Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/MWC14wrdb0n7vmpprj6grK7F8so.roa
File: MWC14wrdb0n7vmpprj6grK7F8so.roa (raw, json)
Hash identifier: TFrmGNTg+WJSYIgPq2lbaUmqPu6QvMqv+JgzgHkTlaE=
Subject key identifier: 31:60:B5:E3:0A:DD:6F:49:FB:BE:6A:69:AE:3E:A0:AC:AE:C5:F2:CA
Certificate issuer: /CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Certificate serial: 019513A4CF12550004BE75468336E10517E6
Authority key identifier: BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/MWC14wrdb0n7vmpprj6grK7F8so.roa
Signing time: Mon 17 Feb 2025 11:22:02 +0000
ROA not before: Mon 17 Feb 2025 11:22:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35485
IP address blocks: 185.84.176.0/22 maxlen: 24
185.84.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 13:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:a4:cf:12:55:00:04:be:75:46:83:36:e1:05:17:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Validity
Not Before: Feb 17 11:22:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3160b5e30add6f49fbbe6a69ae3ea0acaec5f2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:24:88:15:d0:06:db:68:b2:97:91:dc:bd:ed:
c7:4f:a3:63:3f:fd:0d:a3:52:82:69:79:40:ac:32:
c9:c0:3d:7b:a1:77:62:50:a1:48:23:25:3e:3d:45:
63:71:ee:46:75:13:24:da:00:5d:1c:d3:d9:fa:c6:
9d:6f:43:fe:d4:9f:32:ed:a2:a5:0a:c8:54:db:90:
28:ac:8b:ed:e0:42:55:a8:93:53:2b:df:cb:e2:c9:
ad:bb:ec:be:45:31:27:44:7f:e4:ad:00:e8:ac:47:
1b:ed:7f:f1:73:47:43:cb:14:10:e2:e4:24:ea:bc:
02:7d:0e:84:e3:b3:4d:da:3d:de:77:d9:2c:94:ee:
01:82:be:4e:ca:76:71:5e:cb:85:bb:45:89:f0:b6:
51:ec:c8:f5:e5:6f:bc:04:d5:70:34:a8:ea:11:9b:
0c:c9:5e:64:16:3b:c6:52:10:87:b4:67:de:49:46:
df:92:47:a1:bb:26:e6:97:43:15:be:87:a3:f5:97:
1e:eb:3e:9d:f7:5e:b7:73:de:7b:39:45:01:db:87:
87:5f:ce:02:18:46:12:b7:76:fb:8f:84:71:02:fb:
29:27:e0:60:48:e0:39:53:51:48:5e:6d:aa:71:00:
d8:f0:df:02:83:7e:1c:cf:a6:4e:f2:93:3b:f9:dd:
39:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:60:B5:E3:0A:DD:6F:49:FB:BE:6A:69:AE:3E:A0:AC:AE:C5:F2:CA
X509v3 Authority Key Identifier:
keyid:BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/MWC14wrdb0n7vmpprj6grK7F8so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.176.0/22
Signature Algorithm: sha256WithRSAEncryption
37:f1:38:5c:59:23:68:9d:97:34:91:0f:b3:fe:fb:ca:3a:70:
2e:72:ca:d5:87:d2:29:f4:42:5e:47:2b:b7:31:63:0a:41:ac:
9c:ee:2a:a2:ff:51:ce:09:1f:b4:1f:9a:d9:9e:e6:ad:36:21:
27:df:1d:4e:16:53:dd:67:47:7f:53:90:66:66:75:b0:e0:75:
8a:86:a0:f2:c5:07:99:f7:33:7c:8d:93:62:60:9d:f9:94:bd:
44:67:ce:3d:62:c2:c1:2d:67:7a:6e:d2:aa:99:9f:99:40:65:
5f:3d:6c:8c:1b:d9:74:fe:da:c1:d8:44:59:dd:1f:48:71:c5:
6b:89:8f:9e:60:55:07:78:d4:82:db:65:24:30:37:f9:f1:b9:
2b:91:90:e5:36:03:c5:77:81:c3:28:e8:6e:ba:04:9e:f7:08:
df:18:0d:b9:42:45:2e:e7:00:79:10:c0:59:da:59:54:b0:f9:
6b:7b:5a:59:9e:08:5e:e9:e8:e2:11:cd:ae:0c:61:7b:41:b9:
2e:75:18:db:bd:8d:3d:e9:5d:ec:59:1c:b1:ff:dd:27:eb:b4:
c1:52:fa:96:f5:60:b9:4b:ce:6c:be:52:cd:01:56:04:0c:31:
04:4b:b1:bd:71:b4:ee:f8:bb:fd:f2:36:5b:23:1f:44:00:9f:
b6:33:d5:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUTpM8SVQAEvnVGgzbhBRfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODg4NDlhMmViNWU5ZGQ1NzFhOGU3NDNiZWQ3Yjk1MTNk
N2ExMjEwHhcNMjUwMjE3MTEyMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTYwYjVlMzBhZGQ2ZjQ5ZmJiZTZhNjlhZTNlYTBhY2FlYzVmMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkySIFdAG22iyl5Hcve3HT6NjP/0N
o1KCaXlArDLJwD17oXdiUKFIIyU+PUVjce5GdRMk2gBdHNPZ+sadb0P+1J8y7aKl
CshU25AorIvt4EJVqJNTK9/L4smtu+y+RTEnRH/krQDorEcb7X/xc0dDyxQQ4uQk
6rwCfQ6E47NN2j3ed9kslO4Bgr5OynZxXsuFu0WJ8LZR7Mj15W+8BNVwNKjqEZsM
yV5kFjvGUhCHtGfeSUbfkkehuybml0MVvoej9Zce6z6d9163c957OUUB24eHX84C
GEYSt3b7j4RxAvspJ+BgSOA5U1FIXm2qcQDY8N8Cg34cz6ZO8pM7+d05jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFgteMK3W9J+75qaa4+oKyuxfLKMB8GA1UdIwQY
MBaAFL+IhJoutendVxqOdDvte5UT16EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYt
MjM3MzliNWZkODRjLzEvTVdDMTR3cmRiMG43dm1wcHJqNmdySzdGOHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYtMjM3MzliNWZkODRj
LzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVSwMA0G
CSqGSIb3DQEBCwUAA4IBAQA38ThcWSNonZc0kQ+z/vvKOnAucsrVh9Ip9EJeRyu3
MWMKQayc7iqi/1HOCR+0H5rZnuatNiEn3x1OFlPdZ0d/U5BmZnWw4HWKhqDyxQeZ
9zN8jZNiYJ35lL1EZ849YsLBLWd6btKqmZ+ZQGVfPWyMG9l0/trB2ERZ3R9IccVr
iY+eYFUHeNSC22UkMDf58bkrkZDlNgPFd4HDKOhuugSe9wjfGA25QkUu5wB5EMBZ
2llUsPlre1pZnghe6ejiEc2uDGF7QbkudRjbvY096V3sWRyx/90n67TBUvqW9WC5
S85svlLNAVYEDDEES7G9cbTu+Lv98jZbIx9EAJ+2M9WL
-----END CERTIFICATE-----
Generated at Sun Apr 13 22:53:31 2025 by rpki-client