Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/MctjMjaZhwlMA3wD-b5124f3nZQ.roa
File: MctjMjaZhwlMA3wD-b5124f3nZQ.roa (raw, json)
Hash identifier: aVNXyAPT4c5nD/IXVNvFHcYgiAIUHjEYxygl4u3Jia4=
Subject key identifier: 31:CB:63:32:36:99:87:09:4C:03:7C:03:F9:BE:75:DB:87:F7:9D:94
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194282754FE3A7DA5730A70FC78FD8FA751
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/MctjMjaZhwlMA3wD-b5124f3nZQ.roa
Signing time: Thu 02 Jan 2025 17:54:13 +0000
ROA not before: Thu 02 Jan 2025 17:54:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 91.208.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 05:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:54:fe:3a:7d:a5:73:0a:70:fc:78:fd:8f:a7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31cb6332369987094c037c03f9be75db87f79d94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fe:2f:13:ab:c5:85:66:e1:2b:72:5d:c9:c4:
bc:49:5a:52:e3:01:c6:99:45:f6:c7:0d:a7:4a:fa:
ab:60:52:72:2a:94:1c:d2:58:b8:eb:5c:32:c8:1e:
8e:4a:ef:f4:8e:fe:64:93:5d:f4:e0:ac:50:9f:c2:
6f:f2:09:99:bd:87:03:33:da:70:7e:04:14:51:5f:
86:e8:e7:c2:cb:f4:63:5a:54:e2:b2:2d:48:fd:af:
42:ac:7e:d0:0f:ea:97:83:b8:46:52:1e:f5:a3:fe:
13:00:80:4d:8c:31:90:ac:9d:fa:3a:42:7f:8e:69:
46:69:7c:5a:39:0a:ca:88:24:45:26:b3:84:2c:e1:
80:6d:7c:0e:19:92:e1:42:b7:b3:08:4a:03:84:ec:
b9:0c:35:da:1c:f3:f9:52:3e:ba:fd:5a:b4:28:34:
bb:a4:f0:d0:0b:a2:0a:ca:31:13:bd:91:ac:9e:82:
8b:af:56:fc:2d:e5:be:72:b6:50:d0:38:80:87:b0:
dc:32:28:8f:72:a3:62:4d:cb:f3:59:f8:ba:ad:45:
75:25:1b:0d:38:96:ad:20:a8:d9:88:e9:a0:3e:00:
21:d1:90:e5:a7:ef:84:77:14:13:da:58:e8:70:f2:
ce:38:fe:17:78:25:a0:8f:b7:b1:7f:2f:77:f7:a2:
7a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CB:63:32:36:99:87:09:4C:03:7C:03:F9:BE:75:DB:87:F7:9D:94
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/MctjMjaZhwlMA3wD-b5124f3nZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.61.0/24
Signature Algorithm: sha256WithRSAEncryption
78:ce:53:43:86:ef:80:5a:74:aa:74:33:39:61:b3:0e:b2:c3:
e5:3d:5d:c7:30:3b:97:d2:13:b9:e4:44:d5:00:50:ac:f0:50:
5c:f9:c4:db:a1:ef:82:b4:cb:01:94:fb:55:83:97:47:a6:3f:
5a:90:d4:13:88:02:9b:04:9c:04:f0:c7:c7:f2:ef:82:03:8c:
0c:62:1e:f0:de:cc:de:4f:05:3a:d1:60:d9:76:95:1c:f7:ce:
ef:d3:f2:2b:d5:ee:8f:1e:c6:19:e1:e2:74:27:13:74:3f:ad:
1a:63:11:79:48:d4:34:a2:c7:cf:63:19:64:b7:16:4d:32:f3:
48:0b:02:bd:4e:31:b0:02:41:8b:0a:cd:ea:be:0b:4f:19:b1:
5d:a7:38:aa:96:11:4b:1f:92:bb:f3:57:4e:28:01:b3:a9:9f:
08:89:47:e0:c5:61:f7:b9:c8:99:ae:78:70:7e:8f:5e:e4:e9:
15:4f:0e:00:eb:9c:7a:06:5e:33:d9:ea:c7:17:4d:a5:18:b6:
9b:0e:0a:06:3f:21:ce:66:59:63:ca:91:fc:b6:f5:ea:0e:3a:
e7:54:bc:65:bc:96:ee:46:93:c0:b0:d7:05:9b:85:af:34:a5:
6e:30:a2:46:97:99:31:d5:19:3a:a9:3c:21:72:fe:c7:c4:80:
ac:88:75:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJ1T+On2lcwpw/Hj9j6dRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNiNjMzMjM2OTk4NzA5NGMwMzdjMDNmOWJlNzVkYjg3Zjc5ZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlf4vE6vFhWbhK3JdycS8SVpS4wHG
mUX2xw2nSvqrYFJyKpQc0li461wyyB6OSu/0jv5kk1304KxQn8Jv8gmZvYcDM9pw
fgQUUV+G6OfCy/RjWlTisi1I/a9CrH7QD+qXg7hGUh71o/4TAIBNjDGQrJ36OkJ/
jmlGaXxaOQrKiCRFJrOELOGAbXwOGZLhQrezCEoDhOy5DDXaHPP5Uj66/Vq0KDS7
pPDQC6IKyjETvZGsnoKLr1b8LeW+crZQ0DiAh7DcMiiPcqNiTcvzWfi6rUV1JRsN
OJatIKjZiOmgPgAh0ZDlp++EdxQT2ljocPLOOP4XeCWgj7exfy9396J6+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHLYzI2mYcJTAN8A/m+dduH952UMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTWN0ak1qYVpod2xNQTN3RC1iNTEyNGYzblpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9A9MA0G
CSqGSIb3DQEBCwUAA4IBAQB4zlNDhu+AWnSqdDM5YbMOssPlPV3HMDuX0hO55ETV
AFCs8FBc+cTboe+CtMsBlPtVg5dHpj9akNQTiAKbBJwE8MfH8u+CA4wMYh7w3sze
TwU60WDZdpUc987v0/Ir1e6PHsYZ4eJ0JxN0P60aYxF5SNQ0osfPYxlktxZNMvNI
CwK9TjGwAkGLCs3qvgtPGbFdpziqlhFLH5K781dOKAGzqZ8IiUfgxWH3uciZrnhw
fo9e5OkVTw4A65x6Bl4z2erHF02lGLabDgoGPyHOZlljypH8tvXqDjrnVLxlvJbu
RpPAsNcFm4WvNKVuMKJGl5kx1Rk6qTwhcv7HxICsiHXq
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:03:32 2025 by rpki-client