Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/MdX2GWf6ZfHP8UbT3YV_YmF9mzc.roa
File: MdX2GWf6ZfHP8UbT3YV_YmF9mzc.roa (raw, json)
Hash identifier: XOegtCrv2WX7HDBxTzoqSqKP7A12izJbyx2EM1QXJLc=
Subject key identifier: 31:D5:F6:19:67:FA:65:F1:CF:F1:46:D3:DD:85:7F:62:61:7D:9B:37
Certificate issuer: /CN=5fe58e732a0f71f4f01302d62167173bd9b17cc1
Certificate serial: 0193DFA97101106B7BBF4AE9C7985ECDDC83
Authority key identifier: 5F:E5:8E:73:2A:0F:71:F4:F0:13:02:D6:21:67:17:3B:D9:B1:7C:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X-WOcyoPcfTwEwLWIWcXO9mxfME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/MdX2GWf6ZfHP8UbT3YV_YmF9mzc.roa
Signing time: Thu 19 Dec 2024 16:04:03 +0000
ROA not before: Thu 19 Dec 2024 16:04:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6085
IP address blocks: 57.0.0.0/16 maxlen: 16
57.2.0.0/16 maxlen: 16
57.3.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:df:a9:71:01:10:6b:7b:bf:4a:e9:c7:98:5e:cd:dc:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fe58e732a0f71f4f01302d62167173bd9b17cc1
Validity
Not Before: Dec 19 16:04:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31d5f61967fa65f1cff146d3dd857f62617d9b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5d:d3:c8:ab:16:4c:d2:97:1b:b0:6c:ab:14:
af:3e:70:83:cb:b3:40:f4:3b:37:1a:0c:70:ea:a3:
ca:74:bd:1f:76:10:ca:77:49:0a:21:61:29:db:4a:
d7:25:d9:59:b0:8c:6d:f8:4a:2b:a0:a6:db:20:da:
2f:4d:88:d2:fe:be:bd:2d:05:e1:4c:04:78:5f:54:
63:79:01:1c:32:49:69:cf:15:a8:f2:0c:b5:d9:2d:
75:0a:c2:3f:0d:d8:2d:47:ed:ce:97:ec:d1:c9:e7:
f9:4d:cd:41:09:c3:88:b2:f7:eb:cc:fc:02:3c:37:
91:b4:c5:e9:c7:5e:8a:dd:22:64:af:ea:49:c8:31:
65:ba:8e:f1:95:93:b3:61:7a:c5:90:6b:e0:9b:a9:
95:7c:ad:4e:02:ab:33:f2:89:8e:1d:df:3f:cc:88:
0e:0b:b9:a6:eb:6b:11:8c:45:50:13:d6:d8:26:58:
82:19:c2:5f:2f:1b:71:b9:89:6e:cf:1e:f2:9d:f1:
94:20:cf:91:db:99:44:a4:b7:84:a0:29:dd:3b:e0:
7d:09:f7:e3:5a:f4:eb:c0:b1:f2:ae:0f:78:10:04:
61:14:00:1d:b7:fb:3e:b9:f9:ce:c7:79:2c:70:9b:
12:b5:74:f4:ea:5f:34:4f:9f:22:1c:ef:99:24:9c:
8e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D5:F6:19:67:FA:65:F1:CF:F1:46:D3:DD:85:7F:62:61:7D:9B:37
X509v3 Authority Key Identifier:
keyid:5F:E5:8E:73:2A:0F:71:F4:F0:13:02:D6:21:67:17:3B:D9:B1:7C:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X-WOcyoPcfTwEwLWIWcXO9mxfME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/MdX2GWf6ZfHP8UbT3YV_YmF9mzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/X-WOcyoPcfTwEwLWIWcXO9mxfME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.0.0.0/16
57.2.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9e:ec:6e:26:4c:74:30:d5:4e:9a:fa:c6:9f:80:67:7c:6b:d0:
39:de:86:bc:24:0d:2c:ec:fc:d2:bf:5e:e9:2f:69:f5:24:a7:
72:48:5a:f0:b1:ae:8d:69:57:61:41:66:0e:40:fb:04:4b:20:
3d:5b:0b:7a:74:60:da:41:fc:08:1e:44:9e:e0:8d:fa:9b:7f:
41:38:79:8b:7e:8c:23:61:c4:aa:9a:f2:43:4f:74:16:5e:43:
40:0e:a6:ff:2b:72:11:a5:63:2e:f8:b2:55:11:ac:d7:af:81:
1b:ec:e6:5c:40:c6:a1:5c:38:46:1e:99:76:d1:d7:a1:b0:15:
0c:dd:73:65:78:bb:dd:18:b3:3d:d7:fc:47:ed:8f:1b:82:e5:
0b:73:08:e7:5d:4c:26:56:85:00:39:ec:22:5a:9b:73:46:05:
89:fb:22:d3:22:aa:64:50:bd:10:4f:b9:1b:9a:05:fe:1e:a3:
2c:c9:bb:21:d2:e3:bb:85:6e:07:f6:69:13:ce:f1:44:7b:6e:
28:6b:b7:b4:50:0c:31:a5:c3:db:c0:a7:6f:e0:b9:1d:49:6a:
f3:79:1a:21:ba:24:0c:19:3f:91:22:94:9e:65:4b:08:a3:fe:
7c:30:f0:cd:99:e9:21:11:c6:95:54:d8:2a:39:dd:a8:b5:c6:
59:40:df:c6
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZPfqXEBEGt7v0rpx5hezdyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZTU4ZTczMmEwZjcxZjRmMDEzMDJkNjIxNjcxNzNiZDli
MTdjYzEwHhcNMjQxMjE5MTYwNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ1ZjYxOTY3ZmE2NWYxY2ZmMTQ2ZDNkZDg1N2Y2MjYxN2Q5YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxF3TyKsWTNKXG7BsqxSvPnCDy7NA
9Ds3Ggxw6qPKdL0fdhDKd0kKIWEp20rXJdlZsIxt+EoroKbbINovTYjS/r69LQXh
TAR4X1RjeQEcMklpzxWo8gy12S11CsI/DdgtR+3Ol+zRyef5Tc1BCcOIsvfrzPwC
PDeRtMXpx16K3SJkr+pJyDFluo7xlZOzYXrFkGvgm6mVfK1OAqsz8omOHd8/zIgO
C7mm62sRjEVQE9bYJliCGcJfLxtxuYluzx7ynfGUIM+R25lEpLeEoCndO+B9Cffj
WvTrwLHyrg94EARhFAAdt/s+ufnOx3kscJsStXT06l80T58iHO+ZJJyOhwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFDHV9hln+mXxz/FG092Ff2JhfZs3MB8GA1UdIwQY
MBaAFF/ljnMqD3H08BMC1iFnFzvZsXzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWC1XT2N5b1BjZlR3RXdMV0lXY1hPOW14Zk1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wZDg0MGMtOTUyZC00NzAyLWFiYTMt
YjZlNThmOWM4MmUxLzEvTWRYMkdXZjZaZkhQOFViVDNZVl9ZbUY5bXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wZDg0MGMtOTUyZC00NzAyLWFiYTMtYjZlNThmOWM4MmUx
LzEvWC1XT2N5b1BjZlR3RXdMV0lXY1hPOW14Zk1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAOQADAwE5
AjANBgkqhkiG9w0BAQsFAAOCAQEAnuxuJkx0MNVOmvrGn4BnfGvQOd6GvCQNLOz8
0r9e6S9p9SSnckha8LGujWlXYUFmDkD7BEsgPVsLenRg2kH8CB5EnuCN+pt/QTh5
i36MI2HEqpryQ090Fl5DQA6m/ytyEaVjLviyVRGs16+BG+zmXEDGoVw4Rh6ZdtHX
obAVDN1zZXi73RizPdf8R+2PG4LlC3MI511MJlaFADnsIlqbc0YFifsi0yKqZFC9
EE+5G5oF/h6jLMm7IdLju4VuB/ZpE87xRHtuKGu3tFAMMaXD28Cnb+C5HUlq83ka
IbokDBk/kSKUnmVLCKP+fDDwzZnpIRHGlVTYKjndqLXGWUDfxg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 14:49:44 2025 by rpki-client