Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/c15671-ba1b-48f2-b691-fa57c126bc2a/1/mofLVkF7U3VC7LSmImma9E7tFew.roa
File: mofLVkF7U3VC7LSmImma9E7tFew.roa (raw, json)
Hash identifier: fr0zYtT7j479kZ6iLqP22E0qaeah0yj4yJ2gnYGZmjo=
Subject key identifier: 9A:87:CB:56:41:7B:53:75:42:EC:B4:A6:22:69:9A:F4:4E:ED:15:EC
Certificate issuer: /CN=b2af8f1774e05925f24e41dee69e5b623d9ac63d
Certificate serial: 018CCA99FAA2B16D16DCF53097CFDC7D658A
Authority key identifier: B2:AF:8F:17:74:E0:59:25:F2:4E:41:DE:E6:9E:5B:62:3D:9A:C6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sq-PF3TgWSXyTkHe5p5bYj2axj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/c15671-ba1b-48f2-b691-fa57c126bc2a/1/mofLVkF7U3VC7LSmImma9E7tFew.roa
Signing time: Tue 02 Jan 2024 14:35:37 +0000
ROA not before: Tue 02 Jan 2024 14:35:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12637
IP address blocks: 193.200.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:fa:a2:b1:6d:16:dc:f5:30:97:cf:dc:7d:65:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2af8f1774e05925f24e41dee69e5b623d9ac63d
Validity
Not Before: Jan 2 14:35:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a87cb56417b537542ecb4a622699af44eed15ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:89:f8:f6:8e:61:da:bc:49:28:58:91:fc:83:
cf:44:8a:ee:bb:48:43:a2:67:a0:1a:bf:df:09:a2:
ba:3e:7a:82:23:e6:74:c1:55:49:01:24:5e:7a:1e:
18:35:a0:81:63:90:39:ff:ce:f1:4f:40:ac:12:c7:
1c:ae:a6:5c:82:b6:d6:31:b0:ea:46:6c:13:ee:5f:
64:25:cf:5b:f5:b8:8e:f1:bb:cd:ce:06:e3:e8:f4:
17:6f:5d:5f:d4:d8:3d:ca:c0:63:70:44:a4:01:6a:
00:39:05:b5:c0:9e:94:c2:80:67:7d:5e:d9:72:66:
b4:d7:94:8b:b7:43:a9:83:3b:f7:72:7b:c8:d9:dd:
10:49:41:67:4f:a6:4e:4b:2d:be:af:db:82:af:c9:
a3:43:99:64:0c:57:a8:9a:44:29:d1:34:b5:76:ce:
2e:1c:ac:ef:2d:88:39:e3:fa:6a:ff:17:99:af:54:
72:b3:50:74:71:a2:3e:05:a1:d1:06:58:d9:df:ef:
0e:c9:c6:ad:d6:02:11:80:65:0a:a2:f3:9d:a3:d3:
8f:d7:9b:b3:e4:88:b4:48:7c:07:23:be:82:be:25:
81:16:8d:ad:8c:24:18:37:5d:2f:45:cc:27:07:02:
3d:56:00:0b:c2:86:76:d0:e2:00:80:3b:35:de:a8:
5e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:87:CB:56:41:7B:53:75:42:EC:B4:A6:22:69:9A:F4:4E:ED:15:EC
X509v3 Authority Key Identifier:
keyid:B2:AF:8F:17:74:E0:59:25:F2:4E:41:DE:E6:9E:5B:62:3D:9A:C6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sq-PF3TgWSXyTkHe5p5bYj2axj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/c15671-ba1b-48f2-b691-fa57c126bc2a/1/mofLVkF7U3VC7LSmImma9E7tFew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/c15671-ba1b-48f2-b691-fa57c126bc2a/1/sq-PF3TgWSXyTkHe5p5bYj2axj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.3.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:fa:15:92:6e:ac:d1:89:51:e6:da:61:dc:d9:9b:26:78:6a:
8b:a1:e0:eb:f8:ba:be:37:ea:a2:15:3d:e0:ee:41:6c:ed:b8:
45:73:28:d3:89:6a:0c:c1:58:e7:07:5f:6f:12:ff:97:f1:18:
3f:8b:8a:f0:d8:49:b7:40:55:64:ad:ba:af:32:c3:5e:eb:12:
75:2a:d0:6e:a9:c7:8a:e6:8b:1c:23:3c:07:5c:40:a0:d6:89:
07:10:fc:ac:6e:40:c1:60:c6:34:27:43:60:3c:46:17:6a:5f:
ec:d6:35:97:95:13:80:af:c6:de:af:76:d3:4d:4b:f4:b5:52:
29:8f:85:d6:58:a1:4c:4b:cc:ae:46:c1:10:9e:c9:28:38:b0:
d7:ea:d5:8a:25:cc:e3:54:03:9a:3e:58:02:51:6a:db:03:83:
0f:bd:e9:5b:73:5c:21:03:6c:63:e3:a2:a5:3d:fd:e6:87:b5:
46:b2:94:0c:f9:05:0f:8a:d5:e5:d9:b6:89:0b:c9:94:b2:02:
fb:5f:de:67:c9:f8:dc:5f:7c:cb:b8:51:66:15:cf:7c:84:c9:
d3:2d:b8:5e:58:30:fe:c0:35:d2:5d:00:7b:e5:84:cb:83:65:
cb:fd:7e:6e:ab:94:db:a0:4e:6a:53:2c:24:3b:5d:4f:2f:10:
2d:8d:95:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmfqisW0W3PUwl8/cfWWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYWY4ZjE3NzRlMDU5MjVmMjRlNDFkZWU2OWU1YjYyM2Q5
YWM2M2QwHhcNMjQwMTAyMTQzNTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTg3Y2I1NjQxN2I1Mzc1NDJlY2I0YTYyMjY5OWFmNDRlZWQxNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIn49o5h2rxJKFiR/IPPRIruu0hD
omegGr/fCaK6PnqCI+Z0wVVJASReeh4YNaCBY5A5/87xT0CsEsccrqZcgrbWMbDq
RmwT7l9kJc9b9biO8bvNzgbj6PQXb11f1Ng9ysBjcESkAWoAOQW1wJ6UwoBnfV7Z
cma015SLt0Opgzv3cnvI2d0QSUFnT6ZOSy2+r9uCr8mjQ5lkDFeomkQp0TS1ds4u
HKzvLYg54/pq/xeZr1Rys1B0caI+BaHRBljZ3+8Oycat1gIRgGUKovOdo9OP15uz
5Ii0SHwHI76CviWBFo2tjCQYN10vRcwnBwI9VgALwoZ20OIAgDs13qheawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqHy1ZBe1N1Quy0piJpmvRO7RXsMB8GA1UdIwQY
MBaAFLKvjxd04Fkl8k5B3uaeW2I9msY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3EtUEYzVGdXU1h5VGtIZTVwNWJZajJheGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jMTU2NzEtYmExYi00OGYyLWI2OTEt
ZmE1N2MxMjZiYzJhLzEvbW9mTFZrRjdVM1ZDN0xTbUltbWE5RTd0RmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9jMTU2NzEtYmExYi00OGYyLWI2OTEtZmE1N2MxMjZiYzJh
LzEvc3EtUEYzVGdXU1h5VGtIZTVwNWJZajJheGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcgDMA0G
CSqGSIb3DQEBCwUAA4IBAQBs+hWSbqzRiVHm2mHc2ZsmeGqLoeDr+Lq+N+qiFT3g
7kFs7bhFcyjTiWoMwVjnB19vEv+X8Rg/i4rw2Em3QFVkrbqvMsNe6xJ1KtBuqceK
5oscIzwHXECg1okHEPysbkDBYMY0J0NgPEYXal/s1jWXlROAr8ber3bTTUv0tVIp
j4XWWKFMS8yuRsEQnskoOLDX6tWKJczjVAOaPlgCUWrbA4MPvelbc1whA2xj46Kl
Pf3mh7VGspQM+QUPitXl2baJC8mUsgL7X95nyfjcX3zLuFFmFc98hMnTLbheWDD+
wDXSXQB75YTLg2XL/X5uq5TboE5qUywkO11PLxAtjZXN
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:32:14 2025 by rpki-client