Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/MrwdC8Q_xzXYK-bPVXHLI9fzi-o.roa
File: MrwdC8Q_xzXYK-bPVXHLI9fzi-o.roa (raw, json)
Hash identifier: dUgXccgoPv/MGjieaNOv7XYful0KfsG9FU8U6il7RQ8=
Subject key identifier: 32:BC:1D:0B:C4:3F:C7:35:D8:2B:E6:CF:55:71:CB:23:D7:F3:8B:EA
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 018FCE99F64E6273ED0EC9082A0FB0120E61
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/MrwdC8Q_xzXYK-bPVXHLI9fzi-o.roa
Signing time: Fri 31 May 2024 12:22:27 +0000
ROA not before: Fri 31 May 2024 12:22:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
190.92.174.0/24 maxlen: 24
190.92.175.0/24 maxlen: 24
195.250.20.0/24 maxlen: 24
195.250.21.0/24 maxlen: 24
195.250.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 10:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ce:99:f6:4e:62:73:ed:0e:c9:08:2a:0f:b0:12:0e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: May 31 12:22:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32bc1d0bc43fc735d82be6cf5571cb23d7f38bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8e:d5:39:8f:14:69:d0:7e:5c:0b:35:39:94:
d8:a1:19:41:06:17:1a:ad:a5:8c:f8:37:91:14:a0:
86:95:86:9c:14:0c:9a:c3:77:30:01:79:69:f8:08:
36:f3:a8:a9:0a:17:9c:d5:36:2f:90:65:84:66:88:
6c:ce:2a:b3:a7:82:3e:08:f7:a0:82:1a:89:5c:cb:
6f:8a:ff:b1:9e:59:c6:84:2e:42:4b:df:1a:2f:01:
05:db:2f:c0:8c:cd:66:48:fd:a9:dc:d9:40:ea:b6:
dc:73:05:ea:97:69:d1:a1:a9:d9:02:8d:20:11:a7:
7a:10:8f:38:ac:88:b0:fe:31:22:cf:d0:da:3b:61:
17:36:9d:1d:62:21:7e:94:f6:50:38:69:b7:de:02:
e0:ab:c6:cb:46:01:ef:02:2a:b6:1c:17:a0:8b:2d:
1e:46:7e:27:86:e1:ce:36:76:a2:38:40:5a:57:86:
b2:9e:ef:fb:28:28:43:2f:7d:77:47:2c:b5:a3:be:
5c:fa:9a:22:75:5a:a9:61:40:7f:e8:aa:d8:f7:a3:
18:92:65:72:dc:6d:59:d2:be:47:04:7e:90:64:9c:
81:bf:eb:c6:05:14:ea:30:e4:bf:d3:ab:48:c4:18:
27:3a:64:58:23:ed:1b:ad:2c:0d:27:35:50:1b:53:
78:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BC:1D:0B:C4:3F:C7:35:D8:2B:E6:CF:55:71:CB:23:D7:F3:8B:EA
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/MrwdC8Q_xzXYK-bPVXHLI9fzi-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
190.92.174.0/23
195.250.20.0-195.250.22.255
Signature Algorithm: sha256WithRSAEncryption
66:f1:ec:99:4c:59:7b:be:dd:cb:e5:49:24:83:c5:9f:00:45:
83:dc:bf:78:a8:f8:04:7b:9f:0e:67:db:90:c1:53:97:ff:30:
2d:77:d3:83:9c:8b:7e:e5:6c:24:e0:62:78:44:8d:c0:0c:87:
5a:f6:75:c3:25:7f:28:1b:b7:bf:63:73:2a:a3:3f:e4:3c:0b:
0e:93:20:40:33:bf:a9:eb:70:8a:c7:f8:ec:9c:50:fb:66:53:
89:e8:1e:ca:2b:cf:19:db:99:1f:e0:ed:8c:62:f7:64:0b:f7:
e6:9c:c1:ce:20:97:c2:1a:f7:ad:92:5a:f6:f3:65:3e:ac:9d:
0a:b7:e7:5a:29:aa:dc:76:98:c7:0a:99:86:0d:24:9e:7b:71:
7c:48:f7:52:4d:d9:ed:00:20:be:ca:79:65:11:0c:64:ad:43:
76:05:f0:ba:a6:db:6b:28:7e:26:a2:ef:2d:cf:70:77:3f:a8:
6a:fa:b7:52:c4:13:2c:04:06:40:0e:9e:ce:4b:95:14:4f:2b:
ff:cf:23:a9:e0:4c:2a:08:e4:1c:8d:42:7e:7e:ae:67:4c:1a:
d2:16:e9:e0:d4:3c:a5:76:a8:5b:19:0c:0a:ae:77:c2:ab:02:
d0:80:26:d9:2f:ba:49:d2:be:c8:cc:06:ac:f3:f7:a1:4c:e7:
8d:c1:9f:ff
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY/OmfZOYnPtDskIKg+wEg5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQwNTMxMTIyMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmJjMWQwYmM0M2ZjNzM1ZDgyYmU2Y2Y1NTcxY2IyM2Q3ZjM4YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnY7VOY8UadB+XAs1OZTYoRlBBhca
raWM+DeRFKCGlYacFAyaw3cwAXlp+Ag286ipChec1TYvkGWEZohsziqzp4I+CPeg
ghqJXMtviv+xnlnGhC5CS98aLwEF2y/AjM1mSP2p3NlA6rbccwXql2nRoanZAo0g
Ead6EI84rIiw/jEiz9DaO2EXNp0dYiF+lPZQOGm33gLgq8bLRgHvAiq2HBegiy0e
Rn4nhuHONnaiOEBaV4aynu/7KChDL313Ryy1o75c+poidVqpYUB/6KrY96MYkmVy
3G1Z0r5HBH6QZJyBv+vGBRTqMOS/06tIxBgnOmRYI+0brSwNJzVQG1N4CQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDK8HQvEP8c12Cvmz1VxyyPX84vqMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvTXJ3ZEM4UV94elhZSy1iUFZYSExJOWZ6aS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQARTmsAwQB
vlyuMAwDBALD+hQDBADD+hYwDQYJKoZIhvcNAQELBQADggEBAGbx7JlMWXu+3cvl
SSSDxZ8ARYPcv3io+AR7nw5n25DBU5f/MC1304Oci37lbCTgYnhEjcAMh1r2dcMl
fygbt79jcyqjP+Q8Cw6TIEAzv6nrcIrH+OycUPtmU4noHsorzxnbmR/g7Yxi92QL
9+acwc4gl8Ia962SWvbzZT6snQq351opqtx2mMcKmYYNJJ57cXxI91JN2e0AIL7K
eWURDGStQ3YF8Lqm22sofiai7y3PcHc/qGr6t1LEEywEBkAOns5LlRRPK//PI6ng
TCoI5ByNQn5+rmdMGtIW6eDUPKV2qFsZDAqud8KrAtCAJtkvuknSvsjMBqzz96FM
543Bn/8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:53:41 2025 by rpki-client