Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/McIiExquzOmYj5Gp0pHym64RreQ.roa
File: McIiExquzOmYj5Gp0pHym64RreQ.roa (raw, json)
Hash identifier: NQ1RKePj8mjm4jhAyenQ2xZT2cnkkpsacRmgbi4IwXg=
Subject key identifier: 31:C2:22:13:1A:AE:CC:E9:98:8F:91:A9:D2:91:F2:9B:AE:11:AD:E4
Certificate issuer: /CN=90b3a3a0d662d14da8404bd21dc489e63945624e
Certificate serial: 0194E0053ACACF2F932F02CE2710D58BCC9E
Authority key identifier: 90:B3:A3:A0:D6:62:D1:4D:A8:40:4B:D2:1D:C4:89:E6:39:45:62:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/McIiExquzOmYj5Gp0pHym64RreQ.roa
Signing time: Fri 07 Feb 2025 10:47:06 +0000
ROA not before: Fri 07 Feb 2025 10:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206617
IP address blocks: 185.200.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 09:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e0:05:3a:ca:cf:2f:93:2f:02:ce:27:10:d5:8b:cc:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b3a3a0d662d14da8404bd21dc489e63945624e
Validity
Not Before: Feb 7 10:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31c222131aaecce9988f91a9d291f29bae11ade4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4c:a5:b4:63:84:52:97:3e:33:ea:66:6a:5f:
58:e3:ae:11:04:09:f7:9e:86:5c:ee:7f:ae:41:93:
a7:f7:32:e9:bf:a1:e1:e8:98:16:d5:af:25:5c:e3:
28:a8:87:9e:4d:82:b9:06:8d:34:a2:75:20:95:47:
4e:69:c4:79:b6:d1:82:60:8f:71:53:67:aa:01:29:
14:2e:7f:eb:66:59:b6:7f:51:7c:c4:dd:31:37:f4:
1f:2d:18:2a:e2:22:b4:a4:1a:54:fd:10:64:bb:96:
34:6d:46:a1:e0:eb:19:2d:51:8b:d6:cc:2d:72:14:
d6:86:61:8b:dc:09:58:7c:93:36:0f:92:c4:2f:a5:
33:32:6f:c8:c3:39:e0:f1:42:b7:fd:37:f5:e8:0e:
36:b7:53:9d:f9:dc:78:2c:62:a0:e7:bb:b7:8b:41:
93:d8:f2:c7:c0:38:7c:45:b8:dc:7a:08:4e:8d:01:
d4:01:e6:1f:ef:ae:90:42:67:2b:0f:d1:d4:fd:f6:
18:bd:0d:23:44:72:0f:e7:c5:b8:22:48:a8:b8:2f:
25:08:a3:f5:eb:34:dc:cb:73:e8:4f:09:8d:d2:c4:
19:81:9a:65:b4:83:7d:17:fe:fa:10:75:28:9f:fe:
d6:d8:75:c4:40:33:28:46:05:e0:f3:a0:e1:f4:d1:
39:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C2:22:13:1A:AE:CC:E9:98:8F:91:A9:D2:91:F2:9B:AE:11:AD:E4
X509v3 Authority Key Identifier:
keyid:90:B3:A3:A0:D6:62:D1:4D:A8:40:4B:D2:1D:C4:89:E6:39:45:62:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/McIiExquzOmYj5Gp0pHym64RreQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7fb4ea-5bbc-4c8c-8b5d-288cfd1c2a3d/1/kLOjoNZi0U2oQEvSHcSJ5jlFYk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.148.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:4d:1c:1c:6b:9c:a8:cd:b7:3e:a6:9b:07:32:51:95:04:72:
86:3e:d6:df:4c:ad:1b:0a:bb:56:65:98:cb:53:c5:11:5c:14:
6e:84:09:e6:8f:4a:ac:9c:d0:9e:ab:8f:60:6b:78:e3:04:c0:
73:f5:69:14:c3:cc:2e:46:f9:f5:0b:a7:59:9a:f1:8a:7e:18:
c9:e1:e7:b7:44:6c:61:41:8e:90:0e:d8:80:43:09:d2:30:13:
cd:47:a5:3b:19:c4:44:41:43:67:f2:fa:b4:33:86:41:38:39:
2b:23:b0:2b:fe:cf:72:39:8e:0a:f3:56:bd:df:34:ad:2a:3e:
68:9f:6a:47:ac:e6:c4:88:85:71:57:90:e3:44:fa:61:b4:87:
ef:4e:e2:b3:51:08:bb:8f:7a:25:04:4b:fe:6d:e5:67:aa:38:
57:96:98:49:dc:e3:de:4c:4f:0a:ff:88:9d:ec:93:76:74:be:
77:71:b3:2e:ae:3c:38:55:40:cc:36:bf:91:5e:81:da:43:6c:
92:65:fd:c0:0f:ab:fa:4e:00:91:f2:d4:19:19:01:b0:3c:96:
de:fc:26:60:2c:32:e3:03:b5:fe:97:5a:1d:94:31:dd:c6:b0:
28:c9:d1:e7:b5:32:cc:4a:a0:b0:df:2d:f7:c8:d2:0d:46:22:
de:eb:5a:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTgBTrKzy+TLwLOJxDVi8yeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjNhM2EwZDY2MmQxNGRhODQwNGJkMjFkYzQ4OWU2Mzk0
NTYyNGUwHhcNMjUwMjA3MTA0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWMyMjIxMzFhYWVjY2U5OTg4ZjkxYTlkMjkxZjI5YmFlMTFhZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUyltGOEUpc+M+pmal9Y464RBAn3
noZc7n+uQZOn9zLpv6Hh6JgW1a8lXOMoqIeeTYK5Bo00onUglUdOacR5ttGCYI9x
U2eqASkULn/rZlm2f1F8xN0xN/QfLRgq4iK0pBpU/RBku5Y0bUah4OsZLVGL1swt
chTWhmGL3AlYfJM2D5LEL6UzMm/Iwzng8UK3/Tf16A42t1Od+dx4LGKg57u3i0GT
2PLHwDh8RbjceghOjQHUAeYf766QQmcrD9HU/fYYvQ0jRHIP58W4IkiouC8lCKP1
6zTcy3PoTwmN0sQZgZpltIN9F/76EHUon/7W2HXEQDMoRgXg86Dh9NE5hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHCIhMarszpmI+RqdKR8puuEa3kMB8GA1UdIwQY
MBaAFJCzo6DWYtFNqEBL0h3EieY5RWJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xPam9OWmkwVTJvUUV2U0hjU0o1amxGWWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83ZmI0ZWEtNWJiYy00YzhjLThiNWQt
Mjg4Y2ZkMWMyYTNkLzEvTWNJaUV4cXV6T21ZajVHcDBwSHltNjRScmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83ZmI0ZWEtNWJiYy00YzhjLThiNWQtMjg4Y2ZkMWMyYTNk
LzEva0xPam9OWmkwVTJvUUV2U0hjU0o1amxGWWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuciUMA0G
CSqGSIb3DQEBCwUAA4IBAQAMTRwca5yozbc+ppsHMlGVBHKGPtbfTK0bCrtWZZjL
U8URXBRuhAnmj0qsnNCeq49ga3jjBMBz9WkUw8wuRvn1C6dZmvGKfhjJ4ee3RGxh
QY6QDtiAQwnSMBPNR6U7GcREQUNn8vq0M4ZBODkrI7Ar/s9yOY4K81a93zStKj5o
n2pHrObEiIVxV5DjRPphtIfvTuKzUQi7j3olBEv+beVnqjhXlphJ3OPeTE8K/4id
7JN2dL53cbMurjw4VUDMNr+RXoHaQ2ySZf3AD6v6TgCR8tQZGQGwPJbe/CZgLDLj
A7X+l1odlDHdxrAoydHntTLMSqCw3y33yNINRiLe61rH
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:43:10 2025 by rpki-client