Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/mP9WL388Y7MFHXg8sEwNxvsGMs4.roa
File: mP9WL388Y7MFHXg8sEwNxvsGMs4.roa (raw, json)
Hash identifier: YcXqFmAq1wmL09eEpUFw9YOsVa4vb/o70hia9cy07Qg=
Subject key identifier: 98:FF:56:2F:7F:3C:63:B3:05:1D:78:3C:B0:4C:0D:C6:FB:06:32:CE
Certificate issuer: /CN=3c21fac5e895e5b7ce66fe089ffd0b2f61550d21
Certificate serial: 018CC49326DDF6EEF3AD755F197FA5972560
Authority key identifier: 3C:21:FA:C5:E8:95:E5:B7:CE:66:FE:08:9F:FD:0B:2F:61:55:0D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PCH6xeiV5bfOZv4In_0LL2FVDSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/mP9WL388Y7MFHXg8sEwNxvsGMs4.roa
Signing time: Mon 01 Jan 2024 10:30:27 +0000
ROA not before: Mon 01 Jan 2024 10:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207597
IP address blocks: 92.119.4.0/24 maxlen: 24
92.119.5.0/24 maxlen: 24
92.119.7.0/24 maxlen: 24
92.119.6.0/24 maxlen: 24
2a09:afc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:26:dd:f6:ee:f3:ad:75:5f:19:7f:a5:97:25:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c21fac5e895e5b7ce66fe089ffd0b2f61550d21
Validity
Not Before: Jan 1 10:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98ff562f7f3c63b3051d783cb04c0dc6fb0632ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e3:ad:54:44:04:ef:e5:dc:96:43:f7:3f:3f:
4b:78:7b:e6:cb:0f:9b:e8:d4:37:3a:34:09:a6:e7:
8c:86:37:18:ac:03:e6:25:18:e7:2d:ba:86:c3:d6:
5d:c7:50:20:d5:9d:44:0f:fd:c5:85:f8:98:f5:32:
1b:25:45:15:7b:49:27:05:cf:48:f9:d1:4e:13:6f:
1f:84:98:f5:52:44:55:07:8c:d3:63:03:f9:ff:22:
04:89:38:a8:0d:c9:c6:ba:33:d0:39:00:3f:f5:c3:
23:28:12:3d:41:98:40:b7:b8:70:dd:87:7c:63:c8:
ef:25:95:8b:e4:c0:ae:a5:2c:dc:0a:30:72:86:5c:
4b:e8:e1:8f:81:e7:ff:21:21:8b:53:e5:86:97:c8:
6a:d3:15:76:68:e3:d2:be:41:d6:8b:11:a8:4e:9d:
f2:2f:89:5c:8b:73:a5:67:f8:5d:21:b1:c6:23:e8:
da:93:ad:fd:24:d9:9a:5d:1c:aa:ae:e6:67:b3:5b:
23:ca:14:09:9a:57:96:1e:b9:be:14:4d:15:67:91:
81:d2:2c:a2:3f:eb:85:c1:9f:e7:7a:ff:a5:24:95:
d4:3f:bc:10:93:83:76:b0:00:48:fe:97:c5:9f:80:
cd:52:f6:dc:b2:d2:33:47:35:13:fd:b0:ef:e0:8a:
7d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FF:56:2F:7F:3C:63:B3:05:1D:78:3C:B0:4C:0D:C6:FB:06:32:CE
X509v3 Authority Key Identifier:
keyid:3C:21:FA:C5:E8:95:E5:B7:CE:66:FE:08:9F:FD:0B:2F:61:55:0D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PCH6xeiV5bfOZv4In_0LL2FVDSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/mP9WL388Y7MFHXg8sEwNxvsGMs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/60b006-6b53-4f00-a488-485dd4ad54fb/1/PCH6xeiV5bfOZv4In_0LL2FVDSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.4.0/22
IPv6:
2a09:afc0::/48
Signature Algorithm: sha256WithRSAEncryption
38:76:9d:8f:85:04:64:ff:0d:69:99:1f:91:d8:27:bc:3b:1c:
80:69:f9:39:76:8a:ea:40:d4:b7:0c:bb:de:97:40:f6:1d:5d:
62:98:97:aa:34:43:17:31:0d:0f:8f:bf:f2:bd:f5:4c:94:85:
c2:ef:d5:22:96:7e:9d:eb:50:14:b8:4d:dd:ec:03:d3:72:c9:
c5:94:c7:ae:ab:65:61:4a:39:ae:8b:ca:ca:47:5b:72:3f:b7:
81:97:91:25:35:72:56:d2:e1:8b:41:00:98:37:ab:bf:2d:b9:
c0:91:48:f8:49:65:34:d9:72:8f:b8:83:4f:2f:22:97:9a:d9:
99:43:bc:e7:f2:13:ec:70:c2:69:d8:a7:1a:c5:8b:c6:57:76:
6e:1b:8e:d7:9a:74:78:0d:6c:01:07:c9:b2:58:ae:4e:3d:01:
24:fa:99:6f:a4:15:b0:b8:3e:e7:3b:05:74:af:16:32:e2:22:
e2:84:7d:71:1b:73:01:ae:2d:fd:5f:92:e2:5a:59:3d:28:d4:
56:d0:78:f6:d9:6f:1f:db:7d:d2:10:ce:d8:2d:8f:29:44:2a:
c9:82:2d:d1:5a:4e:78:18:46:89:27:7a:75:fa:be:ab:a0:cd:
76:b9:d7:cf:55:45:69:78:87:32:c1:77:a2:aa:b9:3d:7b:b0:
4c:0b:de:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEkybd9u7zrXVfGX+llyVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMjFmYWM1ZTg5NWU1YjdjZTY2ZmUwODlmZmQwYjJmNjE1
NTBkMjEwHhcNMjQwMTAxMTAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZmNTYyZjdmM2M2M2IzMDUxZDc4M2NiMDRjMGRjNmZiMDYzMmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOOtVEQE7+XclkP3Pz9LeHvmyw+b
6NQ3OjQJpueMhjcYrAPmJRjnLbqGw9Zdx1Ag1Z1ED/3FhfiY9TIbJUUVe0knBc9I
+dFOE28fhJj1UkRVB4zTYwP5/yIEiTioDcnGujPQOQA/9cMjKBI9QZhAt7hw3Yd8
Y8jvJZWL5MCupSzcCjByhlxL6OGPgef/ISGLU+WGl8hq0xV2aOPSvkHWixGoTp3y
L4lci3OlZ/hdIbHGI+jak639JNmaXRyqruZns1sjyhQJmleWHrm+FE0VZ5GB0iyi
P+uFwZ/nev+lJJXUP7wQk4N2sABI/pfFn4DNUvbcstIzRzUT/bDv4Ip9rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJj/Vi9/PGOzBR14PLBMDcb7BjLOMB8GA1UdIwQY
MBaAFDwh+sXoleW3zmb+CJ/9Cy9hVQ0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUENINnhlaVY1YmZPWnY0SW5fMExMMkZWRFNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82MGIwMDYtNmI1My00ZjAwLWE0ODgt
NDg1ZGQ0YWQ1NGZiLzEvbVA5V0wzODhZN01GSFhnOHNFd054dnNHTXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82MGIwMDYtNmI1My00ZjAwLWE0ODgtNDg1ZGQ0YWQ1NGZi
LzEvUENINnhlaVY1YmZPWnY0SW5fMExMMkZWRFNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCXHcEMA8E
AgACMAkDBwAqCa/AAAAwDQYJKoZIhvcNAQELBQADggEBADh2nY+FBGT/DWmZH5HY
J7w7HIBp+Tl2iupA1LcMu96XQPYdXWKYl6o0QxcxDQ+Pv/K99UyUhcLv1SKWfp3r
UBS4Td3sA9NyycWUx66rZWFKOa6LyspHW3I/t4GXkSU1clbS4YtBAJg3q78tucCR
SPhJZTTZco+4g08vIpea2ZlDvOfyE+xwwmnYpxrFi8ZXdm4bjteadHgNbAEHybJY
rk49AST6mW+kFbC4Puc7BXSvFjLiIuKEfXEbcwGuLf1fkuJaWT0o1FbQePbZbx/b
fdIQztgtjylEKsmCLdFaTngYRoknenX6vqugzXa5189VRWl4hzLBd6KquT17sEwL
3k4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:31:39 2025 by rpki-client