Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Mbf4Dwgv4F1VeFV8RtnsqImFQGA.roa
File: Mbf4Dwgv4F1VeFV8RtnsqImFQGA.roa (raw, json)
Hash identifier: 7rgc71sS7E8NowaT/JXHV9nochtTuLEamVzxoRvQOak=
Subject key identifier: 31:B7:F8:0F:08:2F:E0:5D:55:78:55:7C:46:D9:EC:A8:89:85:40:60
Certificate issuer: /CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Certificate serial: 0194258F4E25FDC6A241C2098B708ED84827
Authority key identifier: 4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Mbf4Dwgv4F1VeFV8RtnsqImFQGA.roa
Signing time: Thu 02 Jan 2025 05:48:56 +0000
ROA not before: Thu 02 Jan 2025 05:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209718
IP address blocks: 2001:678:c44::/48 maxlen: 48
2001:678:c6c::/48 maxlen: 48
2001:67c:2908::/48 maxlen: 48
2001:67c:2ea8::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 05 Jan 2025 00:10:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:4e:25:fd:c6:a2:41:c2:09:8b:70:8e:d8:48:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eaf14b67e051cfbd5e1b1d51693d44682392792
Validity
Not Before: Jan 2 05:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31b7f80f082fe05d5578557c46d9eca889854060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:cb:9c:76:15:d8:4b:38:d7:3e:6e:d3:b4:d7:
c8:25:85:95:3f:a3:53:7c:57:f7:71:fb:1a:45:6e:
b5:8b:03:8b:62:42:7a:e2:17:68:6d:0a:8f:fb:8f:
8f:0f:41:d5:26:c8:1f:69:60:55:3f:d6:62:4b:82:
4c:49:aa:b0:f0:6f:a0:f9:d7:7a:e8:b3:36:e5:44:
fb:92:e7:a5:b9:0c:65:d2:6d:89:71:6b:1b:30:2c:
44:e9:72:16:2e:91:50:54:52:0d:68:a2:a4:91:d8:
57:3f:06:b2:08:a8:37:ea:e2:b4:4a:ed:aa:1c:96:
20:d4:fd:09:0c:c8:bb:b2:67:93:bf:d1:71:c7:65:
d5:73:92:8e:7f:06:ee:18:ad:cf:71:a4:ea:98:94:
6a:0c:d0:54:ba:a8:92:3f:14:f3:2f:43:19:3e:30:
b0:2d:8d:70:f5:b7:02:a5:9d:1f:2b:ce:25:81:69:
ef:ab:bb:2d:6b:6a:a9:4b:53:dc:10:fb:90:f7:85:
48:a3:2b:f6:60:9e:22:8d:1e:3f:37:09:b8:d5:ba:
06:f6:69:02:d5:6b:cd:cc:18:d8:6d:1a:e6:aa:9f:
a3:1c:d4:fc:88:e6:51:40:cb:3c:d5:e2:df:fc:a0:
f7:22:1d:91:14:27:d5:5c:8d:df:c7:cd:a6:d3:2e:
e9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B7:F8:0F:08:2F:E0:5D:55:78:55:7C:46:D9:EC:A8:89:85:40:60
X509v3 Authority Key Identifier:
keyid:4E:AF:14:B6:7E:05:1C:FB:D5:E1:B1:D5:16:93:D4:46:82:39:27:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tq8Utn4FHPvV4bHVFpPURoI5J5I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Mbf4Dwgv4F1VeFV8RtnsqImFQGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/8cf51c-54d7-4c3a-90c4-bd512ed58f78/1/Tq8Utn4FHPvV4bHVFpPURoI5J5I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:c44::/48
2001:678:c6c::/48
2001:67c:2908::/48
2001:67c:2ea8::/48
Signature Algorithm: sha256WithRSAEncryption
84:f0:54:0f:7d:3b:36:58:b1:55:3d:30:38:48:35:72:f9:98:
30:b1:7e:51:c2:e8:19:bb:2a:ed:9f:18:68:f6:b2:9d:31:ed:
3f:59:4d:cf:05:28:d8:61:b2:b9:0c:bb:77:9d:66:a5:17:5d:
3d:49:de:32:4c:e9:eb:7d:81:3b:e9:67:5f:97:2f:2f:65:0e:
a9:17:61:d8:b6:bb:dd:bc:f2:1c:f1:cd:94:df:42:be:52:20:
cb:37:f9:a3:ea:e5:af:a4:31:c7:b6:fd:57:13:55:37:17:a6:
3b:58:e6:e7:e6:37:68:d1:fe:7d:98:0d:93:46:0d:17:5e:cb:
4c:6d:5b:45:b6:dc:49:41:b9:8a:dd:27:ef:f4:cb:a7:84:de:
09:47:88:a9:6b:bb:ed:6e:25:70:76:ae:22:cf:54:16:ed:96:
10:e9:74:25:51:e6:aa:da:b8:4c:de:be:a6:52:5d:9b:97:af:
8a:60:8f:3e:62:9f:44:10:6f:b2:d8:09:75:4a:fb:00:8e:ff:
e0:40:e0:ef:7f:17:65:20:13:07:e3:14:ed:e4:fb:97:32:93:
e2:fa:08:a5:93:b2:f0:50:44:82:32:fa:39:1d:52:cd:f1:31:
17:b2:c3:14:45:62:9a:60:cd:03:0f:cb:1c:80:43:a0:48:b2:
a2:16:70:00
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQlj04l/caiQcIJi3CO2EgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYWYxNGI2N2UwNTFjZmJkNWUxYjFkNTE2OTNkNDQ2ODIz
OTI3OTIwHhcNMjUwMTAyMDU0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI3ZjgwZjA4MmZlMDVkNTU3ODU1N2M0NmQ5ZWNhODg5ODU0MDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sucdhXYSzjXPm7TtNfIJYWVP6NT
fFf3cfsaRW61iwOLYkJ64hdobQqP+4+PD0HVJsgfaWBVP9ZiS4JMSaqw8G+g+dd6
6LM25UT7kueluQxl0m2JcWsbMCxE6XIWLpFQVFINaKKkkdhXPwayCKg36uK0Su2q
HJYg1P0JDMi7smeTv9Fxx2XVc5KOfwbuGK3PcaTqmJRqDNBUuqiSPxTzL0MZPjCw
LY1w9bcCpZ0fK84lgWnvq7sta2qpS1PcEPuQ94VIoyv2YJ4ijR4/Nwm41boG9mkC
1WvNzBjYbRrmqp+jHNT8iOZRQMs81eLf/KD3Ih2RFCfVXI3fx82m0y7p8wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDG3+A8IL+BdVXhVfEbZ7KiJhUBgMB8GA1UdIwQY
MBaAFE6vFLZ+BRz71eGx1RaT1EaCOSeSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQt
YmQ1MTJlZDU4Zjc4LzEvTWJmNER3Z3Y0RjFWZUZWOFJ0bnNxSW1GUUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS84Y2Y1MWMtNTRkNy00YzNhLTkwYzQtYmQ1MTJlZDU4Zjc4
LzEvVHE4VXRuNEZIUHZWNGJIVkZwUFVSb0k1SjVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAxE
AwcAIAEGeAxsAwcAIAEGfCkIAwcAIAEGfC6oMA0GCSqGSIb3DQEBCwUAA4IBAQCE
8FQPfTs2WLFVPTA4SDVy+ZgwsX5RwugZuyrtnxho9rKdMe0/WU3PBSjYYbK5DLt3
nWalF109Sd4yTOnrfYE76Wdfly8vZQ6pF2HYtrvdvPIc8c2U30K+UiDLN/mj6uWv
pDHHtv1XE1U3F6Y7WObn5jdo0f59mA2TRg0XXstMbVtFttxJQbmK3Sfv9MunhN4J
R4ipa7vtbiVwdq4iz1QW7ZYQ6XQlUeaq2rhM3r6mUl2bl6+KYI8+Yp9EEG+y2Al1
SvsAjv/gQODvfxdlIBMH4xTt5PuXMpPi+gilk7LwUESCMvo5HVLN8TEXssMURWKa
YM0DD8scgEOgSLKiFnAA
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:35:33 2025 by rpki-client