Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/Mg_PgBb2AyshguEqCc1346yrHqc.roa
File: Mg_PgBb2AyshguEqCc1346yrHqc.roa (raw, json)
Hash identifier: V/b+i0N+wdIxHyB8lYWZJxculOAcPA4C3Sm+PBOQIFk=
Subject key identifier: 32:0F:CF:80:16:F6:03:2B:21:82:E1:2A:09:CD:77:E3:AC:AB:1E:A7
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 018CC8DE8EFA92EE7FBAD9531809B6CBD43B
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/Mg_PgBb2AyshguEqCc1346yrHqc.roa
Signing time: Tue 02 Jan 2024 06:31:17 +0000
ROA not before: Tue 02 Jan 2024 06:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204963
IP address blocks: 5.255.89.0/24 maxlen: 24
2a00:1ca8:89::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 Feb 2024 08:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:8e:fa:92:ee:7f:ba:d9:53:18:09:b6:cb:d4:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 2 06:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=320fcf8016f6032b2182e12a09cd77e3acab1ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:76:75:f1:0d:0a:18:01:83:3f:da:aa:73:58:
50:68:1f:59:4b:a8:64:d6:ca:1f:cc:72:f7:a5:fb:
1a:ac:0c:23:6c:34:d1:69:d4:8b:21:68:50:51:61:
e0:a2:2e:e6:e7:31:b7:a9:b2:ea:53:d1:e4:e7:df:
67:92:ba:10:c3:96:33:32:40:06:2c:23:1e:5c:eb:
91:4c:4d:68:d2:21:6b:b1:17:28:56:8f:48:85:70:
02:25:01:e4:49:65:a8:e9:85:06:3e:40:d1:66:ea:
ce:35:dd:8e:1c:72:76:1c:02:39:26:89:cb:c6:34:
38:1d:9f:06:60:f6:6b:e3:29:51:42:2b:a1:ea:63:
88:1b:1c:8a:90:25:a9:ac:af:d8:a2:fd:1f:4b:88:
8d:cd:a8:46:39:7a:c0:23:dd:54:10:c6:39:48:dc:
e7:16:4d:f2:56:1b:d9:38:a0:78:7e:e1:be:1a:7d:
65:98:f5:b1:a9:99:fb:cd:cf:d3:0a:76:46:1d:f6:
22:9c:59:d1:0d:b4:cc:00:ba:1a:83:8d:a8:ef:50:
a0:4f:a3:fb:9c:a0:e8:51:30:f5:2e:24:61:1e:4f:
ed:40:8d:23:91:e9:52:e3:89:0c:3a:bb:52:e9:87:
c9:1b:1b:09:57:8c:fc:d2:7b:92:c9:c6:ad:01:63:
cd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0F:CF:80:16:F6:03:2B:21:82:E1:2A:09:CD:77:E3:AC:AB:1E:A7
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/Mg_PgBb2AyshguEqCc1346yrHqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.89.0/24
IPv6:
2a00:1ca8:89::/48
Signature Algorithm: sha256WithRSAEncryption
89:cd:f7:52:f9:20:6f:af:07:1b:7e:74:96:91:85:66:6d:da:
33:c9:ac:5e:d8:d1:40:50:f3:5a:79:8a:d1:41:bf:dd:77:74:
6c:87:73:73:03:89:a9:07:cf:1c:ce:e2:d0:93:21:06:04:7d:
a1:a1:9a:9f:17:70:4e:15:7a:ab:81:c3:d3:cb:ed:02:98:b0:
78:13:e7:75:06:e8:79:de:c3:ca:85:91:43:6c:93:ed:60:00:
95:d9:4e:84:8a:d3:5c:95:42:a6:78:8b:10:b3:d2:01:4f:b0:
be:26:05:bd:f5:e2:6e:9a:96:e1:eb:97:72:9d:99:8c:98:2f:
ec:c5:bc:dc:f0:0c:a8:e3:75:29:a2:f9:a9:a8:12:e6:48:ea:
3b:f6:9f:22:81:ca:fb:16:ea:35:42:44:b9:64:6b:a9:56:b4:
ea:e8:40:13:a1:a1:25:49:24:78:65:c9:a7:69:05:9c:f5:cb:
8f:b4:bb:11:8f:4e:cc:4c:ab:bc:08:7d:3f:a9:d7:db:a1:7f:
b1:25:2e:5e:f2:78:b7:8f:46:e5:18:6d:0c:a5:15:cc:e6:d0:
6b:d4:4a:3d:19:06:5f:6c:8b:cc:0f:a3:97:e0:60:36:76:e3:
6f:59:fb:2a:f0:50:90:3d:b9:96:68:3d:f7:9d:a4:b5:ed:ed:
fb:0e:c5:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3o76ku5/utlTGAm2y9Q7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjQwMTAyMDYzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBmY2Y4MDE2ZjYwMzJiMjE4MmUxMmEwOWNkNzdlM2FjYWIxZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnZ18Q0KGAGDP9qqc1hQaB9ZS6hk
1sofzHL3pfsarAwjbDTRadSLIWhQUWHgoi7m5zG3qbLqU9Hk599nkroQw5YzMkAG
LCMeXOuRTE1o0iFrsRcoVo9IhXACJQHkSWWo6YUGPkDRZurONd2OHHJ2HAI5JonL
xjQ4HZ8GYPZr4ylRQiuh6mOIGxyKkCWprK/Yov0fS4iNzahGOXrAI91UEMY5SNzn
Fk3yVhvZOKB4fuG+Gn1lmPWxqZn7zc/TCnZGHfYinFnRDbTMALoag42o71CgT6P7
nKDoUTD1LiRhHk/tQI0jkelS44kMOrtS6YfJGxsJV4z80nuSycatAWPNiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDIPz4AW9gMrIYLhKgnNd+Osqx6nMB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvTWdfUGdCYjJBeXNoZ3VFcUNjMTM0NnlySHFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABf9ZMA8E
AgACMAkDBwAqAByoAIkwDQYJKoZIhvcNAQELBQADggEBAInN91L5IG+vBxt+dJaR
hWZt2jPJrF7Y0UBQ81p5itFBv913dGyHc3MDiakHzxzO4tCTIQYEfaGhmp8XcE4V
equBw9PL7QKYsHgT53UG6Hnew8qFkUNsk+1gAJXZToSK01yVQqZ4ixCz0gFPsL4m
Bb314m6aluHrl3KdmYyYL+zFvNzwDKjjdSmi+amoEuZI6jv2nyKByvsW6jVCRLlk
a6lWtOroQBOhoSVJJHhlyadpBZz1y4+0uxGPTsxMq7wIfT+p19uhf7ElLl7yeLeP
RuUYbQylFczm0GvUSj0ZBl9si8wPo5fgYDZ2429Z+yrwUJA9uZZoPfedpLXt7fsO
xb4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:47:18 2025 by rpki-client