Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MgeMAfCzEFSVVXCuITE9fDGbVvQ.roa
File: MgeMAfCzEFSVVXCuITE9fDGbVvQ.roa (raw, json)
Hash identifier: sk2F5wr/6wzYn0PHdZD3rsjg+5oi0IukJfg7UBiaAuA=
Subject key identifier: 32:07:8C:01:F0:B3:10:54:95:55:70:AE:21:31:3D:7C:31:9B:56:F4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01952370B264A860D0F02E39BF57964E1F25
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MgeMAfCzEFSVVXCuITE9fDGbVvQ.roa
Signing time: Thu 20 Feb 2025 12:59:02 +0000
ROA not before: Thu 20 Feb 2025 12:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 217.60.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 18:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:70:b2:64:a8:60:d0:f0:2e:39:bf:57:96:4e:1f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Feb 20 12:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32078c01f0b31054955570ae21313d7c319b56f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:a8:22:5a:50:0c:9b:ca:58:62:bf:4c:b4:
17:45:65:93:58:a9:89:af:2a:64:95:04:f5:66:65:
e8:35:1d:a1:04:5b:22:83:9b:02:ac:28:1a:e8:98:
3a:de:86:1f:06:d9:01:a1:4a:86:93:c2:40:a3:34:
18:7a:7b:c1:84:a1:2c:b7:9b:26:6f:a2:f9:dc:a5:
dd:2c:8b:1b:64:78:42:e7:da:b7:66:3c:65:e4:0d:
ff:b4:2f:67:e3:07:bd:5b:21:60:b3:56:23:ff:d6:
78:f9:29:72:69:be:b2:c7:90:52:38:3f:90:f0:f9:
7e:bb:fd:4e:fc:1e:3a:25:21:f0:cd:37:25:c9:bb:
b4:59:20:22:2a:e7:15:2c:f3:e5:58:36:8b:eb:3a:
ff:ec:e8:b0:68:72:3b:2e:44:07:a4:81:68:cc:58:
5b:26:d5:21:7f:60:7f:0e:87:f9:2b:f7:ea:d6:99:
ce:34:49:26:01:aa:e5:73:b3:2e:d5:23:20:b6:71:
a4:ee:2f:e8:48:6d:88:db:ad:a0:04:f7:9c:4e:a8:
4f:e3:64:38:5d:a3:38:f6:af:95:94:70:bd:a4:b1:
7d:27:21:ba:70:f7:4e:2c:98:52:bf:b9:bd:da:61:
2c:b2:bc:5f:34:9b:1f:ab:57:ca:b2:03:6c:de:ec:
11:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:07:8C:01:F0:B3:10:54:95:55:70:AE:21:31:3D:7C:31:9B:56:F4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MgeMAfCzEFSVVXCuITE9fDGbVvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.187.0/24
Signature Algorithm: sha256WithRSAEncryption
45:84:cd:dd:9b:57:28:e6:8b:2b:0e:06:40:5e:fa:c8:cf:e9:
1e:97:69:ec:da:9c:6f:2d:60:41:b7:e1:c7:bc:18:3c:b8:a4:
50:67:1b:29:5f:4e:7a:99:c5:66:3e:cf:6a:83:c0:68:59:bb:
a9:da:87:b2:86:f7:90:51:fb:6a:1d:37:f9:39:19:b9:92:7d:
a6:be:52:74:df:ef:f9:77:90:eb:e1:93:c3:2f:bb:c9:b8:20:
19:41:49:e8:86:49:81:1a:9c:5c:00:b2:4b:41:c1:e1:d1:37:
0f:43:68:15:e0:30:1f:ba:01:f8:ba:45:09:e4:1e:5e:ab:61:
d2:e5:d8:b3:f6:76:7d:bb:94:5b:da:42:05:a4:74:28:e3:11:
66:47:46:4d:dd:30:2c:39:af:79:68:11:6c:4a:0d:bc:4b:1c:
41:23:7c:11:1a:a2:7c:ed:09:7c:20:ca:4c:9e:dc:0a:a4:9a:
0e:05:b9:1f:ee:22:b0:0d:ff:bf:e0:79:03:4a:46:af:c2:2b:
11:96:6a:8f:01:1a:24:c8:6a:23:7c:00:8a:34:8b:4d:ac:b4:
1e:db:66:d2:53:d4:82:04:0d:80:c3:9c:7b:03:7e:47:b9:42:
a4:f3:16:5c:b8:14:13:c0:11:a4:23:9b:12:fe:74:3a:f2:65:
b3:eb:23:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUjcLJkqGDQ8C45v1eWTh8lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMjIwMTI1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjA3OGMwMWYwYjMxMDU0OTU1NTcwYWUyMTMxM2Q3YzMxOWI1NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIWoIlpQDJvKWGK/TLQXRWWTWKmJ
rypklQT1ZmXoNR2hBFsig5sCrCga6Jg63oYfBtkBoUqGk8JAozQYenvBhKEst5sm
b6L53KXdLIsbZHhC59q3Zjxl5A3/tC9n4we9WyFgs1Yj/9Z4+Slyab6yx5BSOD+Q
8Pl+u/1O/B46JSHwzTclybu0WSAiKucVLPPlWDaL6zr/7OiwaHI7LkQHpIFozFhb
JtUhf2B/Dof5K/fq1pnONEkmAarlc7Mu1SMgtnGk7i/oSG2I262gBPecTqhP42Q4
XaM49q+VlHC9pLF9JyG6cPdOLJhSv7m92mEssrxfNJsfq1fKsgNs3uwRRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIHjAHwsxBUlVVwriExPXwxm1b0MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTWdlTUFmQ3pFRlNWVlhDdUlURTlmREdiVnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2Ty7MA0G
CSqGSIb3DQEBCwUAA4IBAQBFhM3dm1co5osrDgZAXvrIz+kel2ns2pxvLWBBt+HH
vBg8uKRQZxspX056mcVmPs9qg8BoWbup2oeyhveQUftqHTf5ORm5kn2mvlJ03+/5
d5Dr4ZPDL7vJuCAZQUnohkmBGpxcALJLQcHh0TcPQ2gV4DAfugH4ukUJ5B5eq2HS
5diz9nZ9u5Rb2kIFpHQo4xFmR0ZN3TAsOa95aBFsSg28SxxBI3wRGqJ87Ql8IMpM
ntwKpJoOBbkf7iKwDf+/4HkDSkavwisRlmqPARokyGojfACKNItNrLQe22bSU9SC
BA2Aw5x7A35HuUKk8xZcuBQTwBGkI5sS/nQ68mWz6yMy
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:49:32 2025 by rpki-client