Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/MJZLbZkYAIDQpy_vwYTkUne1CSg.roa
File: MJZLbZkYAIDQpy_vwYTkUne1CSg.roa (raw, json)
Hash identifier: JY+3WaE+mrYJ3p6otH+WibdQFyTZZ09Khm3UTSefllU=
Subject key identifier: 30:96:4B:6D:99:18:00:80:D0:A7:2F:EF:C1:84:E4:52:77:B5:09:28
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 018CC8DE10E823A16243BB0755F4A5E47058
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/MJZLbZkYAIDQpy_vwYTkUne1CSg.roa
Signing time: Tue 02 Jan 2024 06:30:45 +0000
ROA not before: Tue 02 Jan 2024 06:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48732
IP address blocks: 158.58.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:10:e8:23:a1:62:43:bb:07:55:f4:a5:e4:70:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Jan 2 06:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30964b6d99180080d0a72fefc184e45277b50928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0c:4b:d8:ac:64:93:40:e2:ab:bb:54:71:19:
27:aa:e9:fe:bb:fe:77:13:6c:16:da:ad:3b:d3:7e:
36:a6:94:8b:c9:53:43:52:1e:00:9d:31:50:0e:d4:
c4:1b:88:db:73:55:e5:57:18:76:1a:cd:6d:fb:b2:
1f:e7:04:f2:5a:b2:2b:cc:24:6c:78:62:ae:42:a4:
20:92:4e:1c:8a:ae:b4:a9:2e:0b:5f:31:0d:39:b4:
5f:df:a4:36:73:72:59:2b:01:ec:7f:30:4e:ca:70:
4a:ef:4a:85:2e:d2:3f:d5:83:33:53:e8:87:dd:d4:
36:b6:d1:2e:58:30:be:f9:2d:8e:e6:3f:14:5e:2d:
5f:71:94:8b:ff:a8:b1:86:6a:30:6e:14:e6:b2:30:
83:95:e3:ca:3f:8d:e8:40:80:3a:97:79:f4:01:2f:
ef:c8:64:d1:70:06:22:ef:19:2b:29:92:4d:5f:03:
85:71:e8:74:5a:0f:cc:7e:db:7d:70:f3:fb:50:eb:
d6:42:24:cd:59:d7:93:f1:46:75:1c:6c:3d:03:9a:
c8:1a:2b:dc:04:a6:07:d8:f1:1d:c0:2d:3e:74:4d:
fe:79:67:6b:be:fb:57:de:fe:2b:c9:15:69:b5:f7:
70:13:b9:ef:0a:e2:f2:da:72:c2:b5:ad:22:4c:2e:
94:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:96:4B:6D:99:18:00:80:D0:A7:2F:EF:C1:84:E4:52:77:B5:09:28
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/MJZLbZkYAIDQpy_vwYTkUne1CSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.58.187.0/24
Signature Algorithm: sha256WithRSAEncryption
56:2a:89:56:72:87:f3:c3:ca:ec:5f:c8:34:19:4b:7a:74:17:
31:b2:28:8c:95:e7:6d:ad:7c:3f:6f:5e:70:44:ef:02:09:aa:
80:a1:19:bd:e0:3e:83:dc:52:53:2c:62:ae:2a:48:9f:d4:65:
61:94:3a:73:b8:00:b5:54:49:58:bf:b1:27:80:f5:a6:12:4e:
79:19:bc:f7:94:32:29:10:5f:f9:4c:a6:2f:08:07:99:28:77:
ce:e7:bc:23:ae:2e:bb:e9:82:da:43:68:4a:aa:f1:15:fc:67:
0b:3e:30:1b:86:6a:6b:f6:5a:e1:10:e0:13:4f:e0:1f:fb:cb:
f8:9f:00:46:fb:2e:22:c6:ce:bc:e3:c9:e4:5b:dc:63:47:15:
11:05:60:a7:f4:9f:05:79:f2:98:09:2a:43:16:cd:66:4f:3f:
e2:1d:e8:66:ed:58:dd:53:e2:21:71:4e:4f:31:a6:04:1e:36:
29:1d:6d:fb:a6:80:a4:85:61:90:dd:fe:4a:f8:71:59:17:ed:
9f:4c:77:70:7e:ed:88:64:ae:2c:8e:e7:70:ed:62:ae:88:b2:
58:12:b2:42:77:03:04:a0:5d:c7:e5:84:bb:51:01:c3:4a:40:
05:11:ed:cd:fa:ac:5d:c1:5f:be:d3:e6:2c:77:89:3f:c1:cf:
9b:4b:18:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3hDoI6FiQ7sHVfSl5HBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjQwMTAyMDYzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk2NGI2ZDk5MTgwMDgwZDBhNzJmZWZjMTg0ZTQ1Mjc3YjUwOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgxL2Kxkk0Diq7tUcRknqun+u/53
E2wW2q070342ppSLyVNDUh4AnTFQDtTEG4jbc1XlVxh2Gs1t+7If5wTyWrIrzCRs
eGKuQqQgkk4ciq60qS4LXzENObRf36Q2c3JZKwHsfzBOynBK70qFLtI/1YMzU+iH
3dQ2ttEuWDC++S2O5j8UXi1fcZSL/6ixhmowbhTmsjCDlePKP43oQIA6l3n0AS/v
yGTRcAYi7xkrKZJNXwOFceh0Wg/Mftt9cPP7UOvWQiTNWdeT8UZ1HGw9A5rIGivc
BKYH2PEdwC0+dE3+eWdrvvtX3v4ryRVptfdwE7nvCuLy2nLCta0iTC6USwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCWS22ZGACA0Kcv78GE5FJ3tQkoMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvTUpaTGJaa1lBSURRcHlfdndZVGtVbmUxQ1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnjq7MA0G
CSqGSIb3DQEBCwUAA4IBAQBWKolWcofzw8rsX8g0GUt6dBcxsiiMledtrXw/b15w
RO8CCaqAoRm94D6D3FJTLGKuKkif1GVhlDpzuAC1VElYv7EngPWmEk55Gbz3lDIp
EF/5TKYvCAeZKHfO57wjri676YLaQ2hKqvEV/GcLPjAbhmpr9lrhEOATT+Af+8v4
nwBG+y4ixs6848nkW9xjRxURBWCn9J8FefKYCSpDFs1mTz/iHehm7VjdU+IhcU5P
MaYEHjYpHW37poCkhWGQ3f5K+HFZF+2fTHdwfu2IZK4sjudw7WKuiLJYErJCdwME
oF3H5YS7UQHDSkAFEe3N+qxdwV++0+Ysd4k/wc+bSxhW
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:42 2025 by rpki-client