Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/16c64b-b965-49cc-aa40-0dc20a7d82b9/1/mT_DIrGCLzz_x92heX52XrOVuJg.roa
File: mT_DIrGCLzz_x92heX52XrOVuJg.roa (raw, json)
Hash identifier: 1f0prCJ6QvXUd34zCEpoLRKZDMX499ysvBpd2B/XLXk=
Subject key identifier: 99:3F:C3:22:B1:82:2F:3C:FF:C7:DD:A1:79:7E:76:5E:B3:95:B8:98
Certificate issuer: /CN=f731c339b1861722bffe867218314ce1295c3c85
Certificate serial: 018CC56DDC0C916E29C5A86EC07E85EEC968
Authority key identifier: F7:31:C3:39:B1:86:17:22:BF:FE:86:72:18:31:4C:E1:29:5C:3C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zHDObGGFyK__oZyGDFM4SlcPIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/16c64b-b965-49cc-aa40-0dc20a7d82b9/1/mT_DIrGCLzz_x92heX52XrOVuJg.roa
Signing time: Mon 01 Jan 2024 14:29:20 +0000
ROA not before: Mon 01 Jan 2024 14:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56791
IP address blocks: 185.45.100.0/22 maxlen: 32
176.32.128.0/19 maxlen: 32
176.119.197.0/24 maxlen: 32
2a00:9e80::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:dc:0c:91:6e:29:c5:a8:6e:c0:7e:85:ee:c9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f731c339b1861722bffe867218314ce1295c3c85
Validity
Not Before: Jan 1 14:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=993fc322b1822f3cffc7dda1797e765eb395b898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:97:41:c6:2c:42:af:73:cc:5d:6c:e2:2f:94:
71:06:28:dd:bb:61:57:54:a2:4c:df:3d:52:b5:63:
09:5e:6d:a1:d9:0e:96:cb:a9:27:c7:c5:36:94:f4:
09:02:f4:80:cf:e5:a7:a5:c9:45:d6:71:d3:97:cc:
e3:83:e3:dc:1a:38:5a:90:0e:fd:51:23:7f:e1:0b:
ad:3b:49:76:aa:dc:14:ce:ce:87:3d:84:e3:1e:1f:
d5:1a:f4:87:39:4f:d8:77:31:c6:00:ce:7b:45:35:
43:92:46:fb:13:6e:58:f6:d3:94:1b:c6:cf:5e:fd:
95:ec:4e:ec:4a:46:ad:6e:b6:89:47:05:1c:76:33:
62:53:92:10:33:29:66:c1:c0:2f:a3:c8:47:c3:fe:
bc:ef:e6:5c:3e:cc:b1:9e:56:f0:d4:be:2e:f0:af:
97:e2:1c:a2:13:92:ad:4e:e9:06:97:7d:ee:18:5b:
d2:2e:2d:ac:6e:e4:e7:e8:8f:79:a1:ef:a0:cb:9d:
40:01:d3:c7:b4:32:be:ea:e6:9e:2c:cd:89:93:47:
71:25:00:66:8c:12:49:e0:34:9c:f4:17:0e:c2:cf:
c6:aa:e7:db:b9:34:42:a2:d7:4c:96:c9:45:59:4d:
fe:24:90:36:cd:cb:a8:ac:9a:88:ee:e7:c5:d0:46:
3c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3F:C3:22:B1:82:2F:3C:FF:C7:DD:A1:79:7E:76:5E:B3:95:B8:98
X509v3 Authority Key Identifier:
keyid:F7:31:C3:39:B1:86:17:22:BF:FE:86:72:18:31:4C:E1:29:5C:3C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zHDObGGFyK__oZyGDFM4SlcPIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/16c64b-b965-49cc-aa40-0dc20a7d82b9/1/mT_DIrGCLzz_x92heX52XrOVuJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/16c64b-b965-49cc-aa40-0dc20a7d82b9/1/9zHDObGGFyK__oZyGDFM4SlcPIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.128.0/19
176.119.197.0/24
185.45.100.0/22
IPv6:
2a00:9e80::/29
Signature Algorithm: sha256WithRSAEncryption
10:06:a3:5f:19:e8:dc:79:0e:d5:c2:24:3f:22:f1:bd:ac:68:
34:29:95:44:93:81:97:58:aa:7b:d9:5e:58:53:b6:94:73:b6:
b3:f2:7a:d7:66:c2:d3:4c:00:4c:43:07:d6:63:4f:22:0e:4f:
e6:a5:af:db:f0:53:55:c6:8f:43:47:4c:b7:2b:ac:48:cd:af:
05:ce:f2:15:69:23:f0:50:88:a3:68:6f:27:66:29:83:43:b7:
1b:08:57:a9:c2:c7:03:2d:a4:a7:8e:13:b5:13:74:e6:06:82:
9c:5a:be:f8:0d:31:34:e6:39:99:30:85:c0:be:29:7f:d2:fc:
e3:b5:8e:83:35:32:c0:15:12:93:80:f2:c8:c6:d9:ef:88:c0:
23:1c:b3:16:ce:47:49:50:7d:55:83:19:08:59:16:6f:92:18:
f0:d9:c4:eb:17:46:0c:0e:4b:bf:f1:34:e4:cb:a9:ba:9b:b7:
96:33:d8:61:61:12:e3:3a:6d:00:5a:fc:d5:26:e0:06:60:3e:
1e:6e:d9:49:71:92:24:5f:2e:ce:c0:cd:4b:16:38:94:49:36:
c8:0d:46:59:c4:45:4f:4e:a9:6b:03:5e:73:99:74:64:9e:73:
66:6f:25:05:06:af:82:24:af:94:c4:46:3e:d4:4b:e6:53:cf:
8e:a4:d8:0f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbdwMkW4pxahuwH6F7sloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MzFjMzM5YjE4NjE3MjJiZmZlODY3MjE4MzE0Y2UxMjk1
YzNjODUwHhcNMjQwMTAxMTQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTNmYzMyMmIxODIyZjNjZmZjN2RkYTE3OTdlNzY1ZWIzOTViODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5dBxixCr3PMXWziL5RxBijdu2FX
VKJM3z1StWMJXm2h2Q6Wy6knx8U2lPQJAvSAz+WnpclF1nHTl8zjg+PcGjhakA79
USN/4QutO0l2qtwUzs6HPYTjHh/VGvSHOU/YdzHGAM57RTVDkkb7E25Y9tOUG8bP
Xv2V7E7sSkatbraJRwUcdjNiU5IQMylmwcAvo8hHw/687+ZcPsyxnlbw1L4u8K+X
4hyiE5KtTukGl33uGFvSLi2sbuTn6I95oe+gy51AAdPHtDK+6uaeLM2Jk0dxJQBm
jBJJ4DSc9BcOws/GqufbuTRCotdMlslFWU3+JJA2zcuorJqI7ufF0EY8BwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJk/wyKxgi88/8fdoXl+dl6zlbiYMB8GA1UdIwQY
MBaAFPcxwzmxhhciv/6GchgxTOEpXDyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXpIRE9iR0dGeUtfX29aeUdERk00U2xjUElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8xNmM2NGItYjk2NS00OWNjLWFhNDAt
MGRjMjBhN2Q4MmI5LzEvbVRfRElyR0NMenpfeDkyaGVYNTJYck9WdUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8xNmM2NGItYjk2NS00OWNjLWFhNDAtMGRjMjBhN2Q4MmI5
LzEvOXpIRE9iR0dGeUtfX29aeUdERk00U2xjUElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFsCCAAwQA
sHfFAwQCuS1kMA0EAgACMAcDBQMqAJ6AMA0GCSqGSIb3DQEBCwUAA4IBAQAQBqNf
GejceQ7VwiQ/IvG9rGg0KZVEk4GXWKp72V5YU7aUc7az8nrXZsLTTABMQwfWY08i
Dk/mpa/b8FNVxo9DR0y3K6xIza8FzvIVaSPwUIijaG8nZimDQ7cbCFepwscDLaSn
jhO1E3TmBoKcWr74DTE05jmZMIXAvil/0vzjtY6DNTLAFRKTgPLIxtnviMAjHLMW
zkdJUH1VgxkIWRZvkhjw2cTrF0YMDku/8TTky6m6m7eWM9hhYRLjOm0AWvzVJuAG
YD4ebtlJcZIkXy7OwM1LFjiUSTbIDUZZxEVPTqlrA15zmXRknnNmbyUFBq+CJK+U
xEY+1EvmU8+OpNgP
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:29 2025 by rpki-client