Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/_MQMYx9xEAXNW8G-FxQWiYAJhNI.roa
File: _MQMYx9xEAXNW8G-FxQWiYAJhNI.roa (raw, json)
Hash identifier: meB7Tis9skTim35i/fw86z611JzvNuAdd94+5paFqzE=
Subject key identifier: FC:C4:0C:63:1F:71:10:05:CD:5B:C1:BE:17:14:16:89:80:09:84:D2
Certificate issuer: /CN=34958a58d17cab8ff9a79156f66bed5a78799f7e
Certificate serial: 018CC5007A30BAA6C722FA9C38BAB1F880AD
Authority key identifier: 34:95:8A:58:D1:7C:AB:8F:F9:A7:91:56:F6:6B:ED:5A:78:79:9F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJWKWNF8q4_5p5FW9mvtWnh5n34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/_MQMYx9xEAXNW8G-FxQWiYAJhNI.roa
Signing time: Mon 01 Jan 2024 12:29:51 +0000
ROA not before: Mon 01 Jan 2024 12:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39122
IP address blocks: 85.159.16.0/21 maxlen: 21
2a01:4d8::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:7a:30:ba:a6:c7:22:fa:9c:38:ba:b1:f8:80:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34958a58d17cab8ff9a79156f66bed5a78799f7e
Validity
Not Before: Jan 1 12:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcc40c631f711005cd5bc1be17141689800984d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:24:12:2e:61:a0:07:2f:e9:0e:19:bb:51:25:
fe:94:e7:72:42:dd:a5:f6:ce:b9:f3:38:db:b9:9b:
8b:19:05:24:23:c8:8b:31:ff:53:d9:45:71:fd:39:
88:21:7a:c7:0f:22:46:4a:bc:37:65:86:2d:a1:fe:
12:9f:42:db:21:23:d5:14:0b:28:c4:90:64:52:04:
7a:76:68:e8:2d:88:f4:c3:53:d1:19:1a:33:94:df:
99:10:d0:50:87:49:38:82:b0:d9:ac:bc:83:72:88:
14:9a:48:bc:a5:6d:ca:cd:e7:10:8f:17:b1:2d:8c:
28:b3:a9:06:3d:4c:f9:b4:77:a5:c4:26:17:29:da:
29:43:82:db:d6:3a:7a:82:c6:c4:80:d1:aa:33:f0:
d3:8d:f8:c9:c3:07:1f:c5:f7:ea:a6:ae:79:6c:51:
4c:b1:7d:11:df:ae:ba:7d:e4:ff:7f:e0:14:3f:ff:
0c:c4:e0:60:b2:5b:20:a3:10:2f:f8:c7:a9:27:56:
cd:fb:83:a6:51:6b:aa:2e:ab:a7:68:fd:89:ac:71:
f1:87:59:8c:b0:84:6c:0f:7e:41:bd:6d:25:6d:d1:
36:01:c8:60:5e:17:96:6c:4b:fe:80:91:77:0e:c1:
ba:2c:da:e4:f8:e9:02:93:e0:65:63:04:c0:9e:96:
e3:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C4:0C:63:1F:71:10:05:CD:5B:C1:BE:17:14:16:89:80:09:84:D2
X509v3 Authority Key Identifier:
keyid:34:95:8A:58:D1:7C:AB:8F:F9:A7:91:56:F6:6B:ED:5A:78:79:9F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJWKWNF8q4_5p5FW9mvtWnh5n34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/_MQMYx9xEAXNW8G-FxQWiYAJhNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d6c525-4a39-4db8-8c5d-46810613538a/1/NJWKWNF8q4_5p5FW9mvtWnh5n34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.16.0/21
IPv6:
2a01:4d8::/32
Signature Algorithm: sha256WithRSAEncryption
30:98:fb:dd:e6:be:c1:26:e1:dd:0f:ee:35:c2:e5:93:f5:5f:
fd:a3:55:b7:35:3a:f0:ec:3a:9f:01:8d:17:bb:38:8d:49:f2:
bb:d4:2a:37:66:d9:82:58:b3:20:17:30:23:5b:15:44:37:c5:
21:13:09:95:01:e5:ae:ab:c9:5b:49:8f:54:9a:38:8b:df:e6:
69:b0:e7:af:17:a3:c2:14:fd:58:e4:b4:f3:e6:3a:8a:ea:93:
ae:68:b1:cc:d0:da:58:3c:d9:72:82:ce:23:20:6c:3b:b5:3d:
ee:4e:88:21:6f:7a:80:95:7d:06:ad:fe:8b:25:62:76:57:43:
42:d6:07:36:0b:53:de:df:6f:ef:19:ac:9d:26:7f:8b:73:b9:
b4:4e:0d:13:2c:bc:9e:05:ee:80:19:2c:00:20:d6:0f:ba:85:
5b:92:b0:1e:5a:75:2d:6a:a0:65:b7:1f:2f:df:78:1a:5f:fd:
11:5b:20:c7:2f:26:36:72:88:af:40:7b:a0:36:f8:4e:6b:92:
25:c9:1c:f0:05:e2:de:a7:18:81:a8:ff:98:7c:f6:54:eb:a3:
5d:0f:b7:84:e2:89:e0:f0:06:11:e2:6f:fc:b3:6f:da:a4:51:
ef:e9:3b:ce:9e:76:0d:fb:13:bf:5b:14:c5:e7:97:43:38:86:
ec:59:31:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAHowuqbHIvqcOLqx+ICtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTU4YTU4ZDE3Y2FiOGZmOWE3OTE1NmY2NmJlZDVhNzg3
OTlmN2UwHhcNMjQwMTAxMTIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2M0MGM2MzFmNzExMDA1Y2Q1YmMxYmUxNzE0MTY4OTgwMDk4NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCQSLmGgBy/pDhm7USX+lOdyQt2l
9s658zjbuZuLGQUkI8iLMf9T2UVx/TmIIXrHDyJGSrw3ZYYtof4Sn0LbISPVFAso
xJBkUgR6dmjoLYj0w1PRGRozlN+ZENBQh0k4grDZrLyDcogUmki8pW3KzecQjxex
LYwos6kGPUz5tHelxCYXKdopQ4Lb1jp6gsbEgNGqM/DTjfjJwwcfxffqpq55bFFM
sX0R3666feT/f+AUP/8MxOBgslsgoxAv+MepJ1bN+4OmUWuqLqunaP2JrHHxh1mM
sIRsD35BvW0lbdE2AchgXheWbEv+gJF3DsG6LNrk+OkCk+BlYwTAnpbjmwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPzEDGMfcRAFzVvBvhcUFomACYTSMB8GA1UdIwQY
MBaAFDSViljRfKuP+aeRVvZr7Vp4eZ9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpXS1dORjhxNF81cDVGVzltdnRXbmg1bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kNmM1MjUtNGEzOS00ZGI4LThjNWQt
NDY4MTA2MTM1MzhhLzEvX01RTVl4OXhFQVhOVzhHLUZ4UVdpWUFKaE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kNmM1MjUtNGEzOS00ZGI4LThjNWQtNDY4MTA2MTM1Mzhh
LzEvTkpXS1dORjhxNF81cDVGVzltdnRXbmg1bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDVZ8QMA0E
AgACMAcDBQAqAQTYMA0GCSqGSIb3DQEBCwUAA4IBAQAwmPvd5r7BJuHdD+41wuWT
9V/9o1W3NTrw7DqfAY0XuziNSfK71Co3ZtmCWLMgFzAjWxVEN8UhEwmVAeWuq8lb
SY9UmjiL3+ZpsOevF6PCFP1Y5LTz5jqK6pOuaLHM0NpYPNlygs4jIGw7tT3uTogh
b3qAlX0Grf6LJWJ2V0NC1gc2C1Pe32/vGaydJn+Lc7m0Tg0TLLyeBe6AGSwAINYP
uoVbkrAeWnUtaqBltx8v33gaX/0RWyDHLyY2coivQHugNvhOa5IlyRzwBeLepxiB
qP+YfPZU66NdD7eE4ong8AYR4m/8s2/apFHv6TvOnnYN+xO/WxTF55dDOIbsWTHN
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:50:53 2025 by rpki-client