz9wxChhDRb32xB4CEyGRDJuhR35W5wlu
LCTbN8C6L4h0Lq+qj9tSJC5TBEf/2LHJiTvRPYaoM38VvbPbkpFUD3wNITtwV33S
XQWtle/o8PYFxTkkB2Lm0s3pM91LIL6oBVAaTTRfUbJB2of6ME5L2xcZZM05Hnii
RUsb4S4wl6q6fb2MV+ZUAvaQ9VGTSMNabHpUmk5N+/P51ZgnruYL7pgHAwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJn6BjzYuGs39zCvCz4yB6z6fOIRMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvbWZvR1BOaTRhemYzTUs4TFBqSUhyUHA4NGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhPgQAMF
AyoUEQADBQMqFGLAAwUDKhRqQDANBgkqhkiG9w0BAQsFAAOCAQEAYUrcvBJQC2LC
mdlcpAUSMK/HwDrOGt8N0dB5ZYqZ3yEj6kcVe19NK7silbGVjWBxfNI5X4bH/ADs
2PV4fNzAUPg+TBha3OKGXbVxvoFFxGh+8r+qVhBEzwP3WO67kXzvu8TM0wouut4b
C2nYuaBIxdMaKlhVl9F2eh+HeErAbpydkMQSI+CHDttPkQPISO46qZ/bZi3fYQfc
nlCq9G8z97JjJjaFgE2q59cj0b/a0awU8UqQ5QIBcfRa3AuGA9VfbYFYUVUac7sp
YFEyRwuv+vnBS/Cz4mGoJp3RlTByCC+d7c3UE47Eo1TrIee8+bsNzFNOkYRgFGJ6
yg3fQ/Z0MA==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:44:37 2025 by rpki-client