Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MvcOl1IRHftUepLzuJG9L68hMKU.roa
File: MvcOl1IRHftUepLzuJG9L68hMKU.roa (raw, json)
Hash identifier: aeaK4o1s06mp8XFnMerR5yKYCwDjRGqRgFKqVUfDw74=
Subject key identifier: 32:F7:0E:97:52:11:1D:FB:54:7A:92:F3:B8:91:BD:2F:AF:21:30:A5
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0196F83092B6F6908065131C352A6BF440B6
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MvcOl1IRHftUepLzuJG9L68hMKU.roa
Signing time: Thu 22 May 2025 13:30:54 +0000
ROA not before: Thu 22 May 2025 13:30:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 64.137.36.0/24 maxlen: 24
64.137.37.0/24 maxlen: 24
64.137.121.0/24 maxlen: 24
104.222.162.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.243.203.0/24 maxlen: 24
204.52.96.0/22 maxlen: 22
204.52.100.0/24 maxlen: 24
204.52.101.0/24 maxlen: 24
204.52.102.0/24 maxlen: 24
204.52.103.0/24 maxlen: 24
204.52.105.0/24 maxlen: 24
204.52.106.0/24 maxlen: 24
204.52.108.0/22 maxlen: 22
216.173.104.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 May 2025 11:13:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:30:92:b6:f6:90:80:65:13:1c:35:2a:6b:f4:40:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 22 13:30:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32f70e9752111dfb547a92f3b891bd2faf2130a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d8:c0:c4:f1:ce:b9:cb:24:19:be:20:11:57:
49:cf:bc:a7:dc:68:8f:c6:26:5a:7b:be:65:d1:a5:
12:44:eb:dd:2d:b6:b0:4a:71:c0:b5:ee:4b:37:d1:
8c:17:af:dd:36:ca:c2:01:95:1f:91:e1:df:a8:3d:
f4:90:e5:e6:f6:69:6f:ad:3a:d2:77:6b:13:7b:89:
ac:6c:a6:13:8d:44:30:b8:44:78:f6:dc:1a:20:4e:
c2:23:54:c2:05:1b:f7:6b:90:e1:e7:d3:8d:09:13:
d4:f3:7f:bf:82:de:83:70:f8:c3:7e:94:a2:d8:6c:
92:76:ce:96:e3:07:97:3e:6c:64:87:d7:06:a4:21:
a4:ae:5c:d8:f8:57:b4:09:68:1d:e3:80:c7:ff:b0:
35:eb:fc:cf:04:83:5a:c6:62:e3:df:70:b5:e1:ba:
83:73:4d:e5:eb:7b:bc:da:71:bf:9c:7f:c1:20:61:
e3:d7:d8:67:39:5e:d8:28:75:df:e0:5e:64:bc:f8:
14:36:17:c7:ef:1a:d0:47:75:15:72:75:95:65:b6:
1e:a2:4a:13:6e:b2:af:00:19:5d:ee:ae:6c:bf:b7:
94:0c:eb:cb:3f:ce:ac:27:d2:fb:d8:7b:d0:95:28:
c2:91:f7:53:b7:88:43:ca:85:61:84:97:fa:6f:11:
22:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F7:0E:97:52:11:1D:FB:54:7A:92:F3:B8:91:BD:2F:AF:21:30:A5
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MvcOl1IRHftUepLzuJG9L68hMKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.36.0/23
64.137.121.0/24
104.222.162.0/24
104.238.7.0/24
104.239.28.0/24
104.239.44.0/24
104.239.73.0/24
104.239.88.0/24
104.243.203.0/24
204.52.96.0/21
204.52.105.0-204.52.106.255
204.52.108.0/22
216.173.104.0/23
Signature Algorithm: sha256WithRSAEncryption
39:f8:cc:98:f8:0f:c1:19:50:28:9f:69:19:62:0c:71:bb:08:
0c:f0:b7:1f:92:64:df:5a:d9:67:a9:04:cf:73:d4:28:a9:c5:
65:17:d9:bd:42:4d:26:24:a4:8f:f8:ca:ee:89:5d:52:31:b1:
d1:96:01:e6:e2:40:d2:c8:8c:25:3f:65:5a:8e:85:9c:e7:8b:
49:81:65:ed:83:f9:0c:26:45:3e:13:c0:3f:82:a5:0c:f3:fb:
e1:56:a6:c5:08:72:1f:47:12:b2:8f:13:3e:24:e3:0c:e9:65:
c3:9a:18:3a:99:12:48:4c:5a:19:ae:83:f1:cc:4c:1d:e3:e3:
f6:c7:53:2a:5d:38:59:4f:cf:86:e8:d7:ed:ed:e6:3c:c7:34:
af:4f:b4:fc:61:05:e1:95:37:7c:3b:72:c9:0c:27:6c:47:c1:
0b:ab:af:f7:21:fc:15:28:18:b4:4c:d8:29:ac:24:89:36:87:
37:59:69:97:0c:9d:41:25:60:30:f2:bc:e8:d2:66:93:43:ea:
c7:bb:8a:fd:cf:c6:78:86:0b:70:af:eb:e0:d2:b8:93:2f:d8:
ba:f2:a6:c9:b3:4b:4f:84:2e:76:e3:47:c4:db:3c:ef:cb:ad:
2d:82:fe:35:e0:ae:9f:7b:cf:a3:16:8f:02:81:16:aa:df:dd:
74:b2:f6:f1
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZb4MJK29pCAZRMcNSpr9EC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwNTIyMTMzMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY3MGU5NzUyMTExZGZiNTQ3YTkyZjNiODkxYmQyZmFmMjEzMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdjAxPHOucskGb4gEVdJz7yn3GiP
xiZae75l0aUSROvdLbawSnHAte5LN9GMF6/dNsrCAZUfkeHfqD30kOXm9mlvrTrS
d2sTe4msbKYTjUQwuER49twaIE7CI1TCBRv3a5Dh59ONCRPU83+/gt6DcPjDfpSi
2GySds6W4weXPmxkh9cGpCGkrlzY+Fe0CWgd44DH/7A16/zPBINaxmLj33C14bqD
c03l63u82nG/nH/BIGHj19hnOV7YKHXf4F5kvPgUNhfH7xrQR3UVcnWVZbYeokoT
brKvABld7q5sv7eUDOvLP86sJ9L72HvQlSjCkfdTt4hDyoVhhJf6bxEiEwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFDL3DpdSER37VHqS87iRvS+vITClMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTXZjT2wxSVJIZnRVZXBMenVKRzlMNjhoTUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQBQIkkAwQA
QIl5AwQAaN6iAwQAaO4HAwQAaO8cAwQAaO8sAwQAaO9JAwQAaO9YAwQAaPPLAwQD
zDRgMAwDBADMNGkDBADMNGoDBALMNGwDBAHYrWgwDQYJKoZIhvcNAQELBQADggEB
ADn4zJj4D8EZUCifaRliDHG7CAzwtx+SZN9a2WepBM9z1CipxWUX2b1CTSYkpI/4
yu6JXVIxsdGWAebiQNLIjCU/ZVqOhZzni0mBZe2D+QwmRT4TwD+CpQzz++FWpsUI
ch9HErKPEz4k4wzpZcOaGDqZEkhMWhmug/HMTB3j4/bHUypdOFlPz4bo1+3t5jzH
NK9PtPxhBeGVN3w7cskMJ2xHwQurr/ch/BUoGLRM2CmsJIk2hzdZaZcMnUElYDDy
vOjSZpND6se7iv3PxniGC3Cv6+DSuJMv2LrypsmzS0+ELnbjR8TbPO/LrS2C/jXg
rp97z6MWjwKBFqrf3XSy9vE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:33:14 2025 by rpki-client