Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/mIBmEi5h9CSdo-2Bu3WaolTfIcU.roa
File: mIBmEi5h9CSdo-2Bu3WaolTfIcU.roa (raw, json)
Hash identifier: fPxDYQj0HmVWRPqtBAK7IXPBLcbafz6QfcxF7/v1mG0=
Subject key identifier: 98:80:66:12:2E:61:F4:24:9D:A3:ED:81:BB:75:9A:A2:54:DF:21:C5
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01952620407D5F19DBC99B4591008E3059AD
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/mIBmEi5h9CSdo-2Bu3WaolTfIcU.roa
Signing time: Fri 21 Feb 2025 01:30:02 +0000
ROA not before: Fri 21 Feb 2025 01:30:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 89.36.35.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
2a14:6781::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Mar 2025 09:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:26:20:40:7d:5f:19:db:c9:9b:45:91:00:8e:30:59:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Feb 21 01:30:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=988066122e61f4249da3ed81bb759aa254df21c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e4:e4:81:9a:ca:82:c7:37:5b:68:b4:30:a6:
5e:49:5d:76:b1:15:33:95:fc:8f:8c:46:e3:6c:ff:
35:84:de:d8:3d:fc:93:04:63:df:3c:44:a6:1d:ac:
c7:5c:f0:74:63:1f:15:49:88:cd:6a:b0:bb:25:fa:
43:3e:62:7f:e4:e4:2b:b8:29:8f:c5:10:6d:82:af:
38:d8:04:1b:24:6b:7a:57:92:0c:de:f6:6a:c4:58:
b3:1f:fb:1c:d4:1e:34:bd:89:49:64:29:86:ab:a0:
5f:55:27:73:7a:b4:af:a4:54:10:86:4e:4a:a3:9e:
ba:f3:9e:67:d5:2b:6e:c8:33:a2:d0:9f:23:84:c8:
d9:80:12:04:8d:b4:d7:00:ad:94:b1:77:df:99:94:
65:de:4d:cb:97:e1:67:36:36:8f:8a:aa:88:be:71:
67:33:d6:bb:93:21:35:71:db:0e:70:92:f8:34:f5:
91:02:75:12:b6:13:89:38:79:05:1f:d5:c0:07:d4:
e5:ec:25:65:cd:49:5f:64:bf:68:9a:cd:46:cb:f7:
56:bc:1c:0d:c0:b5:a8:ed:d8:79:10:73:59:0f:32:
4d:e8:80:d7:b0:ce:f6:57:8f:03:2a:42:e0:03:ac:
3d:95:17:39:a9:85:be:a5:a2:6f:00:0f:97:d3:c2:
e7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:80:66:12:2E:61:F4:24:9D:A3:ED:81:BB:75:9A:A2:54:DF:21:C5
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/mIBmEi5h9CSdo-2Bu3WaolTfIcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.35.0/24
212.232.18.0/24
IPv6:
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
17:9d:a4:53:cb:96:a8:7f:c6:46:ae:11:da:68:45:21:14:94:
4e:cf:31:cb:49:27:61:19:10:a0:f0:f5:87:59:90:c2:c0:53:
28:14:c4:84:3a:ac:95:77:ad:29:1c:c1:af:3f:9c:0b:40:2c:
ea:0f:59:32:c9:c6:1e:24:4e:99:cd:10:c9:58:f2:15:1b:9e:
e1:13:71:7f:84:6f:b1:5c:dc:0d:a1:76:e1:41:e7:f1:75:47:
f1:7d:7f:38:56:c6:db:44:0f:76:1a:62:92:a4:d7:d3:e1:b8:
1b:b9:01:c4:09:a2:bb:83:ed:8f:56:36:6b:82:21:62:15:2a:
5e:e7:01:6a:2d:5e:2f:38:3c:d7:3a:98:ef:3d:57:c0:37:1f:
39:6e:9d:69:3c:ee:20:4f:47:ae:32:e4:a6:28:d1:d6:27:b5:
28:55:eb:05:11:49:21:7b:9f:8e:e4:27:b5:78:1a:20:63:b8:
2a:1e:54:33:5a:09:69:b2:6d:3e:d1:11:ec:68:ef:94:bc:69:
57:e8:5e:2a:36:18:01:97:13:00:a1:10:a3:90:6f:be:24:25:
03:75:e4:0a:61:54:93:e1:f5:9e:2e:90:fe:11:24:89:cc:34:
1f:74:6e:a3:9d:66:ed:da:e5:cf:24:70:29:1a:d7:60:e0:76:
7c:94:74:b7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZUmIEB9XxnbyZtFkQCOMFmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwMjIxMDEzMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODgwNjYxMjJlNjFmNDI0OWRhM2VkODFiYjc1OWFhMjU0ZGYyMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveTkgZrKgsc3W2i0MKZeSV12sRUz
lfyPjEbjbP81hN7YPfyTBGPfPESmHazHXPB0Yx8VSYjNarC7JfpDPmJ/5OQruCmP
xRBtgq842AQbJGt6V5IM3vZqxFizH/sc1B40vYlJZCmGq6BfVSdzerSvpFQQhk5K
o566855n1StuyDOi0J8jhMjZgBIEjbTXAK2UsXffmZRl3k3Ll+FnNjaPiqqIvnFn
M9a7kyE1cdsOcJL4NPWRAnUSthOJOHkFH9XAB9Tl7CVlzUlfZL9oms1Gy/dWvBwN
wLWo7dh5EHNZDzJN6IDXsM72V48DKkLgA6w9lRc5qYW+paJvAA+X08LnIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJiAZhIuYfQknaPtgbt1mqJU3yHFMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvbUlCbUVpNWg5Q1Nkby0yQnUzV2FvbFRmSWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAWSQjAwQA
1OgSMA0EAgACMAcDBQAqFGeBMA0GCSqGSIb3DQEBCwUAA4IBAQAXnaRTy5aof8ZG
rhHaaEUhFJROzzHLSSdhGRCg8PWHWZDCwFMoFMSEOqyVd60pHMGvP5wLQCzqD1ky
ycYeJE6ZzRDJWPIVG57hE3F/hG+xXNwNoXbhQefxdUfxfX84VsbbRA92GmKSpNfT
4bgbuQHECaK7g+2PVjZrgiFiFSpe5wFqLV4vODzXOpjvPVfANx85bp1pPO4gT0eu
MuSmKNHWJ7UoVesFEUkhe5+O5Ce1eBogY7gqHlQzWglpsm0+0RHsaO+UvGlX6F4q
NhgBlxMAoRCjkG++JCUDdeQKYVST4fWeLpD+ESSJzDQfdG6jnWbt2uXPJHApGtdg
4HZ8lHS3
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:34:58 2025 by rpki-client