Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mtaplzy0b7tsMG9D9ppBBSet12M.roa
File: mtaplzy0b7tsMG9D9ppBBSet12M.roa (raw, json)
Hash identifier: 8H+SCx3BqPI2x2MpuqnnxRmc0BJJXhGblhjVWV1okoI=
Subject key identifier: 9A:D6:A9:97:3C:B4:6F:BB:6C:30:6F:43:F6:9A:41:05:27:AD:D7:63
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01960FA8E80E5B8C39E242F8343888646269
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mtaplzy0b7tsMG9D9ppBBSet12M.roa
Signing time: Mon 07 Apr 2025 09:50:49 +0000
ROA not before: Mon 07 Apr 2025 09:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41075
IP address blocks: 79.172.194.0/23 maxlen: 23
79.172.197.0/24 maxlen: 24
79.172.205.0/24 maxlen: 24
87.229.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 10:53:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:a8:e8:0e:5b:8c:39:e2:42:f8:34:38:88:64:62:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 7 09:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ad6a9973cb46fbb6c306f43f69a410527add763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fb:ab:7d:84:d3:c6:65:28:db:88:ad:dc:52:
ee:fb:8d:64:cf:fb:7e:01:73:f4:6e:7f:4f:2f:10:
10:0e:81:26:8b:df:fe:eb:04:a5:d6:5a:69:cb:20:
e2:52:2f:4e:e2:d5:ed:e6:ea:29:69:28:d6:37:0c:
bb:6e:a6:1b:5b:77:46:41:52:16:42:e0:f5:00:cc:
1f:c8:09:fc:f3:3d:4b:ba:b6:1c:98:db:83:1e:66:
93:bd:3f:c7:4a:92:23:7e:37:8f:70:86:1e:f0:04:
13:3a:a2:e3:0f:68:f4:eb:5f:b4:f4:eb:27:49:bd:
f3:18:d0:8d:b3:11:e8:49:7d:e2:fa:fd:18:50:41:
99:01:2c:05:8e:ef:2a:a4:d0:bd:59:b6:98:b8:e6:
8c:10:2d:42:a2:c4:66:e5:07:3c:42:11:56:13:6a:
fd:80:ae:48:7a:07:3e:f0:a0:d7:ef:c1:e9:1f:c8:
39:71:fe:30:8e:b8:18:3c:d4:56:f8:51:10:67:aa:
88:e8:b1:03:b0:50:8d:2a:41:3a:be:32:35:65:73:
55:d6:35:82:89:85:22:c0:43:f6:4d:a5:cd:96:32:
cf:c6:c6:f2:5a:a4:cf:48:b3:99:5a:34:ef:96:4a:
61:d9:95:06:57:0b:55:33:16:40:4b:bf:85:a1:21:
ae:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D6:A9:97:3C:B4:6F:BB:6C:30:6F:43:F6:9A:41:05:27:AD:D7:63
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/mtaplzy0b7tsMG9D9ppBBSet12M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.194.0/23
79.172.197.0/24
79.172.205.0/24
87.229.111.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:3f:6b:70:11:24:04:5c:c4:1d:9b:6c:a2:ee:fa:3a:6d:ae:
ad:60:9b:2b:ca:c1:03:7b:6f:16:c8:6d:0e:00:28:28:2b:fd:
4a:ec:8d:21:6b:ce:f8:0e:43:ea:c1:5a:7a:da:3a:d2:25:7f:
c6:73:e8:aa:dd:82:38:71:0c:12:6e:64:33:a9:d1:2c:98:28:
99:de:75:31:73:b8:67:63:48:a8:73:72:a9:36:38:cb:99:24:
fd:5c:7c:14:13:1e:d1:48:78:0d:37:f4:4d:d9:a4:89:f2:24:
ea:e7:6b:16:0f:ba:b0:c8:ac:3b:12:59:05:0b:b8:6e:79:9c:
f5:5c:de:58:66:17:02:8d:3a:23:20:c2:78:6c:b5:1a:86:54:
dd:c0:82:fb:7f:81:e8:29:8c:48:d1:e9:01:7b:a4:e7:49:f3:
b8:19:97:7d:d3:ed:f6:4c:5c:3d:2a:74:df:5d:26:20:b9:e0:
f4:57:cb:96:f3:69:77:03:65:39:cd:e7:77:30:e1:17:2b:f5:
1a:4a:8d:69:f1:2e:fb:36:72:0e:a8:e2:8a:92:08:c9:b0:c1:
e9:da:9f:f9:99:ae:af:50:50:9b:4e:57:02:12:0d:4b:e3:80:
64:cf:ee:f2:e6:8d:94:b6:d4:83:de:b1:3e:1c:23:a8:38:eb:
cd:33:15:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZYPqOgOW4w54kL4NDiIZGJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNDA3MDk1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ2YTk5NzNjYjQ2ZmJiNmMzMDZmNDNmNjlhNDEwNTI3YWRkNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvurfYTTxmUo24it3FLu+41kz/t+
AXP0bn9PLxAQDoEmi9/+6wSl1lppyyDiUi9O4tXt5uopaSjWNwy7bqYbW3dGQVIW
QuD1AMwfyAn88z1LurYcmNuDHmaTvT/HSpIjfjePcIYe8AQTOqLjD2j061+09Osn
Sb3zGNCNsxHoSX3i+v0YUEGZASwFju8qpNC9WbaYuOaMEC1CosRm5Qc8QhFWE2r9
gK5Iegc+8KDX78HpH8g5cf4wjrgYPNRW+FEQZ6qI6LEDsFCNKkE6vjI1ZXNV1jWC
iYUiwEP2TaXNljLPxsbyWqTPSLOZWjTvlkph2ZUGVwtVMxZAS7+FoSGuewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJrWqZc8tG+7bDBvQ/aaQQUnrddjMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvbXRhcGx6eTBiN3RzTUc5RDlwcEJCU2V0MTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBT6zCAwQA
T6zFAwQAT6zNAwQAV+VvMA0GCSqGSIb3DQEBCwUAA4IBAQCpP2twESQEXMQdm2yi
7vo6ba6tYJsrysEDe28WyG0OACgoK/1K7I0ha874DkPqwVp62jrSJX/Gc+iq3YI4
cQwSbmQzqdEsmCiZ3nUxc7hnY0ioc3KpNjjLmST9XHwUEx7RSHgNN/RN2aSJ8iTq
52sWD7qwyKw7ElkFC7hueZz1XN5YZhcCjTojIMJ4bLUahlTdwIL7f4HoKYxI0ekB
e6TnSfO4GZd90+32TFw9KnTfXSYgueD0V8uW82l3A2U5zed3MOEXK/UaSo1p8S77
NnIOqOKKkgjJsMHp2p/5ma6vUFCbTlcCEg1L44Bkz+7y5o2UttSD3rE+HCOoOOvN
MxXl
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:32:16 2025 by rpki-client