Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2s_MBusFqBlhC4rYoIwYFiU8om4.roa
File: 2s_MBusFqBlhC4rYoIwYFiU8om4.roa (raw, json)
Hash identifier: p0pfIhYqH2Nr/ynby/w0PhBSF52/xm3XFvAFzoD2bQY=
Subject key identifier: DA:CF:CC:06:EB:05:A8:19:61:0B:8A:D8:A0:8C:18:16:25:3C:A2:6E
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01920F6632C7FA38BE8FF9C8FCAF29FAE68F
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2s_MBusFqBlhC4rYoIwYFiU8om4.roa
Signing time: Fri 20 Sep 2024 12:26:48 +0000
ROA not before: Fri 20 Sep 2024 12:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 167.160.28.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.166.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.176.0/24 maxlen: 24
203.188.177.0/24 maxlen: 24
203.188.178.0/24 maxlen: 24
203.188.179.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Sep 2024 14:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:66:32:c7:fa:38:be:8f:f9:c8:fc:af:29:fa:e6:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Sep 20 12:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dacfcc06eb05a819610b8ad8a08c1816253ca26e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d3:ab:6e:6b:05:0a:97:a6:a1:0c:d9:fd:c4:
e6:3e:44:0f:7e:c6:16:f3:1b:06:16:d8:df:f9:2a:
44:84:3d:00:a2:f1:b5:2b:1c:7f:0c:ea:47:7a:e3:
10:9f:df:8b:76:dc:78:e0:cd:89:4f:7b:2a:fa:ae:
9f:02:75:9e:75:d4:49:20:ed:98:c9:f8:75:79:df:
06:80:43:fc:6d:55:ae:22:e1:dc:42:04:73:8c:44:
22:2f:92:0e:7e:63:2d:39:3e:76:d7:88:26:7f:9c:
43:d7:c0:59:a1:7f:65:36:46:ee:05:2f:0b:f6:b7:
f9:f6:5c:df:71:2b:19:fa:70:33:6b:9f:02:c4:34:
e2:4c:24:13:c3:e0:51:2f:53:5b:40:c6:28:77:34:
fd:5e:a5:1c:d9:fe:6f:f9:97:e6:77:7b:9a:66:93:
4a:3a:e0:f3:f2:2c:fd:ac:5e:63:88:22:8f:8a:bf:
bc:63:40:8c:91:b4:6e:b9:85:fb:3e:08:2b:13:ce:
91:ef:60:fa:59:84:af:f8:87:87:78:74:70:34:45:
62:8a:67:c6:f2:6c:f0:27:ea:7f:39:27:ea:a4:46:
0b:1b:bc:65:57:29:e9:eb:c1:83:0d:69:1f:c6:79:
1f:88:04:a8:a0:eb:bc:db:3d:0d:7e:d2:20:db:78:
fd:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:CF:CC:06:EB:05:A8:19:61:0B:8A:D8:A0:8C:18:16:25:3C:A2:6E
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2s_MBusFqBlhC4rYoIwYFiU8om4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.28.0/24
198.55.31.0/24
203.188.166.0/24
203.188.174.0-203.188.180.255
Signature Algorithm: sha256WithRSAEncryption
4b:c4:5b:32:98:0b:8d:5e:e4:c2:e9:c3:c2:a1:68:40:6b:07:
31:a5:b2:0a:e1:dc:2f:01:50:87:08:ef:f6:a6:84:8f:f4:9e:
ef:83:d5:b4:18:87:87:75:7a:07:7b:de:47:d0:38:02:14:40:
ee:36:2a:1b:a4:c8:ef:f9:1f:5b:c1:2c:89:80:ed:a3:07:48:
d8:84:e1:02:83:2c:33:57:5c:62:66:c4:73:75:c3:d5:11:77:
48:70:bd:ab:9e:83:eb:1c:5d:f5:92:ca:fa:b8:b9:be:6f:7b:
b6:b6:f6:7c:b6:5c:06:a8:89:84:60:38:ee:7d:17:2e:bd:e8:
ed:64:19:6f:af:bd:40:d5:61:46:a5:c1:c8:9b:fd:25:2d:b4:
fe:a2:e6:92:74:d6:ab:a9:c1:6d:e3:93:7f:83:41:7f:93:1c:
ac:54:dc:a4:e8:4d:ca:91:b8:2f:9f:d7:32:9a:bf:f0:d8:0c:
47:28:18:5a:42:87:69:e7:d7:37:ff:96:a6:7f:6f:d7:03:81:
33:18:f6:68:52:7b:f8:5d:b1:b6:55:01:b2:2d:4f:be:ef:55:
d9:75:86:7c:c0:a3:d8:3d:3b:7f:ae:2f:0a:03:bc:27:8f:1c:
19:0f:c2:12:1d:4e:f3:3b:4e:4e:06:db:f5:82:65:13:49:06:
70:12:b7:a4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZIPZjLH+ji+j/nI/K8p+uaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwOTIwMTIyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWNmY2MwNmViMDVhODE5NjEwYjhhZDhhMDhjMTgxNjI1M2NhMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9OrbmsFCpemoQzZ/cTmPkQPfsYW
8xsGFtjf+SpEhD0AovG1Kxx/DOpHeuMQn9+Ldtx44M2JT3sq+q6fAnWeddRJIO2Y
yfh1ed8GgEP8bVWuIuHcQgRzjEQiL5IOfmMtOT5214gmf5xD18BZoX9lNkbuBS8L
9rf59lzfcSsZ+nAza58CxDTiTCQTw+BRL1NbQMYodzT9XqUc2f5v+Zfmd3uaZpNK
OuDz8iz9rF5jiCKPir+8Y0CMkbRuuYX7PggrE86R72D6WYSv+IeHeHRwNEViimfG
8mzwJ+p/OSfqpEYLG7xlVynp68GDDWkfxnkfiASooOu82z0NftIg23j9pwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNrPzAbrBagZYQuK2KCMGBYlPKJuMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMnNfTUJ1c0ZxQmxoQzRyWW9Jd1lGaVU4b200LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAp6AcAwQA
xjcfAwQAy7ymMAwDBAHLvK4DBADLvLQwDQYJKoZIhvcNAQELBQADggEBAEvEWzKY
C41e5MLpw8KhaEBrBzGlsgrh3C8BUIcI7/amhI/0nu+D1bQYh4d1egd73kfQOAIU
QO42KhukyO/5H1vBLImA7aMHSNiE4QKDLDNXXGJmxHN1w9URd0hwvaueg+scXfWS
yvq4ub5ve7a29ny2XAaoiYRgOO59Fy696O1kGW+vvUDVYUalwcib/SUttP6i5pJ0
1qupwW3jk3+DQX+THKxU3KToTcqRuC+f1zKav/DYDEcoGFpCh2nn1zf/lqZ/b9cD
gTMY9mhSe/hdsbZVAbItT77vVdl1hnzAo9g9O3+uLwoDvCePHBkPwhIdTvM7Tk4G
2/WCZRNJBnASt6Q=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:31:25 2025 by rpki-client