Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MgfaKc5lzBv3YR8Uh1CbgfL7OD4.roa
File: MgfaKc5lzBv3YR8Uh1CbgfL7OD4.roa (raw, json)
Hash identifier: PByjlA32aQpg4I6ZMhV/JQnSDWYLHLZIUjr8TdlswQk=
Subject key identifier: 32:07:DA:29:CE:65:CC:1B:F7:61:1F:14:87:50:9B:81:F2:FB:38:3E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01967CA416BBEACBD74941E88183053BE61D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MgfaKc5lzBv3YR8Uh1CbgfL7OD4.roa
Signing time: Mon 28 Apr 2025 13:44:10 +0000
ROA not before: Mon 28 Apr 2025 13:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.94.47.0/24 maxlen: 24
195.66.26.0/24 maxlen: 24
2a11:3500::/29 maxlen: 29
2a13:8c86:120::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 28 Apr 2025 14:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7c:a4:16:bb:ea:cb:d7:49:41:e8:81:83:05:3b:e6:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 28 13:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3207da29ce65cc1bf7611f1487509b81f2fb383e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f5:57:78:55:ae:b4:d1:b6:80:99:4b:39:fb:
ab:ff:51:c3:36:2f:c4:77:77:25:4e:47:b1:91:14:
e6:00:4a:33:51:cd:c3:49:a0:27:2e:43:bf:ae:11:
db:f0:16:66:30:0a:f1:cd:85:a6:9e:a2:b9:00:ec:
28:1c:e9:7e:0d:cd:30:6c:29:b4:e5:c3:f9:33:0a:
1f:d9:02:09:a1:95:5c:98:45:ba:03:bf:b8:2e:75:
aa:2b:07:e4:92:7e:2f:d4:31:e6:59:84:ac:dc:ab:
e6:94:55:84:07:01:b6:4c:46:ed:d5:d7:4f:1c:df:
90:a2:78:ba:f0:43:4a:16:e3:58:a6:38:53:df:60:
39:cc:24:bd:38:40:6e:14:1f:8f:e8:23:2a:ce:e7:
44:1d:37:bf:76:28:8f:b5:2f:28:8b:9a:d5:a5:eb:
05:c9:ca:f9:ea:34:d3:f2:8d:d3:b9:29:75:75:e2:
09:a7:b0:bf:3c:57:47:15:87:99:2d:0c:c9:a5:07:
a6:7f:ef:06:e4:78:24:37:fe:93:ba:2e:04:48:01:
0f:1a:2e:f8:56:71:12:bf:7b:c2:33:67:da:f2:ae:
81:3d:5d:82:57:05:c0:1f:cf:6b:62:09:ee:66:ef:
cd:01:b1:8f:67:fb:cf:97:4a:fe:59:d2:5d:e6:01:
9c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:07:DA:29:CE:65:CC:1B:F7:61:1F:14:87:50:9B:81:F2:FB:38:3E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/MgfaKc5lzBv3YR8Uh1CbgfL7OD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.47.0/24
195.66.26.0/24
IPv6:
2a11:3500::/29
2a13:8c86:120::/48
Signature Algorithm: sha256WithRSAEncryption
11:de:59:1a:3b:79:aa:21:45:c9:c9:8d:4e:ab:67:51:65:c5:
a0:1f:19:ff:0f:a7:e5:e0:fe:3c:39:fe:02:e5:e2:4f:ca:b3:
52:f4:1d:41:72:77:bb:df:1e:0c:66:d2:37:d9:2b:61:15:f8:
40:d2:a2:41:d2:09:b6:59:f2:74:af:4a:86:da:fa:7d:86:a5:
12:8c:83:da:cd:13:c6:b2:c0:5f:b1:57:fb:d3:96:f1:0a:85:
77:5c:db:e8:4a:14:6b:b8:25:ec:6d:0e:47:17:71:9c:00:ac:
09:bb:27:cd:1e:60:53:fc:5e:a6:25:bf:fa:bd:6a:8c:bb:50:
49:bb:a3:8e:a2:42:5b:f0:4e:d3:57:9f:9f:30:f9:03:14:33:
07:c3:bd:a8:67:32:7a:ae:82:d9:bd:75:7a:70:bc:ab:ae:7e:
2a:b8:1a:74:bf:2b:de:44:34:41:45:34:d7:10:10:47:c4:17:
f6:04:7c:d4:2c:77:92:c5:d1:21:6e:7d:d1:b6:5b:1d:b8:fc:
fd:87:2d:a7:89:51:02:8f:93:bb:f5:30:74:1c:20:b2:a6:1e:
f0:f0:ed:41:d4:e2:03:71:19:79:a4:dd:de:bf:31:b7:eb:26:
ac:4d:45:34:1c:af:c4:22:a9:38:f7:1d:6e:fa:4f:70:5b:aa:
2b:15:9a:d7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZZ8pBa76svXSUHogYMFO+YdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDI4MTM0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjA3ZGEyOWNlNjVjYzFiZjc2MTFmMTQ4NzUwOWI4MWYyZmIzODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PVXeFWutNG2gJlLOfur/1HDNi/E
d3clTkexkRTmAEozUc3DSaAnLkO/rhHb8BZmMArxzYWmnqK5AOwoHOl+Dc0wbCm0
5cP5Mwof2QIJoZVcmEW6A7+4LnWqKwfkkn4v1DHmWYSs3KvmlFWEBwG2TEbt1ddP
HN+Qoni68ENKFuNYpjhT32A5zCS9OEBuFB+P6CMqzudEHTe/diiPtS8oi5rVpesF
ycr56jTT8o3TuSl1deIJp7C/PFdHFYeZLQzJpQemf+8G5HgkN/6Tui4ESAEPGi74
VnESv3vCM2fa8q6BPV2CVwXAH89rYgnuZu/NAbGPZ/vPl0r+WdJd5gGchwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDIH2inOZcwb92EfFIdQm4Hy+zg+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTWdmYUtjNWx6QnYzWVI4VWgxQ2JnZkw3T0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQALV4vAwQA
w0IaMBYEAgACMBADBQMqETUAAwcAKhOMhgEgMA0GCSqGSIb3DQEBCwUAA4IBAQAR
3lkaO3mqIUXJyY1Oq2dRZcWgHxn/D6fl4P48Of4C5eJPyrNS9B1Bcne73x4MZtI3
2SthFfhA0qJB0gm2WfJ0r0qG2vp9hqUSjIPazRPGssBfsVf705bxCoV3XNvoShRr
uCXsbQ5HF3GcAKwJuyfNHmBT/F6mJb/6vWqMu1BJu6OOokJb8E7TV5+fMPkDFDMH
w72oZzJ6roLZvXV6cLyrrn4quBp0vyveRDRBRTTXEBBHxBf2BHzULHeSxdEhbn3R
tlsduPz9hy2niVECj5O79TB0HCCyph7w8O1B1OIDcRl5pN3evzG36yasTUU0HK/E
Iqk49x1u+k9wW6orFZrX
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:45:15 2025 by rpki-client