Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/MYTsnperLwZMBpX1-qzLFL9qKkE.roa
File: MYTsnperLwZMBpX1-qzLFL9qKkE.roa (raw, json)
Hash identifier: bMsCxNG0EK2agTJAeX/gj28Uv/MTRsN4hiE8RUO5rSQ=
Subject key identifier: 31:84:EC:9E:97:AB:2F:06:4C:06:95:F5:FA:AC:CB:14:BF:6A:2A:41
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01922A37BCEC5F633674CF8413BAA885C126
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/MYTsnperLwZMBpX1-qzLFL9qKkE.roa
Signing time: Wed 25 Sep 2024 17:25:48 +0000
ROA not before: Wed 25 Sep 2024 17:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58212
IP address blocks: 85.117.241.0/24 maxlen: 24
85.117.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Oct 2024 00:56:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2a:37:bc:ec:5f:63:36:74:cf:84:13:ba:a8:85:c1:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Sep 25 17:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3184ec9e97ab2f064c0695f5faaccb14bf6a2a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2e:ec:e1:bd:a9:9c:24:ca:a8:28:ef:44:c4:
ff:6d:62:f8:72:d3:02:a6:fb:b2:17:bc:09:ad:0b:
df:39:9d:e6:5c:ab:7c:9a:1c:de:08:12:ed:f6:5c:
ad:ea:db:00:a9:31:ec:8f:40:6c:d8:7b:73:08:7f:
65:5d:38:9f:19:79:90:fd:77:7c:54:f7:de:d4:89:
6c:0a:21:92:56:ba:be:f2:0d:7e:a8:ec:35:09:e2:
b4:79:6d:01:70:67:bb:79:05:95:c1:d3:2f:0e:8c:
81:d9:e6:86:0e:a9:3c:58:d6:fd:41:a4:08:92:76:
93:0d:72:a4:5e:a0:f9:e1:48:ef:ba:74:29:39:10:
73:31:6c:27:1c:32:f7:65:37:cb:9d:86:52:6e:10:
db:bd:bb:66:83:a6:c7:cb:0d:1e:bd:cf:f7:e0:b4:
e2:f1:70:12:d6:82:11:11:fd:69:e6:d0:1a:c2:28:
39:ed:c5:b5:fe:5d:32:8a:13:70:97:6c:df:34:33:
94:44:2b:46:36:12:e2:f9:b3:4e:9e:33:47:0d:3e:
39:3f:1d:c0:9c:d3:03:10:95:96:f2:32:5b:1a:dc:
2b:40:6f:5b:12:65:84:29:20:ff:6b:29:a8:f8:81:
59:3e:05:d1:23:bb:04:fe:6b:78:58:8e:54:71:91:
95:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:84:EC:9E:97:AB:2F:06:4C:06:95:F5:FA:AC:CB:14:BF:6A:2A:41
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/MYTsnperLwZMBpX1-qzLFL9qKkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.241.0/24
85.117.243.0/24
Signature Algorithm: sha256WithRSAEncryption
08:fe:bb:76:c5:76:2f:58:1c:18:7d:68:26:92:9f:e7:ad:63:
c4:34:4c:ea:80:d1:cc:43:7a:dc:e0:d1:35:da:8b:1f:71:17:
74:9d:66:57:18:00:42:d3:62:c1:8e:9d:f7:30:d6:8b:c1:36:
23:64:26:de:4a:f0:89:34:c2:a6:37:55:9a:9b:f6:7e:4d:55:
33:2e:24:21:27:cb:0f:46:49:eb:c4:d7:b0:78:0a:08:f0:12:
3a:13:ef:0f:cd:1f:e0:f5:70:a9:45:f2:30:ae:be:2c:62:37:
fc:7e:a0:6e:c6:2d:2d:d6:4f:ec:f5:8e:35:70:ff:22:48:72:
2e:59:9b:96:fa:60:f5:14:af:46:3e:c5:4d:74:92:b0:69:ba:
5d:bd:c9:38:c3:9a:65:5c:0f:d4:1b:c0:2e:16:dc:03:b0:23:
9c:7c:38:13:78:b2:22:5e:4f:3c:88:22:90:a6:6c:f8:bb:32:
10:47:01:51:e4:d6:3e:0a:b7:03:bc:a6:9b:0c:fb:32:8b:52:
41:dc:e5:0e:98:ab:8e:0c:ab:a1:fe:cd:37:dd:17:33:5f:05:
7a:b9:c4:5e:4a:6d:a8:c2:3e:5b:4a:af:19:7e:e9:92:e6:c7:
e4:8f:55:56:5d:a5:62:b1:29:90:8e:ea:cf:86:a4:7b:69:d2:
eb:08:51:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZIqN7zsX2M2dM+EE7qohcEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwOTI1MTcyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg0ZWM5ZTk3YWIyZjA2NGMwNjk1ZjVmYWFjY2IxNGJmNmEyYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmC7s4b2pnCTKqCjvRMT/bWL4ctMC
pvuyF7wJrQvfOZ3mXKt8mhzeCBLt9lyt6tsAqTHsj0Bs2HtzCH9lXTifGXmQ/Xd8
VPfe1IlsCiGSVrq+8g1+qOw1CeK0eW0BcGe7eQWVwdMvDoyB2eaGDqk8WNb9QaQI
knaTDXKkXqD54UjvunQpORBzMWwnHDL3ZTfLnYZSbhDbvbtmg6bHyw0evc/34LTi
8XAS1oIREf1p5tAawig57cW1/l0yihNwl2zfNDOURCtGNhLi+bNOnjNHDT45Px3A
nNMDEJWW8jJbGtwrQG9bEmWEKSD/aymo+IFZPgXRI7sE/mt4WI5UcZGVDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDGE7J6Xqy8GTAaV9fqsyxS/aipBMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvTVlUc25wZXJMd1pNQnBYMS1xekxGTDlxS2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXXxAwQA
VXXzMA0GCSqGSIb3DQEBCwUAA4IBAQAI/rt2xXYvWBwYfWgmkp/nrWPENEzqgNHM
Q3rc4NE12osfcRd0nWZXGABC02LBjp33MNaLwTYjZCbeSvCJNMKmN1Wam/Z+TVUz
LiQhJ8sPRknrxNeweAoI8BI6E+8PzR/g9XCpRfIwrr4sYjf8fqBuxi0t1k/s9Y41
cP8iSHIuWZuW+mD1FK9GPsVNdJKwabpdvck4w5plXA/UG8AuFtwDsCOcfDgTeLIi
Xk88iCKQpmz4uzIQRwFR5NY+CrcDvKabDPsyi1JB3OUOmKuODKuh/s033RczXwV6
ucReSm2owj5bSq8ZfumS5sfkj1VWXaVisSmQjurPhqR7adLrCFGx
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:29 2025 by rpki-client