Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mjS1Mto9gA5Wm2YggPbYio5Mrjk.roa
File: mjS1Mto9gA5Wm2YggPbYio5Mrjk.roa (raw, json)
Hash identifier: dZpfiRL7UdBva+fszSUXYcVdjXpguB0ynP4QzaOgvIo=
Subject key identifier: 9A:34:B5:32:DA:3D:80:0E:56:9B:66:20:80:F6:D8:8A:8E:4C:AE:39
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019425FC742EF44A3C99F83C09DC8A0F3F01
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mjS1Mto9gA5Wm2YggPbYio5Mrjk.roa
Signing time: Thu 02 Jan 2025 07:48:09 +0000
ROA not before: Thu 02 Jan 2025 07:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48024
IP address blocks: 178.173.228.0/24 maxlen: 24
178.173.232.0/23 maxlen: 23
178.173.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 13:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:74:2e:f4:4a:3c:99:f8:3c:09:dc:8a:0f:3f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 07:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a34b532da3d800e569b662080f6d88a8e4cae39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b6:2b:9d:b8:6c:fa:16:66:83:79:b6:03:27:
91:ca:c4:42:db:6a:49:24:de:76:22:f1:15:20:8d:
23:b5:c7:94:54:31:2f:46:0f:7c:f1:ed:1e:3f:e5:
48:12:cf:dc:04:6d:b6:f6:88:77:fe:e6:60:fa:2b:
96:8a:b0:6d:4e:0d:6d:a0:9a:e3:e0:38:1b:ac:71:
45:49:c0:1b:4e:58:5b:ec:03:83:52:aa:fb:30:1f:
5c:31:25:0a:cf:b6:50:d4:cd:e0:03:5c:b9:52:a5:
e2:d1:0b:68:46:ed:a7:d0:77:f5:ef:35:9f:89:c2:
eb:19:1e:bd:fa:6b:cb:2a:83:56:e3:5a:64:81:6d:
0e:5c:3f:92:0e:49:57:98:4d:10:8e:6b:e5:3c:d6:
63:f8:a1:96:da:51:92:19:56:ac:40:11:c7:d3:d6:
18:c0:47:65:e6:95:f7:23:7f:fe:e9:4f:9e:bb:31:
92:3b:54:5c:83:69:13:f6:fa:d4:f7:21:57:8c:3a:
7e:a0:0c:df:40:45:99:53:80:07:17:0d:f2:29:95:
bd:40:01:00:35:8e:15:a4:04:3e:89:05:b2:49:36:
4e:29:97:d0:fa:a8:16:92:a6:5f:03:80:da:2b:3d:
b1:7b:6c:40:92:b3:84:e9:9c:91:e7:a9:5a:7e:10:
b6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:34:B5:32:DA:3D:80:0E:56:9B:66:20:80:F6:D8:8A:8E:4C:AE:39
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mjS1Mto9gA5Wm2YggPbYio5Mrjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.228.0/24
178.173.232.0/23
178.173.241.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:eb:a0:ee:d5:eb:9e:84:da:a8:70:91:10:cc:88:48:6c:4f:
18:a5:19:bb:d8:00:18:f2:90:8c:80:62:68:95:bd:5b:9b:83:
33:f7:23:55:8a:01:a2:fc:e2:43:0f:25:3b:f1:1e:b3:d3:53:
a4:d3:06:3d:7e:dd:d1:02:c4:7f:58:10:3c:e6:95:b3:1a:5f:
a6:da:12:08:d7:21:16:32:26:7d:c0:5b:ee:eb:84:bc:e3:9f:
be:96:50:16:59:8d:72:1b:5e:a3:03:44:19:07:f6:3a:d2:dd:
ca:b3:fc:1d:e1:8e:46:ea:24:19:33:19:8a:4b:5d:9e:4d:66:
9e:3e:ed:63:d2:dc:79:dc:80:3f:01:54:0d:97:93:1a:0c:95:
86:7c:33:bc:87:c6:ca:74:15:a4:b1:4b:c8:db:15:46:07:da:
53:0b:3a:61:43:bc:42:f6:1a:f3:de:70:da:3c:17:b5:12:6f:
1d:da:b8:f3:36:30:c5:a9:27:0d:bd:06:98:4e:d1:68:09:75:
09:7b:29:eb:a9:df:9d:48:61:16:b6:b3:be:7e:0a:15:a1:47:
da:90:08:e5:b1:7d:fd:db:9f:ae:cd:bd:c7:0a:5d:ba:a9:07:
21:00:34:57:57:55:e3:49:0b:6d:79:b2:15:2a:92:b0:a7:93:
eb:db:74:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQl/HQu9Eo8mfg8CdyKDz8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwMTAyMDc0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTM0YjUzMmRhM2Q4MDBlNTY5YjY2MjA4MGY2ZDg4YThlNGNhZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLYrnbhs+hZmg3m2AyeRysRC22pJ
JN52IvEVII0jtceUVDEvRg988e0eP+VIEs/cBG229oh3/uZg+iuWirBtTg1toJrj
4DgbrHFFScAbTlhb7AODUqr7MB9cMSUKz7ZQ1M3gA1y5UqXi0QtoRu2n0Hf17zWf
icLrGR69+mvLKoNW41pkgW0OXD+SDklXmE0QjmvlPNZj+KGW2lGSGVasQBHH09YY
wEdl5pX3I3/+6U+euzGSO1Rcg2kT9vrU9yFXjDp+oAzfQEWZU4AHFw3yKZW9QAEA
NY4VpAQ+iQWySTZOKZfQ+qgWkqZfA4DaKz2xe2xAkrOE6ZyR56lafhC2MwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJo0tTLaPYAOVptmIID22IqOTK45MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbWpTMU10bzlnQTVXbTJZZ2dQYllpbzVNcmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsq3kAwQB
sq3oAwQAsq3xMA0GCSqGSIb3DQEBCwUAA4IBAQDU66Du1euehNqocJEQzIhIbE8Y
pRm72AAY8pCMgGJolb1bm4Mz9yNVigGi/OJDDyU78R6z01Ok0wY9ft3RAsR/WBA8
5pWzGl+m2hII1yEWMiZ9wFvu64S845++llAWWY1yG16jA0QZB/Y60t3Ks/wd4Y5G
6iQZMxmKS12eTWaePu1j0tx53IA/AVQNl5MaDJWGfDO8h8bKdBWksUvI2xVGB9pT
CzphQ7xC9hrz3nDaPBe1Em8d2rjzNjDFqScNvQaYTtFoCXUJeynrqd+dSGEWtrO+
fgoVoUfakAjlsX3925+uzb3HCl26qQchADRXV1XjSQttebIVKpKwp5Pr23Ri
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:50:56 2025 by rpki-client