Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f32454-3ef9-4412-8570-5cf43d35908e/1/mVeGXjRF1-oADsZ5JXKV3xbWdLA.roa
File: mVeGXjRF1-oADsZ5JXKV3xbWdLA.roa (raw, json)
Hash identifier: iaIxnh89hTFqgzPzfiNd+6mtVZD2aalclzMglR2FtPg=
Subject key identifier: 99:57:86:5E:34:45:D7:EA:00:0E:C6:79:25:72:95:DF:16:D6:74:B0
Certificate issuer: /CN=38482b1320b980f46d6e404fe7d58bdb11d50fd3
Certificate serial: 018CC9BC06F866A43ED91793BAAFD638B013
Authority key identifier: 38:48:2B:13:20:B9:80:F4:6D:6E:40:4F:E7:D5:8B:DB:11:D5:0F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEgrEyC5gPRtbkBP59WL2xHVD9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f32454-3ef9-4412-8570-5cf43d35908e/1/mVeGXjRF1-oADsZ5JXKV3xbWdLA.roa
Signing time: Tue 02 Jan 2024 10:33:12 +0000
ROA not before: Tue 02 Jan 2024 10:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59780
IP address blocks: 185.71.120.0/22 maxlen: 24
185.177.84.0/22 maxlen: 24
2a05:3240::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:06:f8:66:a4:3e:d9:17:93:ba:af:d6:38:b0:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38482b1320b980f46d6e404fe7d58bdb11d50fd3
Validity
Not Before: Jan 2 10:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9957865e3445d7ea000ec679257295df16d674b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:28:3a:d1:6c:19:7c:2d:e6:3a:d0:58:c3:a1:
4d:36:b1:09:af:e1:31:a5:ae:ce:95:35:4c:ba:90:
23:da:46:97:c9:45:0b:56:29:04:18:16:71:1c:fb:
9a:9d:00:01:97:30:62:b2:27:13:7c:45:07:cc:9b:
63:dd:76:24:bd:46:47:34:db:5b:24:c1:f8:7d:15:
99:b8:c0:ca:d0:9c:00:42:f0:58:8a:9a:20:db:00:
ec:bc:07:8f:5e:eb:67:b4:cc:c6:f2:ba:36:c4:1d:
dd:89:f7:97:8a:43:8e:7f:b1:de:d1:54:b8:18:e7:
ab:56:93:68:de:f9:e3:33:f4:09:e3:e5:7a:76:5e:
3d:3a:54:e0:44:8b:ad:5a:09:9b:3f:bf:d8:eb:fa:
f5:24:d0:a7:fd:65:17:5a:e2:4d:e4:23:d0:e2:d1:
89:d1:b4:6d:15:46:eb:20:00:02:2e:44:90:68:8f:
6a:af:01:44:f4:16:a9:31:dd:69:c1:07:17:6f:b4:
87:26:16:b1:c1:8c:05:6f:aa:09:34:fa:68:38:9f:
8b:23:79:df:55:2d:03:f5:2c:be:fe:9b:3f:75:3c:
a6:7c:c3:81:da:9c:44:56:81:9d:58:78:55:27:85:
07:45:1e:78:e8:b4:fa:63:e3:fa:ab:76:07:49:b2:
88:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:57:86:5E:34:45:D7:EA:00:0E:C6:79:25:72:95:DF:16:D6:74:B0
X509v3 Authority Key Identifier:
keyid:38:48:2B:13:20:B9:80:F4:6D:6E:40:4F:E7:D5:8B:DB:11:D5:0F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEgrEyC5gPRtbkBP59WL2xHVD9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f32454-3ef9-4412-8570-5cf43d35908e/1/mVeGXjRF1-oADsZ5JXKV3xbWdLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f32454-3ef9-4412-8570-5cf43d35908e/1/OEgrEyC5gPRtbkBP59WL2xHVD9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.120.0/22
185.177.84.0/22
IPv6:
2a05:3240::/29
Signature Algorithm: sha256WithRSAEncryption
04:3d:b2:a6:fb:c8:71:d8:e9:51:aa:36:c4:a8:0c:f8:93:97:
21:00:e2:66:fc:22:54:78:d0:f1:1e:af:91:ff:c0:2d:1e:0e:
f9:ed:a9:eb:68:50:53:38:c9:83:26:e0:a4:9c:cb:b2:5e:1c:
77:ba:54:1f:ec:30:f9:f8:49:51:3f:94:c6:51:3e:a4:07:65:
1f:99:f7:b1:39:af:e3:7c:34:58:4b:cf:f4:8b:53:ad:c4:f3:
a1:d5:33:d9:ef:a1:4e:cd:3b:ac:0d:7a:a5:43:d6:28:ab:c5:
9e:b9:ae:ad:33:96:6e:8f:e9:aa:b6:6a:63:57:d3:e0:e1:54:
93:c4:97:07:b5:41:d1:fa:ef:ff:59:fe:3c:ba:24:01:d0:88:
64:ad:98:24:75:08:88:39:e8:a9:7d:62:b6:9d:af:79:eb:f3:
9a:60:7f:18:4a:db:81:68:4a:e4:a4:d2:12:28:b4:f2:16:ea:
64:a3:d1:03:a8:e8:32:88:5c:84:c0:39:7c:35:5b:f1:f1:42:
a7:a9:17:ba:cc:5f:2d:c6:34:49:b6:7a:f7:45:84:29:e1:0e:
8a:58:17:8b:53:08:40:04:52:ab:6c:7a:67:ec:6d:b6:41:8f:
25:d4:64:02:0a:a3:8a:e3:50:cc:f7:07:ba:4c:64:3e:89:54:
c8:03:b5:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvAb4ZqQ+2ReTuq/WOLATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDgyYjEzMjBiOTgwZjQ2ZDZlNDA0ZmU3ZDU4YmRiMTFk
NTBmZDMwHhcNMjQwMTAyMTAzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTU3ODY1ZTM0NDVkN2VhMDAwZWM2NzkyNTcyOTVkZjE2ZDY3NGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkig60WwZfC3mOtBYw6FNNrEJr+Ex
pa7OlTVMupAj2kaXyUULVikEGBZxHPuanQABlzBisicTfEUHzJtj3XYkvUZHNNtb
JMH4fRWZuMDK0JwAQvBYipog2wDsvAePXutntMzG8ro2xB3difeXikOOf7He0VS4
GOerVpNo3vnjM/QJ4+V6dl49OlTgRIutWgmbP7/Y6/r1JNCn/WUXWuJN5CPQ4tGJ
0bRtFUbrIAACLkSQaI9qrwFE9BapMd1pwQcXb7SHJhaxwYwFb6oJNPpoOJ+LI3nf
VS0D9Sy+/ps/dTymfMOB2pxEVoGdWHhVJ4UHRR546LT6Y+P6q3YHSbKIgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJlXhl40RdfqAA7GeSVyld8W1nSwMB8GA1UdIwQY
MBaAFDhIKxMguYD0bW5AT+fVi9sR1Q/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VnckV5QzVnUFJ0YmtCUDU5V0wyeEhWRDlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMzI0NTQtM2VmOS00NDEyLTg1NzAt
NWNmNDNkMzU5MDhlLzEvbVZlR1hqUkYxLW9BRHNaNUpYS1YzeGJXZExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMzI0NTQtM2VmOS00NDEyLTg1NzAtNWNmNDNkMzU5MDhl
LzEvT0VnckV5QzVnUFJ0YmtCUDU5V0wyeEhWRDlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUd4AwQC
ubFUMA0EAgACMAcDBQMqBTJAMA0GCSqGSIb3DQEBCwUAA4IBAQAEPbKm+8hx2OlR
qjbEqAz4k5chAOJm/CJUeNDxHq+R/8AtHg757anraFBTOMmDJuCknMuyXhx3ulQf
7DD5+ElRP5TGUT6kB2UfmfexOa/jfDRYS8/0i1OtxPOh1TPZ76FOzTusDXqlQ9Yo
q8Weua6tM5Zuj+mqtmpjV9Pg4VSTxJcHtUHR+u//Wf48uiQB0IhkrZgkdQiIOeip
fWK2na956/OaYH8YStuBaErkpNISKLTyFupko9EDqOgyiFyEwDl8NVvx8UKnqRe6
zF8txjRJtnr3RYQp4Q6KWBeLUwhABFKrbHpn7G22QY8l1GQCCqOK41DM9we6TGQ+
iVTIA7Ut
-----END CERTIFICATE-----
Generated at Tue Apr 15 10:34:36 2025 by rpki-client