Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/_mf61LReycPeCgFahbKO3BxnSyw.roa
File: _mf61LReycPeCgFahbKO3BxnSyw.roa (raw, json)
Hash identifier: IQXSr9WDeaSJkxxkvxNfruxPfTzlXW+rKGbJEJ80jxQ=
Subject key identifier: FE:67:FA:D4:B4:5E:C9:C3:DE:0A:01:5A:85:B2:8E:DC:1C:67:4B:2C
Certificate issuer: /CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Certificate serial: 0193E0BA457C00E4C780AE5E71E6DFF4AC00
Authority key identifier: A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/_mf61LReycPeCgFahbKO3BxnSyw.roa
Signing time: Thu 19 Dec 2024 21:02:04 +0000
ROA not before: Thu 19 Dec 2024 21:02:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200287
IP address blocks: 80.243.234.0/24 maxlen: 24
80.243.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Dec 2024 09:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e0:ba:45:7c:00:e4:c7:80:ae:5e:71:e6:df:f4:ac:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a23224c5017d34ecdc28d0cf36442d65bef9e0a0
Validity
Not Before: Dec 19 21:02:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe67fad4b45ec9c3de0a015a85b28edc1c674b2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:1b:23:7e:e2:44:72:35:cf:ba:b4:1c:ab:1c:
97:a0:7a:45:4a:16:30:aa:6a:fb:39:19:d6:1f:ab:
5d:9c:be:85:a2:a9:17:47:d9:2e:c5:57:50:ac:fe:
c3:0c:aa:c3:55:34:02:6e:62:32:19:2d:42:aa:38:
ae:f2:2a:7e:17:a2:cc:fd:6a:7e:aa:5d:ed:b0:f1:
52:59:c9:c3:a9:2d:37:cb:f1:6e:eb:6b:00:d8:bf:
91:4e:e8:c2:4a:36:a0:59:8e:6b:07:84:b7:02:c3:
ec:75:be:9e:8b:91:4b:f4:97:ad:40:2d:32:5a:ef:
29:b3:54:9e:d9:98:ac:a6:7a:9b:c8:8e:59:15:4f:
86:26:19:72:89:4d:e1:81:9e:25:0e:f2:b8:13:6b:
63:9e:ee:62:08:22:9d:70:cf:be:64:98:31:19:0a:
b4:0a:a2:3c:fe:83:87:2e:c6:9a:90:cd:26:09:09:
7f:ac:52:dc:eb:cb:4b:c4:a8:b9:7a:8d:31:d4:1b:
ae:61:bd:64:cc:99:82:7d:23:88:7d:a0:4a:b0:71:
09:d3:31:a9:1d:5f:ab:0e:fb:55:50:1b:d7:66:05:
b4:17:bc:97:88:dd:62:e0:69:24:79:0e:8f:e2:7b:
37:b9:0b:05:64:dc:72:f6:5b:be:72:25:3a:64:c7:
c1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:67:FA:D4:B4:5E:C9:C3:DE:0A:01:5A:85:B2:8E:DC:1C:67:4B:2C
X509v3 Authority Key Identifier:
keyid:A2:32:24:C5:01:7D:34:EC:DC:28:D0:CF:36:44:2D:65:BE:F9:E0:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ojIkxQF9NOzcKNDPNkQtZb754KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/_mf61LReycPeCgFahbKO3BxnSyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/227d14-d751-4573-9919-fec8a80ed233/1/ojIkxQF9NOzcKNDPNkQtZb754KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.234.0/23
Signature Algorithm: sha256WithRSAEncryption
04:c5:2f:3c:da:46:a1:fd:7f:1b:c9:39:9c:e4:e7:63:73:00:
e1:c3:01:5d:b2:37:bc:c4:6e:bf:1a:97:a3:4b:75:ff:95:55:
12:08:24:35:1e:2c:d3:7e:52:8b:00:a9:42:e9:5d:88:6c:1b:
57:32:b5:04:23:e1:f4:f6:a1:dd:c5:c0:0a:2d:91:bb:af:c6:
9e:6a:88:d8:6f:e7:72:e6:e7:17:80:a9:34:28:f3:e5:d9:0c:
4b:ab:86:76:d0:2d:5a:a8:ff:e8:e3:08:e9:e8:e2:b8:b5:12:
b9:11:a2:fe:34:ee:ce:b8:1c:44:5b:43:f3:a0:14:09:23:51:
22:4c:fd:14:1b:07:61:92:ac:66:02:c2:02:e0:15:d6:4b:ed:
13:44:03:42:2d:99:7c:75:32:14:6b:08:47:36:e5:06:96:f6:
68:c8:f4:69:0a:51:af:95:fc:13:06:f4:49:5f:80:5e:25:66:
64:95:9e:45:c8:60:27:c0:84:d4:6f:0b:69:62:ab:7f:88:d7:
ac:73:02:53:16:9d:21:4f:bf:34:c6:d6:98:6b:94:4c:82:fd:
95:30:cd:4d:fa:0e:2f:be:18:39:16:67:c1:1b:70:85:d6:ae:
bd:8b:39:3e:33:28:eb:3b:80:97:c5:6c:50:b1:20:ae:ee:5b:
f2:5a:3b:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPgukV8AOTHgK5ecebf9KwAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMzIyNGM1MDE3ZDM0ZWNkYzI4ZDBjZjM2NDQyZDY1YmVm
OWUwYTAwHhcNMjQxMjE5MjEwMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTY3ZmFkNGI0NWVjOWMzZGUwYTAxNWE4NWIyOGVkYzFjNjc0YjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxsjfuJEcjXPurQcqxyXoHpFShYw
qmr7ORnWH6tdnL6FoqkXR9kuxVdQrP7DDKrDVTQCbmIyGS1Cqjiu8ip+F6LM/Wp+
ql3tsPFSWcnDqS03y/Fu62sA2L+RTujCSjagWY5rB4S3AsPsdb6ei5FL9JetQC0y
Wu8ps1Se2ZispnqbyI5ZFU+GJhlyiU3hgZ4lDvK4E2tjnu5iCCKdcM++ZJgxGQq0
CqI8/oOHLsaakM0mCQl/rFLc68tLxKi5eo0x1BuuYb1kzJmCfSOIfaBKsHEJ0zGp
HV+rDvtVUBvXZgW0F7yXiN1i4GkkeQ6P4ns3uQsFZNxy9lu+ciU6ZMfBxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5n+tS0XsnD3goBWoWyjtwcZ0ssMB8GA1UdIwQY
MBaAFKIyJMUBfTTs3CjQzzZELWW++eCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTkt
ZmVjOGE4MGVkMjMzLzEvX21mNjFMUmV5Y1BlQ2dGYWhiS08zQnhuU3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMjdkMTQtZDc1MS00NTczLTk5MTktZmVjOGE4MGVkMjMz
LzEvb2pJa3hRRjlOT3pjS05EUE5rUXRaYjc1NEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUPPqMA0G
CSqGSIb3DQEBCwUAA4IBAQAExS882kah/X8byTmc5OdjcwDhwwFdsje8xG6/Gpej
S3X/lVUSCCQ1HizTflKLAKlC6V2IbBtXMrUEI+H09qHdxcAKLZG7r8aeaojYb+dy
5ucXgKk0KPPl2QxLq4Z20C1aqP/o4wjp6OK4tRK5EaL+NO7OuBxEW0PzoBQJI1Ei
TP0UGwdhkqxmAsIC4BXWS+0TRANCLZl8dTIUawhHNuUGlvZoyPRpClGvlfwTBvRJ
X4BeJWZklZ5FyGAnwITUbwtpYqt/iNescwJTFp0hT780xtaYa5RMgv2VMM1N+g4v
vhg5FmfBG3CF1q69izk+MyjrO4CXxWxQsSCu7lvyWjuX
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:03:57 2025 by rpki-client