Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/MCQXNydsWo-NPOdbaW9oEcz0GE0.roa
File: MCQXNydsWo-NPOdbaW9oEcz0GE0.roa (raw, json)
Hash identifier: JE9rPCbMxFMravr5+mSAn+KVV2jBkLUGgl1430rhRKk=
Subject key identifier: 30:24:17:37:27:6C:5A:8F:8D:3C:E7:5B:69:6F:68:11:CC:F4:18:4D
Certificate issuer: /CN=79730b9ea010d832f940efb589c51889132f4c94
Certificate serial: 0190C0118DB847777612EE59B062B1C3D164
Authority key identifier: 79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/MCQXNydsWo-NPOdbaW9oEcz0GE0.roa
Signing time: Wed 17 Jul 2024 09:41:34 +0000
ROA not before: Wed 17 Jul 2024 09:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41955
IP address blocks: 185.199.216.0/22 maxlen: 24
194.26.188.0/22 maxlen: 24
2a0a:a3c0::/32 maxlen: 32
2a0a:a3c0::/44 maxlen: 48
2a10:7080::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jul 2024 14:38:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c0:11:8d:b8:47:77:76:12:ee:59:b0:62:b1:c3:d1:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79730b9ea010d832f940efb589c51889132f4c94
Validity
Not Before: Jul 17 09:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30241737276c5a8f8d3ce75b696f6811ccf4184d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d7:ee:f8:a8:91:25:3e:55:33:64:8e:c9:8b:
dc:b2:fb:fe:39:93:8f:df:57:73:23:c8:d4:44:60:
72:20:4b:b2:b6:d2:a0:b0:d9:cf:74:2d:5d:d2:20:
c2:c9:fc:51:1b:04:b8:55:8e:24:1e:3f:4f:bd:17:
c7:3f:02:0c:c1:1a:93:90:18:55:86:2f:63:38:36:
21:70:43:79:6d:6d:49:06:23:cf:35:d3:c9:b7:ed:
02:56:3d:1e:68:8c:74:c4:ed:95:ac:fb:83:bb:2d:
90:e7:99:08:8b:a3:1a:a6:f6:17:a6:d2:f2:f2:e9:
0b:4b:cb:ec:69:a7:b3:3f:a0:be:ce:e1:cd:6e:49:
9a:d5:10:cf:32:3d:73:5d:ee:6c:8b:e0:50:82:b9:
4c:d8:4e:65:ba:89:82:bb:eb:71:c7:38:11:aa:8e:
6d:af:c4:03:a0:99:78:68:92:f3:cf:7f:d6:bb:ef:
c0:99:60:87:32:ca:6e:77:a2:6f:fc:c2:81:a6:1c:
36:18:41:29:ee:12:8a:5e:29:c0:61:be:48:4b:6d:
2f:70:3b:34:a8:f0:4a:36:cc:68:c8:aa:59:a3:77:
8d:18:2d:50:49:e9:d1:05:83:61:66:93:86:94:0d:
64:70:ca:92:4c:b0:2f:fa:e8:93:ba:86:7f:40:a0:
d4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:24:17:37:27:6C:5A:8F:8D:3C:E7:5B:69:6F:68:11:CC:F4:18:4D
X509v3 Authority Key Identifier:
keyid:79:73:0B:9E:A0:10:D8:32:F9:40:EF:B5:89:C5:18:89:13:2F:4C:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/MCQXNydsWo-NPOdbaW9oEcz0GE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/a02cc6-1308-47e4-a087-39605f9081b7/1/eXMLnqAQ2DL5QO-1icUYiRMvTJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.216.0/22
194.26.188.0/22
IPv6:
2a0a:a3c0::/32
2a10:7080::/44
Signature Algorithm: sha256WithRSAEncryption
02:0b:80:2d:6f:dc:4a:4b:8e:ee:90:a9:d8:77:95:de:9a:03:
46:60:5c:b0:24:6a:a8:94:61:a8:d8:84:7d:47:d0:5d:bc:c7:
ba:6e:f8:39:6d:54:ae:bc:99:6e:a9:d2:87:71:0b:cb:8c:05:
fe:25:68:b5:8a:ce:46:5f:40:b5:45:e2:0f:1e:e8:a7:f7:a5:
b2:12:b6:ef:1f:54:dc:3b:30:e4:8d:72:82:94:9d:6f:0c:03:
47:82:88:02:49:43:d1:0f:82:4e:67:06:e9:53:88:6d:f9:39:
f8:e8:25:c1:d8:50:14:ba:4b:56:de:44:74:ec:08:79:17:0c:
ab:cf:2b:cc:f6:f6:1f:58:ff:06:73:55:03:15:58:1f:3d:2d:
ef:02:a7:80:f7:32:c9:20:c6:0d:6a:c0:69:b1:c3:bd:b0:0a:
b6:0c:0e:9a:9c:95:34:93:15:e8:c1:6e:90:39:94:f9:2e:ca:
35:8b:bc:b3:d9:e0:c3:cb:ea:aa:5f:70:76:63:8c:c5:c2:a6:
0f:a3:ee:49:d5:7e:d9:ae:e4:3d:9d:7a:5a:cd:26:51:59:b7:
a6:95:3a:0e:1a:49:a9:b7:99:b3:f0:88:51:70:8a:44:6f:30:
1b:bb:aa:7c:a4:2d:2b:bc:28:a7:8f:f6:5e:62:b3:c9:f3:0b:
5c:ed:39:3d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZDAEY24R3d2Eu5ZsGKxw9FkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NzMwYjllYTAxMGQ4MzJmOTQwZWZiNTg5YzUxODg5MTMy
ZjRjOTQwHhcNMjQwNzE3MDk0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI0MTczNzI3NmM1YThmOGQzY2U3NWI2OTZmNjgxMWNjZjQxODRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdfu+KiRJT5VM2SOyYvcsvv+OZOP
31dzI8jURGByIEuyttKgsNnPdC1d0iDCyfxRGwS4VY4kHj9PvRfHPwIMwRqTkBhV
hi9jODYhcEN5bW1JBiPPNdPJt+0CVj0eaIx0xO2VrPuDuy2Q55kIi6MapvYXptLy
8ukLS8vsaaezP6C+zuHNbkma1RDPMj1zXe5si+BQgrlM2E5luomCu+txxzgRqo5t
r8QDoJl4aJLzz3/Wu+/AmWCHMspud6Jv/MKBphw2GEEp7hKKXinAYb5IS20vcDs0
qPBKNsxoyKpZo3eNGC1QSenRBYNhZpOGlA1kcMqSTLAv+uiTuoZ/QKDUKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDAkFzcnbFqPjTznW2lvaBHM9BhNMB8GA1UdIwQY
MBaAFHlzC56gENgy+UDvtYnFGIkTL0yUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODct
Mzk2MDVmOTA4MWI3LzEvTUNRWE55ZHNXby1OUE9kYmFXOW9FY3owR0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9hMDJjYzYtMTMwOC00N2U0LWEwODctMzk2MDVmOTA4MWI3
LzEvZVhNTG5xQVEyREw1UU8tMWljVVlpUk12VEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCucfYAwQC
whq8MBYEAgACMBADBQAqCqPAAwcEKhBwgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAC
C4Atb9xKS47ukKnYd5XemgNGYFywJGqolGGo2IR9R9BdvMe6bvg5bVSuvJluqdKH
cQvLjAX+JWi1is5GX0C1ReIPHuin96WyErbvH1TcOzDkjXKClJ1vDANHgogCSUPR
D4JOZwbpU4ht+Tn46CXB2FAUuktW3kR07Ah5FwyrzyvM9vYfWP8Gc1UDFVgfPS3v
AqeA9zLJIMYNasBpscO9sAq2DA6anJU0kxXowW6QOZT5Lso1i7yz2eDDy+qqX3B2
Y4zFwqYPo+5J1X7ZruQ9nXpazSZRWbemlToOGkmpt5mz8IhRcIpEbzAbu6p8pC0r
vCinj/ZeYrPJ8wtc7Tk9
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:31:48 2025 by rpki-client