Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/0d33c9-6a84-4ce3-81b0-418af90acb8a/1/MnFWp469PNUBcKgsci3CmO4mm_w.roa
File: MnFWp469PNUBcKgsci3CmO4mm_w.roa (raw, json)
Hash identifier: n3O3UC4iHE/O5diLbEg4xJLk1AaUUcgyadWYtfZw6bc=
Subject key identifier: 32:71:56:A7:8E:BD:3C:D5:01:70:A8:2C:72:2D:C2:98:EE:26:9B:FC
Certificate issuer: /CN=96d7ba651403d18dddb7a74b20ddc21deb94220e
Certificate serial: 01941F8C9A84C4702DEA82067E8D09C9CF3A
Authority key identifier: 96:D7:BA:65:14:03:D1:8D:DD:B7:A7:4B:20:DD:C2:1D:EB:94:22:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lte6ZRQD0Y3dt6dLIN3CHeuUIg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/0d33c9-6a84-4ce3-81b0-418af90acb8a/1/MnFWp469PNUBcKgsci3CmO4mm_w.roa
Signing time: Wed 01 Jan 2025 01:48:15 +0000
ROA not before: Wed 01 Jan 2025 01:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59771
IP address blocks: 185.205.24.0/22 maxlen: 24
185.205.24.0/24 maxlen: 24
185.205.26.0/24 maxlen: 24
185.205.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 13:55:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:9a:84:c4:70:2d:ea:82:06:7e:8d:09:c9:cf:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96d7ba651403d18dddb7a74b20ddc21deb94220e
Validity
Not Before: Jan 1 01:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=327156a78ebd3cd50170a82c722dc298ee269bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2f:35:02:87:c4:83:0a:81:8d:7e:c3:71:27:
3d:7d:1a:38:b8:37:c3:70:27:74:11:6e:b7:69:40:
52:f4:87:b2:24:e9:36:77:37:22:24:66:21:f0:8a:
97:3c:78:b1:fa:93:cf:f7:41:f6:a7:31:1e:9c:32:
96:fa:d9:45:17:4f:36:75:fd:6d:cd:43:f0:28:f5:
61:5f:70:23:cc:a0:f8:4c:c4:b9:fa:3d:a3:75:ab:
a7:05:16:cb:fa:5f:1b:1e:e3:d2:61:39:e4:28:f0:
40:43:d2:db:13:1a:77:8b:55:88:7c:5b:5f:3e:66:
26:20:5f:1d:fd:ab:5e:93:34:cd:64:e5:98:84:07:
0b:12:58:69:c1:a3:75:be:cc:e0:38:02:01:33:20:
5e:f2:f3:32:2f:4d:d5:21:b5:01:6d:c3:66:bb:67:
3b:fa:12:cc:90:a9:fb:a9:7d:8c:65:38:ee:0e:88:
61:33:89:5c:0b:a2:38:16:8a:f1:9f:b0:d4:7e:60:
a3:c4:22:06:c4:7b:fa:b9:a2:36:58:f0:62:0a:10:
76:67:b7:e1:1d:d1:89:b8:fb:db:22:39:06:d0:11:
92:df:45:a1:1c:6f:fb:d5:41:74:b3:5c:ee:ce:50:
53:ae:83:03:27:52:e5:2f:0b:45:9e:ee:dd:e0:9f:
2d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:71:56:A7:8E:BD:3C:D5:01:70:A8:2C:72:2D:C2:98:EE:26:9B:FC
X509v3 Authority Key Identifier:
keyid:96:D7:BA:65:14:03:D1:8D:DD:B7:A7:4B:20:DD:C2:1D:EB:94:22:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lte6ZRQD0Y3dt6dLIN3CHeuUIg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/0d33c9-6a84-4ce3-81b0-418af90acb8a/1/MnFWp469PNUBcKgsci3CmO4mm_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/0d33c9-6a84-4ce3-81b0-418af90acb8a/1/lte6ZRQD0Y3dt6dLIN3CHeuUIg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.24.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:f2:a5:e2:fa:86:19:8f:fa:2e:56:2f:8f:19:d3:ec:3f:1f:
50:65:2e:6a:b3:d4:75:b9:b5:9d:23:e1:92:83:22:9a:72:be:
c1:ff:b9:ee:f4:10:f4:b1:93:73:8c:86:23:70:c7:50:56:1f:
62:6b:14:a3:b9:90:67:d5:21:6e:0d:d7:d7:87:91:4a:02:63:
73:66:4a:9a:27:58:9e:d5:80:5e:61:b0:02:9e:2e:17:16:7d:
a1:c9:40:c3:cb:38:22:06:6d:91:bf:55:4d:c3:f6:c1:f7:6b:
32:77:30:3f:e5:9f:c2:af:e2:7d:5c:8d:4c:34:b9:d6:c9:60:
0a:9e:84:dd:3f:02:3d:6a:b9:9e:fa:4f:49:c0:85:c6:12:65:
10:34:c0:66:28:07:33:22:58:cd:07:38:fb:44:9c:62:b9:8b:
cb:f3:03:c3:1e:d8:84:8c:a9:e5:26:b6:84:cd:c5:91:88:7e:
01:03:22:ae:b1:68:b3:07:1c:e4:4e:ee:d8:e0:78:e8:af:50:
61:78:09:a8:9f:b4:9e:32:8d:26:69:6b:72:c0:98:a5:41:64:
42:87:f8:12:bb:82:5a:7c:b7:02:75:eb:8b:01:e6:fb:c0:e9:
c4:84:8d:0f:5e:df:e1:86:df:ab:93:27:c4:20:5c:31:64:50:
41:fe:9f:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjJqExHAt6oIGfo0Jyc86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDdiYTY1MTQwM2QxOGRkZGI3YTc0YjIwZGRjMjFkZWI5
NDIyMGUwHhcNMjUwMTAxMDE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjcxNTZhNzhlYmQzY2Q1MDE3MGE4MmM3MjJkYzI5OGVlMjY5YmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzy81AofEgwqBjX7DcSc9fRo4uDfD
cCd0EW63aUBS9IeyJOk2dzciJGYh8IqXPHix+pPP90H2pzEenDKW+tlFF082df1t
zUPwKPVhX3AjzKD4TMS5+j2jdaunBRbL+l8bHuPSYTnkKPBAQ9LbExp3i1WIfFtf
PmYmIF8d/atekzTNZOWYhAcLElhpwaN1vszgOAIBMyBe8vMyL03VIbUBbcNmu2c7
+hLMkKn7qX2MZTjuDohhM4lcC6I4Forxn7DUfmCjxCIGxHv6uaI2WPBiChB2Z7fh
HdGJuPvbIjkG0BGS30WhHG/71UF0s1zuzlBTroMDJ1LlLwtFnu7d4J8tbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJxVqeOvTzVAXCoLHItwpjuJpv8MB8GA1UdIwQY
MBaAFJbXumUUA9GN3benSyDdwh3rlCIOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRlNlpSUUQwWTNkdDZkTElOM0NIZXVVSWc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8wZDMzYzktNmE4NC00Y2UzLTgxYjAt
NDE4YWY5MGFjYjhhLzEvTW5GV3A0NjlQTlVCY0tnc2NpM0NtTzRtbV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8wZDMzYzktNmE4NC00Y2UzLTgxYjAtNDE4YWY5MGFjYjhh
LzEvbHRlNlpSUUQwWTNkdDZkTElOM0NIZXVVSWc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc0YMA0G
CSqGSIb3DQEBCwUAA4IBAQCp8qXi+oYZj/ouVi+PGdPsPx9QZS5qs9R1ubWdI+GS
gyKacr7B/7nu9BD0sZNzjIYjcMdQVh9iaxSjuZBn1SFuDdfXh5FKAmNzZkqaJ1ie
1YBeYbACni4XFn2hyUDDyzgiBm2Rv1VNw/bB92sydzA/5Z/Cr+J9XI1MNLnWyWAK
noTdPwI9arme+k9JwIXGEmUQNMBmKAczIljNBzj7RJxiuYvL8wPDHtiEjKnlJraE
zcWRiH4BAyKusWizBxzkTu7Y4Hjor1BheAmon7SeMo0maWtywJilQWRCh/gSu4Ja
fLcCdeuLAeb7wOnEhI0PXt/hht+rkyfEIFwxZFBB/p8r
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:29:55 2025 by rpki-client