Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/mfgWPLxJAaBj7ew-tPwfEDFGBS0.roa
File: mfgWPLxJAaBj7ew-tPwfEDFGBS0.roa (raw, json)
Hash identifier: RSQK/mUCU1nKPo1cH/lACtSC0B6Qg8nQL/4j0RT/rlE=
Subject key identifier: 99:F8:16:3C:BC:49:01:A0:63:ED:EC:3E:B4:FC:1F:10:31:46:05:2D
Certificate issuer: /CN=3a0429b5aecac8364544bf623f94f163afdce561
Certificate serial: 018DC1EB075E42669249DCBF059A058A417F
Authority key identifier: 3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/mfgWPLxJAaBj7ew-tPwfEDFGBS0.roa
Signing time: Mon 19 Feb 2024 15:10:22 +0000
ROA not before: Mon 19 Feb 2024 15:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 146.0.0.0/24 maxlen: 24
146.0.1.0/24 maxlen: 24
146.0.2.0/24 maxlen: 24
146.0.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 10:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:eb:07:5e:42:66:92:49:dc:bf:05:9a:05:8a:41:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a0429b5aecac8364544bf623f94f163afdce561
Validity
Not Before: Feb 19 15:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99f8163cbc4901a063edec3eb4fc1f103146052d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bb:60:06:54:cf:5a:92:6a:67:fe:3a:04:43:
66:59:b3:28:1e:4a:da:b2:cd:12:bb:0b:4a:ff:90:
68:43:b2:be:c5:2e:ea:c9:e2:95:d8:2e:c2:85:e2:
a8:ba:df:99:d0:4f:03:7b:b7:f7:41:a5:fc:dd:a5:
82:1d:d7:f4:dc:3c:39:67:24:0b:d1:2d:6f:96:0a:
c2:65:ac:8b:09:d2:cc:d2:8b:c1:03:d1:73:11:23:
b1:ce:92:94:72:40:24:84:a7:c5:21:08:c3:23:d8:
e7:f3:5e:a1:fb:bd:4c:d2:8c:de:3b:c6:8b:34:62:
2d:65:51:49:76:47:a3:48:bd:97:ef:75:35:7c:b7:
55:44:dc:1e:1a:2c:9e:9f:49:1d:c1:68:2a:b2:6b:
32:83:6d:bd:be:08:4d:dc:59:8f:54:8d:57:14:b6:
17:46:d2:64:f9:2c:5e:85:39:c0:a6:db:88:2a:d3:
6b:59:e3:cf:67:6b:86:65:92:30:f8:f7:ce:dd:ab:
cd:4e:63:8c:d6:10:64:7b:43:e3:61:27:cc:72:c6:
ca:0f:0c:c1:50:5e:df:08:04:d9:92:06:be:40:17:
36:d3:bc:4e:af:61:41:77:85:0b:41:c9:fe:9d:2f:
8f:44:81:8e:b6:c1:8a:06:1b:56:d1:7b:ae:7b:97:
a9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F8:16:3C:BC:49:01:A0:63:ED:EC:3E:B4:FC:1F:10:31:46:05:2D
X509v3 Authority Key Identifier:
keyid:3A:04:29:B5:AE:CA:C8:36:45:44:BF:62:3F:94:F1:63:AF:DC:E5:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgQpta7KyDZFRL9iP5TxY6_c5WE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/mfgWPLxJAaBj7ew-tPwfEDFGBS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/fb9215-d1d1-47c2-ac81-84712c9f3464/1/OgQpta7KyDZFRL9iP5TxY6_c5WE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.0.0-146.0.2.255
146.0.15.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:b1:ba:67:f3:c2:98:b4:7a:b6:39:b2:cc:61:06:9c:cf:1a:
6d:a7:76:ca:88:4d:4b:76:49:c2:d9:5a:56:24:f5:a9:97:09:
e8:ca:36:31:48:b2:14:69:19:25:6c:cb:3e:a0:92:7a:b9:8b:
24:98:03:44:2b:ee:3b:d2:99:9a:0f:89:4a:1d:17:8c:02:c5:
da:fe:62:ec:80:60:7f:88:5f:b7:8f:32:a7:9b:9b:42:02:c4:
2c:da:cd:32:8b:fd:b6:62:cb:f5:1f:e6:0e:d1:3d:8b:fc:16:
cb:9d:21:a3:a5:58:c0:d0:1f:85:43:53:17:d7:0d:d9:23:a4:
3b:f7:e2:0d:22:8a:b8:26:51:fd:ba:88:51:30:cf:d4:95:a5:
31:bb:97:b8:fe:8b:e7:0a:3c:64:a6:54:d6:7d:1e:b0:65:e2:
41:68:2a:a8:a7:f7:0c:39:e3:33:c3:e3:23:b6:70:51:0b:1a:
0b:6d:0c:d6:3f:38:cb:75:66:e9:47:44:38:aa:f4:b7:da:49:
dd:d4:dc:18:cc:8b:de:a4:33:07:e0:a1:7a:17:13:25:36:7a:
7c:28:f9:4d:60:10:b2:48:08:de:12:aa:df:d5:47:b1:29:8f:
c1:5d:7c:46:03:01:14:ee:4e:8c:c2:88:40:69:95:5a:1a:6a:
59:e3:d6:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY3B6wdeQmaSSdy/BZoFikF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDQyOWI1YWVjYWM4MzY0NTQ0YmY2MjNmOTRmMTYzYWZk
Y2U1NjEwHhcNMjQwMjE5MTUxMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWY4MTYzY2JjNDkwMWEwNjNlZGVjM2ViNGZjMWYxMDMxNDYwNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7tgBlTPWpJqZ/46BENmWbMoHkra
ss0SuwtK/5BoQ7K+xS7qyeKV2C7CheKout+Z0E8De7f3QaX83aWCHdf03Dw5ZyQL
0S1vlgrCZayLCdLM0ovBA9FzESOxzpKUckAkhKfFIQjDI9jn816h+71M0ozeO8aL
NGItZVFJdkejSL2X73U1fLdVRNweGiyen0kdwWgqsmsyg229vghN3FmPVI1XFLYX
RtJk+SxehTnAptuIKtNrWePPZ2uGZZIw+PfO3avNTmOM1hBke0PjYSfMcsbKDwzB
UF7fCATZkga+QBc207xOr2FBd4ULQcn+nS+PRIGOtsGKBhtW0Xuue5epmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJn4Fjy8SQGgY+3sPrT8HxAxRgUtMB8GA1UdIwQY
MBaAFDoEKbWuysg2RUS/Yj+U8WOv3OVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEt
ODQ3MTJjOWYzNDY0LzEvbWZnV1BMeEpBYUJqN2V3LXRQd2ZFREZHQlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mYjkyMTUtZDFkMS00N2MyLWFjODEtODQ3MTJjOWYzNDY0
LzEvT2dRcHRhN0t5RFpGUkw5aVA1VHhZNl9jNVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASMAoDAgGSAwQA
kgACAwQAkgAPMA0GCSqGSIb3DQEBCwUAA4IBAQCysbpn88KYtHq2ObLMYQaczxpt
p3bKiE1LdknC2VpWJPWplwnoyjYxSLIUaRklbMs+oJJ6uYskmANEK+470pmaD4lK
HReMAsXa/mLsgGB/iF+3jzKnm5tCAsQs2s0yi/22Ysv1H+YO0T2L/BbLnSGjpVjA
0B+FQ1MX1w3ZI6Q79+INIoq4JlH9uohRMM/UlaUxu5e4/ovnCjxkplTWfR6wZeJB
aCqop/cMOeMzw+MjtnBRCxoLbQzWPzjLdWbpR0Q4qvS32knd1NwYzIvepDMH4KF6
FxMlNnp8KPlNYBCySAjeEqrf1UexKY/BXXxGAwEU7k6MwohAaZVaGmpZ49bQ
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:12 2025 by rpki-client