Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mu-gfGT-5pF4eoED93enc6PDGg8.roa
File: mu-gfGT-5pF4eoED93enc6PDGg8.roa (raw, json)
Hash identifier: dW+fvOiw3YBsgfbVbO2Ile4uB26r67EDKHTCKgKfr8w=
Subject key identifier: 9A:EF:A0:7C:64:FE:E6:91:78:7A:81:03:F7:77:A7:73:A3:C3:1A:0F
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01970FADC233286D1694EA39AAC33A419AD9
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mu-gfGT-5pF4eoED93enc6PDGg8.roa
Signing time: Tue 27 May 2025 02:58:54 +0000
ROA not before: Tue 27 May 2025 02:58:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30738
IP address blocks: 109.248.220.0/23 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 29 May 2025 20:08:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0f:ad:c2:33:28:6d:16:94:ea:39:aa:c3:3a:41:9a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: May 27 02:58:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9aefa07c64fee691787a8103f777a773a3c31a0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ed:ed:65:ab:27:7f:47:3d:3c:b4:5f:58:19:
41:f7:97:aa:08:ee:4e:26:cf:6b:30:4c:5c:4d:9c:
16:4c:e3:ec:5d:8e:9d:45:80:8d:f3:0a:d1:84:79:
80:e2:1b:69:d5:c1:f6:74:51:a4:9a:c5:41:a2:5f:
d3:b2:f6:d3:ac:71:83:7c:af:05:80:89:74:8f:4c:
15:28:cc:dc:ae:7d:9b:51:cc:ee:79:80:d4:dd:59:
2d:0a:ca:c1:fb:e3:55:91:04:ec:9d:06:c0:dd:25:
c9:94:6c:5d:6d:39:b2:94:09:17:32:60:aa:e9:c6:
5e:db:bf:4f:54:ed:ed:cf:be:ff:40:a6:b2:2c:e8:
79:7a:8f:74:38:e3:ff:2a:76:58:0c:06:bd:4c:33:
17:21:22:63:ac:a0:55:22:d4:ab:5a:14:f1:b5:46:
d6:eb:68:30:bd:12:35:ce:0b:66:0c:0b:8f:85:ee:
a6:8d:7d:09:6c:dc:99:7b:05:25:d6:a2:2c:bc:0e:
0d:a5:bb:0a:c7:91:f2:4b:35:7c:89:e9:f7:c9:9d:
15:bc:f5:09:0c:83:6e:fa:4b:0a:2b:21:94:9d:d9:
dd:15:e7:cb:10:f0:6f:ef:71:a9:da:94:17:a1:87:
96:02:84:f7:43:bf:4c:5f:30:21:ba:35:96:df:b0:
5a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EF:A0:7C:64:FE:E6:91:78:7A:81:03:F7:77:A7:73:A3:C3:1A:0F
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mu-gfGT-5pF4eoED93enc6PDGg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.220.0/23
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
15:68:79:3e:31:fa:1b:69:72:69:14:65:c3:34:3a:52:9e:5b:
9e:47:1f:f8:93:3c:84:58:f1:5b:95:96:30:0d:58:7f:dc:83:
10:dd:7f:a0:45:08:08:cc:d7:72:fb:ce:de:1b:4b:e4:a0:99:
be:89:f1:38:35:d3:f0:75:0f:89:20:fd:ef:d8:b5:6a:d1:d6:
23:10:c5:72:0b:d8:35:08:e4:3a:fc:11:17:06:fd:62:41:22:
94:40:6f:e2:03:40:c3:78:eb:0d:f9:3a:fb:70:2f:9a:a1:cd:
31:e5:ba:b6:88:4f:fd:ed:14:c4:f4:e8:9c:2c:7b:f4:ca:46:
cd:92:fd:e1:95:e7:49:e0:f0:dc:83:6c:d6:47:35:5d:03:de:
6a:d1:4a:d4:5d:47:fd:d8:70:b0:41:43:65:42:17:0c:55:43:
0b:11:8a:50:93:d3:ae:b5:d2:a1:66:f9:cb:85:75:46:c0:c9:
4e:29:3b:b9:28:0e:19:c9:86:68:b9:94:35:49:6b:8e:86:07:
60:2f:54:6e:5d:75:f4:12:b2:8f:fe:48:33:36:9f:9a:6e:0a:
df:1c:36:24:6b:6f:8b:74:b1:bd:ac:d7:b3:c0:cf:9e:06:d8:
70:98:5a:75:20:1c:c9:d4:d5:21:79:01:d5:3b:a0:f2:19:1d:
87:7e:83:8a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZcPrcIzKG0WlOo5qsM6QZrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwNTI3MDI1ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWVmYTA3YzY0ZmVlNjkxNzg3YTgxMDNmNzc3YTc3M2EzYzMxYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO3tZasnf0c9PLRfWBlB95eqCO5O
Js9rMExcTZwWTOPsXY6dRYCN8wrRhHmA4htp1cH2dFGkmsVBol/TsvbTrHGDfK8F
gIl0j0wVKMzcrn2bUczueYDU3VktCsrB++NVkQTsnQbA3SXJlGxdbTmylAkXMmCq
6cZe279PVO3tz77/QKayLOh5eo90OOP/KnZYDAa9TDMXISJjrKBVItSrWhTxtUbW
62gwvRI1zgtmDAuPhe6mjX0JbNyZewUl1qIsvA4NpbsKx5HySzV8ien3yZ0VvPUJ
DINu+ksKKyGUndndFefLEPBv73Gp2pQXoYeWAoT3Q79MXzAhujWW37BaCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJrvoHxk/uaReHqBA/d3p3OjwxoPMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvbXUtZ2ZHVC01cEY0ZW9FRDkzZW5jNlBER2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBbfjcAwQA
vIK2AwQCw9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQAVaHk+
MfobaXJpFGXDNDpSnlueRx/4kzyEWPFblZYwDVh/3IMQ3X+gRQgIzNdy+87eG0vk
oJm+ifE4NdPwdQ+JIP3v2LVq0dYjEMVyC9g1COQ6/BEXBv1iQSKUQG/iA0DDeOsN
+Tr7cC+aoc0x5bq2iE/97RTE9OicLHv0ykbNkv3hledJ4PDcg2zWRzVdA95q0UrU
XUf92HCwQUNlQhcMVUMLEYpQk9OutdKhZvnLhXVGwMlOKTu5KA4ZyYZouZQ1SWuO
hgdgL1RuXXX0ErKP/kgzNp+abgrfHDYka2+LdLG9rNezwM+eBthwmFp1IBzJ1NUh
eQHVO6DyGR2HfoOK
-----END CERTIFICATE-----
Generated at Mon Jun 9 09:52:13 2025 by rpki-client