Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/Mf1P6XAuJ4ktEJ4AdFTAaVDq_f4.roa
File: Mf1P6XAuJ4ktEJ4AdFTAaVDq_f4.roa (raw, json)
Hash identifier: Msob3xK8hWxaqf92goRfSKRm4ABdluFWBMNL/Jowz9o=
Subject key identifier: 31:FD:4F:E9:70:2E:27:89:2D:10:9E:00:74:54:C0:69:50:EA:FD:FE
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018CC8DF0DA65E6E62157D038B794F0B79D0
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/Mf1P6XAuJ4ktEJ4AdFTAaVDq_f4.roa
Signing time: Tue 02 Jan 2024 06:31:50 +0000
ROA not before: Tue 02 Jan 2024 06:31:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 18
62.129.245.0/24 maxlen: 24
62.129.250.0/24 maxlen: 24
89.161.253.0/24 maxlen: 24
212.85.96.0/24 maxlen: 24
212.85.96.0/19 maxlen: 19
89.161.254.0/24 maxlen: 24
46.41.159.0/24 maxlen: 24
46.242.144.0/24 maxlen: 24
79.96.0.0/16 maxlen: 16
46.242.150.0/24 maxlen: 24
62.129.192.0/18 maxlen: 18
188.128.244.0/24 maxlen: 24
188.128.255.0/24 maxlen: 24
89.161.128.0/17 maxlen: 17
46.242.128.0/17 maxlen: 17
188.128.128.0/17 maxlen: 17
188.128.128.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
2a02:25a8:dead::/48 maxlen: 48
2a02:25ad:1a:d1::/64 maxlen: 64
2a02:25a8::/32 maxlen: 32
2a02:25a8::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 18 Feb 2024 07:58:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:0d:a6:5e:6e:62:15:7d:03:8b:79:4f:0b:79:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Jan 2 06:31:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31fd4fe9702e27892d109e007454c06950eafdfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:16:e9:c0:ee:18:2f:a4:2b:31:8e:20:e8:c5:
c8:65:52:b4:75:ec:13:ce:db:96:e5:83:29:a4:19:
c7:fc:94:03:dc:55:0d:f7:18:13:1a:85:4d:bc:71:
04:2c:08:f4:b6:d0:ec:83:b2:69:14:bd:2e:1f:81:
12:78:39:ef:c5:ef:47:b1:e4:67:fe:63:22:d2:e4:
0b:fa:e6:56:1d:36:fb:cc:ee:04:e0:7e:fa:b2:bd:
a2:aa:54:51:8d:33:cb:97:4c:84:3e:91:33:9d:cc:
b5:7c:85:a9:a7:7c:73:cd:e8:eb:48:98:a6:86:e3:
00:0f:37:62:54:15:bb:79:d3:b8:43:22:a5:d1:a3:
b7:9d:9b:2d:75:a4:c2:cc:4e:af:34:84:5b:97:36:
d0:a1:ec:b8:34:78:42:ed:ad:10:55:a9:9b:29:de:
f5:dc:6c:69:11:41:42:9a:e2:54:2f:73:ff:e8:6f:
dc:20:1c:2c:33:a0:9b:dd:c8:de:58:d8:30:16:6b:
7a:75:1b:8f:f7:b0:20:8d:c1:7a:30:16:e1:bb:b0:
7d:a2:a4:ff:d3:bb:9c:5f:f3:37:01:12:ec:65:f0:
12:fa:ea:1a:1b:a2:4b:13:87:3f:82:a6:a7:d2:2c:
95:cb:28:68:48:e4:70:4b:5d:69:9c:fb:d6:99:55:
d7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:FD:4F:E9:70:2E:27:89:2D:10:9E:00:74:54:C0:69:50:EA:FD:FE
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/Mf1P6XAuJ4ktEJ4AdFTAaVDq_f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
69:86:f7:fc:67:a3:fc:dd:38:87:14:da:66:2b:7d:38:10:12:
cd:14:09:78:67:30:7c:38:7e:e7:40:2c:0c:b6:08:a1:4b:d8:
3e:a3:44:eb:07:d8:ad:7d:fa:3e:71:8a:39:12:70:a5:dd:8e:
cc:55:95:56:13:60:5a:16:b3:03:0d:15:68:16:6c:63:5d:31:
36:a7:e2:dc:c7:25:9b:a7:73:91:ae:3c:17:61:af:cb:ca:a7:
74:b6:6b:ff:20:da:fd:af:60:5f:ad:a5:c3:a3:cd:84:05:1b:
81:73:62:54:72:7e:fb:a0:89:a2:d0:74:27:1b:0c:ff:3c:9f:
43:dd:b2:94:fa:1e:13:54:70:ee:1d:52:d8:fd:ce:9d:d7:a0:
27:77:59:05:cc:89:09:08:ae:7c:b4:ff:40:a2:0c:16:9e:b7:
ab:26:26:ef:4b:52:62:30:fb:c9:9c:2d:bf:76:2d:3b:fd:f7:
f1:5d:9a:ff:32:85:14:a1:60:af:c6:81:14:6b:72:2e:08:1c:
4a:47:5f:2b:0c:4d:eb:b3:1f:f7:d3:74:12:2a:b8:d2:a4:80:
ea:3a:d9:ba:84:fe:04:a8:14:48:24:1b:0b:b8:2e:f7:9e:48:
fd:a5:b5:76:ce:f2:a5:bc:a6:b2:50:70:f2:bd:d7:52:f6:22:
56:30:84:d0
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzI3w2mXm5iFX0Di3lPC3nQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjQwMTAyMDYzMTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWZkNGZlOTcwMmUyNzg5MmQxMDllMDA3NDU0YzA2OTUwZWFmZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BbpwO4YL6QrMY4g6MXIZVK0dewT
ztuW5YMppBnH/JQD3FUN9xgTGoVNvHEELAj0ttDsg7JpFL0uH4ESeDnvxe9HseRn
/mMi0uQL+uZWHTb7zO4E4H76sr2iqlRRjTPLl0yEPpEzncy1fIWpp3xzzejrSJim
huMADzdiVBW7edO4QyKl0aO3nZstdaTCzE6vNIRblzbQoey4NHhC7a0QVambKd71
3GxpEUFCmuJUL3P/6G/cIBwsM6Cb3cjeWNgwFmt6dRuP97AgjcF6MBbhu7B9oqT/
07ucX/M3ARLsZfAS+uoaG6JLE4c/gqan0iyVyyhoSORwS11pnPvWmVXXrwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDH9T+lwLieJLRCeAHRUwGlQ6v3+MB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvTWYxUDZYQXVKNGt0RUo0QWRGVEFhVkRxX2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGLimAAwQH
LvKAAwQGPoHAAwMAT2ADBAdZoYADBAe8gIADBAXUVWAwDQQCAAIwBwMFAyoCJagw
DQYJKoZIhvcNAQELBQADggEBAGmG9/xno/zdOIcU2mYrfTgQEs0UCXhnMHw4fudA
LAy2CKFL2D6jROsH2K19+j5xijkScKXdjsxVlVYTYFoWswMNFWgWbGNdMTan4tzH
JZunc5GuPBdhr8vKp3S2a/8g2v2vYF+tpcOjzYQFG4FzYlRyfvugiaLQdCcbDP88
n0PdspT6HhNUcO4dUtj9zp3XoCd3WQXMiQkIrny0/0CiDBaet6smJu9LUmIw+8mc
Lb92LTv99/Fdmv8yhRShYK/GgRRrci4IHEpHXysMTeuzH/fTdBIquNKkgOo62bqE
/gSoFEgkGwu4LveeSP2ltXbO8qW8prJQcPK911L2IlYwhNA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:26 2025 by rpki-client