Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mPU2ixKfUCiif1UPiti9ykxW6TE.roa
File: mPU2ixKfUCiif1UPiti9ykxW6TE.roa (raw, json)
Hash identifier: 4O5gCE2iIFIxspt6wk2OgS5V88YVarDuqy875+v/7qs=
Subject key identifier: 98:F5:36:8B:12:9F:50:28:A2:7F:55:0F:8A:D8:BD:CA:4C:56:E9:31
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01920869430FC7A6D7450AD8D80F49872ADF
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mPU2ixKfUCiif1UPiti9ykxW6TE.roa
Signing time: Thu 19 Sep 2024 03:52:48 +0000
ROA not before: Thu 19 Sep 2024 03:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3170
IP address blocks: 185.133.73.0/24 maxlen: 32
185.223.164.0/24 maxlen: 32
194.156.159.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 128
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:08:69:43:0f:c7:a6:d7:45:0a:d8:d8:0f:49:87:2a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Sep 19 03:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98f5368b129f5028a27f550f8ad8bdca4c56e931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a4:35:f1:b7:cb:1f:9b:16:76:7a:f3:3e:1c:
22:97:cc:c8:33:43:7a:29:65:cf:2e:3a:2f:5b:04:
dd:5c:1d:9a:be:c3:af:4a:d0:af:91:4a:f0:29:1f:
b1:62:0e:9d:24:b9:0b:d9:51:ea:0c:4d:90:85:c2:
94:37:23:83:cd:bd:30:d7:e0:dc:01:e5:7f:5c:23:
31:27:a2:e6:2c:ef:5a:01:de:da:61:7f:6b:a8:9d:
a4:08:90:cd:08:1f:09:71:bd:a4:00:11:92:fb:47:
d4:6e:bb:96:ad:0a:d2:24:81:15:4d:28:76:cc:5f:
14:2b:64:6f:ff:f8:4d:3c:de:74:cf:49:99:db:5f:
f2:30:70:cf:0e:8f:f7:5c:03:96:e4:ab:76:12:a2:
a9:60:36:31:a3:04:7e:e5:46:a5:67:85:01:38:04:
55:46:27:aa:1c:07:29:a0:40:ba:e5:cf:c9:bf:04:
e6:26:2e:41:3c:ce:6b:c6:6c:13:33:16:7d:ed:aa:
c2:3f:06:71:82:66:d2:eb:fb:71:87:3b:a5:b1:ba:
17:2b:8f:ae:b9:2f:3e:7e:a9:2d:f0:e9:f0:67:3a:
25:ab:e4:72:17:6a:9c:ab:78:0b:bf:09:a6:02:28:
81:1a:7e:c0:44:1b:2e:9e:4d:95:f7:60:aa:b1:3a:
26:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F5:36:8B:12:9F:50:28:A2:7F:55:0F:8A:D8:BD:CA:4C:56:E9:31
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/mPU2ixKfUCiif1UPiti9ykxW6TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.73.0/24
185.223.164.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
36:48:cd:9c:94:2c:2e:d3:95:1e:98:d9:fa:eb:30:0e:2f:6d:
3f:9f:38:3e:8c:c8:28:ec:ba:4e:16:d7:6d:73:eb:83:dd:93:
5b:7d:5e:23:31:d8:23:5d:c6:43:7f:7a:55:87:4e:0e:4a:56:
19:cd:5c:b0:10:71:ff:83:16:e5:39:33:06:d3:6d:5d:db:3f:
69:d5:eb:b6:dd:e2:dd:e3:ab:be:00:46:4c:e0:e7:be:66:7a:
29:c8:e6:90:3f:f4:e0:f9:7d:73:38:e5:c4:d7:04:4f:b1:d5:
d2:47:95:f0:4f:57:f2:a6:62:05:31:c7:07:2a:43:b4:39:20:
8c:53:b9:e5:0c:cb:76:4e:08:a5:14:0a:5e:b7:09:35:20:2e:
a7:bf:25:6e:ed:f5:ca:b5:a2:4b:5f:e2:4d:f1:40:88:d7:b5:
c9:33:a5:73:f9:0f:27:15:8c:ac:c4:37:81:ea:fa:ea:70:bb:
40:60:26:fb:ed:cd:81:1b:bf:ce:c1:b3:5b:ca:82:a9:76:14:
6a:77:7d:da:0e:b2:c4:1b:14:64:f2:a0:0a:3b:71:84:03:d5:
9c:76:8d:bb:d0:dc:f3:bb:73:88:a8:e0:cb:41:c6:bd:0e:95:
47:f8:d6:cf:e3:cd:1d:fb:66:61:fa:5f:6b:22:2f:a7:86:75:
67:c9:ce:0a
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZIIaUMPx6bXRQrY2A9JhyrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwOTE5MDM1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY1MzY4YjEyOWY1MDI4YTI3ZjU1MGY4YWQ4YmRjYTRjNTZlOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7qQ18bfLH5sWdnrzPhwil8zIM0N6
KWXPLjovWwTdXB2avsOvStCvkUrwKR+xYg6dJLkL2VHqDE2QhcKUNyODzb0w1+Dc
AeV/XCMxJ6LmLO9aAd7aYX9rqJ2kCJDNCB8Jcb2kABGS+0fUbruWrQrSJIEVTSh2
zF8UK2Rv//hNPN50z0mZ21/yMHDPDo/3XAOW5Kt2EqKpYDYxowR+5UalZ4UBOARV
RieqHAcpoEC65c/JvwTmJi5BPM5rxmwTMxZ97arCPwZxgmbS6/txhzulsboXK4+u
uS8+fqkt8OnwZzolq+RyF2qcq3gLvwmmAiiBGn7ARBsunk2V92CqsTomBwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJj1NosSn1Aoon9VD4rYvcpMVukxMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvbVBVMml4S2ZVQ2lpZjFVUGl0aTl5a3hXNlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAuYVJAwQA
ud+kAwQAwpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBADZI
zZyULC7TlR6Y2frrMA4vbT+fOD6MyCjsuk4W121z64Pdk1t9XiMx2CNdxkN/elWH
Tg5KVhnNXLAQcf+DFuU5MwbTbV3bP2nV67bd4t3jq74ARkzg575meinI5pA/9OD5
fXM45cTXBE+x1dJHlfBPV/KmYgUxxwcqQ7Q5IIxTueUMy3ZOCKUUCl63CTUgLqe/
JW7t9cq1oktf4k3xQIjXtckzpXP5DycVjKzEN4Hq+upwu0BgJvvtzYEbv87Bs1vK
gql2FGp3fdoOssQbFGTyoAo7cYQD1Zx2jbvQ3PO7c4io4MtBxr0OlUf41s/jzR37
ZmH6X2siL6eGdWfJzgo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:42 2025 by rpki-client