Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ad4e87-5b28-42d7-9748-4ab498b596a3/1/mRwpcz7CXoxu0yz8rkQkug4Zeek.roa
File: mRwpcz7CXoxu0yz8rkQkug4Zeek.roa (raw, json)
Hash identifier: PA8B2ZDA9+f+BEWpeuVUDAXK6/eKju01/VnlFxjuFxc=
Subject key identifier: 99:1C:29:73:3E:C2:5E:8C:6E:D3:2C:FC:AE:44:24:BA:0E:19:79:E9
Certificate issuer: /CN=4c40c7111c2916a5f5adaf1e5050a940c26b2378
Certificate serial: 018CC7944414D24F32FD7C4732AEBDFBC5DF
Authority key identifier: 4C:40:C7:11:1C:29:16:A5:F5:AD:AF:1E:50:50:A9:40:C2:6B:23:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TEDHERwpFqX1ra8eUFCpQMJrI3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ad4e87-5b28-42d7-9748-4ab498b596a3/1/mRwpcz7CXoxu0yz8rkQkug4Zeek.roa
Signing time: Tue 02 Jan 2024 00:30:31 +0000
ROA not before: Tue 02 Jan 2024 00:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49010
IP address blocks: 185.147.144.0/22 maxlen: 22
91.236.210.0/23 maxlen: 23
2a0a:5400::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:44:14:d2:4f:32:fd:7c:47:32:ae:bd:fb:c5:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c40c7111c2916a5f5adaf1e5050a940c26b2378
Validity
Not Before: Jan 2 00:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=991c29733ec25e8c6ed32cfcae4424ba0e1979e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e7:15:b8:cb:89:e3:b7:a9:a3:d1:a7:31:06:
7a:8c:af:08:51:d7:46:7c:00:34:db:13:a1:43:bd:
60:cc:ca:cd:bd:04:9f:08:be:ac:74:da:e6:8f:bf:
9a:b9:f8:f8:46:ea:6b:4c:f8:b1:e6:fa:b2:ee:e0:
c9:db:b8:ef:95:23:fe:2a:df:94:56:19:05:07:48:
df:4e:b0:c6:9f:72:7f:75:4b:b1:dc:4a:70:db:11:
80:56:f0:0a:b9:bf:12:97:41:08:d2:eb:98:a2:18:
b4:25:d2:3a:bd:5e:0f:2d:64:7d:24:f7:b1:15:d6:
b7:a8:14:e8:9a:3b:8a:ce:5a:e9:16:ab:4c:21:99:
5b:5f:29:f2:5d:98:25:8f:40:87:a7:ab:78:99:12:
64:55:6f:e1:ae:f7:6c:1a:3b:cc:24:05:76:f1:ce:
b5:ec:d7:15:8a:a2:bc:7b:03:04:6c:c1:54:43:a9:
1a:73:37:ef:13:68:1f:4f:b5:aa:47:05:11:fe:31:
55:8a:7f:18:ef:09:60:a6:30:9c:84:f9:0d:96:0f:
e3:16:a5:61:4b:18:3e:c5:15:d6:61:ba:80:92:38:
aa:36:d6:fb:a8:2f:cc:49:d4:ab:82:be:3f:1b:e3:
4b:f9:89:ed:18:61:c0:1b:56:9e:5d:ad:79:85:e1:
c9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1C:29:73:3E:C2:5E:8C:6E:D3:2C:FC:AE:44:24:BA:0E:19:79:E9
X509v3 Authority Key Identifier:
keyid:4C:40:C7:11:1C:29:16:A5:F5:AD:AF:1E:50:50:A9:40:C2:6B:23:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TEDHERwpFqX1ra8eUFCpQMJrI3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ad4e87-5b28-42d7-9748-4ab498b596a3/1/mRwpcz7CXoxu0yz8rkQkug4Zeek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ad4e87-5b28-42d7-9748-4ab498b596a3/1/TEDHERwpFqX1ra8eUFCpQMJrI3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.210.0/23
185.147.144.0/22
IPv6:
2a0a:5400::/29
Signature Algorithm: sha256WithRSAEncryption
85:c2:8e:74:a3:1e:d6:6e:b7:60:06:50:58:ba:ea:05:7f:21:
6f:b9:68:db:f1:ae:d6:ea:e9:cd:bf:86:ef:05:4e:67:08:96:
6e:c3:53:08:e6:f8:72:59:56:dc:2f:36:bc:17:12:22:f5:d0:
17:a2:7f:86:45:98:84:1e:8f:62:41:3f:2d:02:62:33:57:60:
99:c0:42:9d:17:8d:de:85:1e:9f:d5:3b:40:9a:54:25:b4:21:
b2:d5:44:a4:0f:e8:e1:eb:ea:99:f4:74:30:cf:83:e1:eb:6b:
5e:60:c6:e3:96:7c:c7:4e:14:aa:1e:c8:36:23:63:23:0e:3a:
a0:4d:75:ed:70:42:17:b1:8e:39:08:ea:a4:d9:89:f6:cd:9f:
ff:55:e9:e4:53:a0:73:69:10:43:ed:12:33:28:d4:ca:ff:94:
cc:66:6a:38:9a:ed:62:c2:6e:09:95:71:fa:3d:8d:71:f3:c4:
12:48:03:55:86:f4:f8:ff:0d:8a:5f:b3:24:76:05:f1:fc:39:
c7:e1:83:6d:ea:94:39:08:28:46:4e:a1:9f:b3:15:35:40:bc:
a1:79:b3:10:43:4d:14:09:21:21:5f:9b:52:91:38:3e:4c:e0:
eb:87:63:b5:cb:05:bd:6b:01:43:2f:5b:be:bb:3f:b7:17:6d:
22:cf:ae:59
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHlEQU0k8y/XxHMq69+8XfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNDBjNzExMWMyOTE2YTVmNWFkYWYxZTUwNTBhOTQwYzI2
YjIzNzgwHhcNMjQwMTAyMDAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTFjMjk3MzNlYzI1ZThjNmVkMzJjZmNhZTQ0MjRiYTBlMTk3OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoecVuMuJ47epo9GnMQZ6jK8IUddG
fAA02xOhQ71gzMrNvQSfCL6sdNrmj7+aufj4RuprTPix5vqy7uDJ27jvlSP+Kt+U
VhkFB0jfTrDGn3J/dUux3Epw2xGAVvAKub8Sl0EI0uuYohi0JdI6vV4PLWR9JPex
Fda3qBTomjuKzlrpFqtMIZlbXynyXZglj0CHp6t4mRJkVW/hrvdsGjvMJAV28c61
7NcViqK8ewMEbMFUQ6kaczfvE2gfT7WqRwUR/jFVin8Y7wlgpjCchPkNlg/jFqVh
Sxg+xRXWYbqAkjiqNtb7qC/MSdSrgr4/G+NL+YntGGHAG1aeXa15heHJawIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJkcKXM+wl6MbtMs/K5EJLoOGXnpMB8GA1UdIwQY
MBaAFExAxxEcKRal9a2vHlBQqUDCayN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEVESEVSd3BGcVgxcmE4ZVVGQ3BRTUpySTNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hZDRlODctNWIyOC00MmQ3LTk3NDgt
NGFiNDk4YjU5NmEzLzEvbVJ3cGN6N0NYb3h1MHl6OHJrUWt1ZzRaZWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hZDRlODctNWIyOC00MmQ3LTk3NDgtNGFiNDk4YjU5NmEz
LzEvVEVESEVSd3BGcVgxcmE4ZVVGQ3BRTUpySTNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+zSAwQC
uZOQMA0EAgACMAcDBQMqClQAMA0GCSqGSIb3DQEBCwUAA4IBAQCFwo50ox7Wbrdg
BlBYuuoFfyFvuWjb8a7W6unNv4bvBU5nCJZuw1MI5vhyWVbcLza8FxIi9dAXon+G
RZiEHo9iQT8tAmIzV2CZwEKdF43ehR6f1TtAmlQltCGy1USkD+jh6+qZ9HQwz4Ph
62teYMbjlnzHThSqHsg2I2MjDjqgTXXtcEIXsY45COqk2Yn2zZ//VenkU6BzaRBD
7RIzKNTK/5TMZmo4mu1iwm4JlXH6PY1x88QSSANVhvT4/w2KX7MkdgXx/DnH4YNt
6pQ5CChGTqGfsxU1QLyhebMQQ00UCSEhX5tSkTg+TODrh2O1ywW9awFDL1u+uz+3
F20iz65Z
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:07 2025 by rpki-client