Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/9MnLlNOigsT_MAWmVh2RUSw3eWk.roa
File: 9MnLlNOigsT_MAWmVh2RUSw3eWk.roa (raw, json)
Hash identifier: dGTX5fyvp35UU9ubSyZ+K1KgnZC20hN7IUBw98VhjwA=
Subject key identifier: F4:C9:CB:94:D3:A2:82:C4:FF:30:05:A6:56:1D:91:51:2C:37:79:69
Certificate issuer: /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial: 019441ECCA5DC29A3084B6F2178F58C31F28
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/9MnLlNOigsT_MAWmVh2RUSw3eWk.roa
Signing time: Tue 07 Jan 2025 18:00:24 +0000
ROA not before: Tue 07 Jan 2025 18:00:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 64.190.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 10:12:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:41:ec:ca:5d:c2:9a:30:84:b6:f2:17:8f:58:c3:1f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Validity
Not Before: Jan 7 18:00:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4c9cb94d3a282c4ff3005a6561d91512c377969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e5:40:dd:cd:b5:9b:0b:e8:f2:d7:4d:d6:cc:
c7:0a:a5:9f:63:a6:92:05:02:34:3e:7f:11:f9:eb:
5a:29:e4:e5:b9:55:d6:1b:de:d7:6f:b5:d8:b7:33:
94:47:e8:15:ca:aa:de:70:6c:56:81:85:f5:b2:31:
ff:93:3f:d8:10:b8:e6:8d:01:06:c3:6b:38:80:e9:
9d:df:d5:7b:8e:b1:63:c8:7a:40:78:84:66:8d:ad:
ae:b3:c9:19:9a:ab:cb:f8:82:5e:06:fe:63:e5:9c:
94:ac:5b:37:73:70:db:a1:6a:f0:55:f1:72:dd:95:
31:a2:f7:8f:c2:fe:6f:69:38:34:e8:31:b1:5a:22:
6b:80:1f:53:6f:0f:cc:40:35:7a:78:19:65:5b:e8:
9d:d2:75:50:25:39:33:f6:3d:af:c0:f6:60:44:de:
3c:36:dc:6a:76:73:42:5f:32:5b:7b:a4:70:29:c8:
8e:b1:05:e3:3b:c9:22:f8:af:22:95:10:a0:ee:ef:
d9:b6:86:89:f0:5a:1d:cb:1b:47:f0:c7:a7:5b:d5:
a7:72:06:41:04:1c:bb:8a:8e:1a:18:95:7c:c1:47:
2f:21:f6:05:fb:14:5d:c4:ea:fe:d8:8f:4b:a9:7c:
be:ca:24:82:c8:d1:6f:ff:d1:ed:80:b4:44:21:bf:
3b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:C9:CB:94:D3:A2:82:C4:FF:30:05:A6:56:1D:91:51:2C:37:79:69
X509v3 Authority Key Identifier:
keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/9MnLlNOigsT_MAWmVh2RUSw3eWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.190.139.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:df:0d:b2:29:7d:c7:20:89:8c:a3:c6:19:2c:7f:18:c4:7c:
e8:7a:12:a2:6d:ca:15:81:d9:7a:5b:4d:4a:85:63:ef:7b:97:
e5:27:a0:8a:b3:e0:6e:1d:34:c8:1c:66:af:03:13:4d:7d:a4:
bb:2e:a5:79:da:9f:82:2f:2f:17:f0:98:2f:c1:66:68:6b:ce:
1e:ab:c7:1a:49:28:46:c8:c0:51:b9:0a:39:bd:f9:80:65:89:
d3:fd:a6:07:eb:b5:89:bf:f3:34:a5:20:e9:42:f9:66:36:48:
61:d4:3c:86:68:49:39:41:23:b8:89:d6:53:65:e4:d0:0c:ef:
97:92:a6:7a:0c:48:3d:a4:15:c1:13:65:90:c1:25:2c:d1:18:
5b:a7:cc:b1:e6:ba:39:de:da:7e:d8:db:3a:1b:33:ee:2b:d3:
41:8e:f0:da:61:95:5b:63:02:62:ee:74:9e:53:66:7b:b0:8d:
d4:f5:b4:20:78:bc:cf:72:19:dc:ac:65:88:40:d0:99:ad:dc:
98:5b:b6:b2:79:89:7c:b8:23:f9:a2:d2:a2:0a:bf:e8:e7:57:
a2:20:c0:b7:8b:31:e3:2f:7a:be:cf:35:1e:61:33:31:34:51:
5e:b5:f5:5a:87:c8:32:64:38:24:80:fc:03:32:0e:4a:8d:83:
89:33:d9:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRB7MpdwpowhLbyF49Ywx8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjUwMTA3MTgwMDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGM5Y2I5NGQzYTI4MmM0ZmYzMDA1YTY1NjFkOTE1MTJjMzc3OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOVA3c21mwvo8tdN1szHCqWfY6aS
BQI0Pn8R+etaKeTluVXWG97Xb7XYtzOUR+gVyqrecGxWgYX1sjH/kz/YELjmjQEG
w2s4gOmd39V7jrFjyHpAeIRmja2us8kZmqvL+IJeBv5j5ZyUrFs3c3DboWrwVfFy
3ZUxovePwv5vaTg06DGxWiJrgB9Tbw/MQDV6eBllW+id0nVQJTkz9j2vwPZgRN48
NtxqdnNCXzJbe6RwKciOsQXjO8ki+K8ilRCg7u/ZtoaJ8FodyxtH8MenW9WncgZB
BBy7io4aGJV8wUcvIfYF+xRdxOr+2I9LqXy+yiSCyNFv/9HtgLREIb877QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPTJy5TTooLE/zAFplYdkVEsN3lpMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvOU1uTGxOT2lnc1RfTUFXbVZoMlJVU3czZVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQL6LMA0G
CSqGSIb3DQEBCwUAA4IBAQAL3w2yKX3HIImMo8YZLH8YxHzoehKibcoVgdl6W01K
hWPve5flJ6CKs+BuHTTIHGavAxNNfaS7LqV52p+CLy8X8JgvwWZoa84eq8caSShG
yMBRuQo5vfmAZYnT/aYH67WJv/M0pSDpQvlmNkhh1DyGaEk5QSO4idZTZeTQDO+X
kqZ6DEg9pBXBE2WQwSUs0Rhbp8yx5ro53tp+2Ns6GzPuK9NBjvDaYZVbYwJi7nSe
U2Z7sI3U9bQgeLzPchncrGWIQNCZrdyYW7ayeYl8uCP5otKiCr/o51eiIMC3izHj
L3q+zzUeYTMxNFFetfVah8gyZDgkgPwDMg5KjYOJM9n/
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:49:16 2025 by rpki-client