Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/MXY_Fn-fZJXkSnDvzdpubj0kEOE.roa
File: MXY_Fn-fZJXkSnDvzdpubj0kEOE.roa (raw, json)
Hash identifier: WWA24+a2734amWk3WYuSaMhsVayTSyV9Egaz9gmADT0=
Subject key identifier: 31:76:3F:16:7F:9F:64:95:E4:4A:70:EF:CD:DA:6E:6E:3D:24:10:E1
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01961FEA9F14F851AE6A72A82BD8744FD556
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/MXY_Fn-fZJXkSnDvzdpubj0kEOE.roa
Signing time: Thu 10 Apr 2025 13:36:31 +0000
ROA not before: Thu 10 Apr 2025 13:36:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 188.209.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 13:53:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:ea:9f:14:f8:51:ae:6a:72:a8:2b:d8:74:4f:d5:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Apr 10 13:36:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31763f167f9f6495e44a70efcdda6e6e3d2410e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c5:e6:ab:6a:0f:8d:7f:f8:37:ac:84:6a:c0:
17:fa:43:d7:dd:1e:d8:2d:e6:89:97:98:89:e6:9b:
40:de:cd:b2:62:45:fc:21:fc:0b:bb:ae:60:2e:95:
c7:70:db:f6:f9:21:7c:3c:70:d3:0f:6c:31:8a:0f:
d7:45:03:47:3f:b0:6e:73:34:c7:ef:a9:f0:fe:a1:
59:52:2e:3e:cc:07:85:72:41:4b:ce:6c:ec:5a:bd:
ef:b3:cd:8e:65:c4:89:36:f6:55:37:c5:20:1a:76:
35:f3:96:d8:b1:74:df:99:18:47:e8:b8:f5:98:89:
0d:8d:d8:3c:59:d2:dd:21:b3:4a:52:ea:62:c0:45:
6b:e9:35:d4:96:e8:df:54:5d:ed:96:b9:21:43:04:
75:48:6a:97:53:aa:76:f4:9f:d8:db:58:0d:af:34:
7c:6d:b2:15:33:65:07:34:07:32:62:1b:41:e3:8b:
9d:52:d8:54:33:7a:99:48:d9:8f:bc:28:d3:c4:f7:
b6:55:55:73:07:34:40:48:7e:e0:6b:c3:1b:74:5a:
92:9d:52:42:44:9f:46:0f:a6:cc:e4:b3:93:0a:bb:
89:1b:e3:56:8d:dc:43:18:0e:8f:43:83:b1:83:25:
d2:fa:20:f7:e1:de:15:67:c7:c7:73:15:e3:db:b7:
3b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:76:3F:16:7F:9F:64:95:E4:4A:70:EF:CD:DA:6E:6E:3D:24:10:E1
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/MXY_Fn-fZJXkSnDvzdpubj0kEOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.131.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:9e:f7:7a:8a:41:b8:e6:93:cb:23:89:1e:b6:05:0e:bb:be:
43:c0:18:c3:bf:8c:6a:5c:eb:a6:f7:99:34:d6:d8:52:b6:68:
c7:9d:26:75:6b:20:c3:97:d8:53:93:bd:55:7d:e4:44:70:eb:
13:f6:33:29:c2:6d:27:3c:dd:f5:ae:a9:c1:2c:44:4b:8d:a7:
f5:7c:aa:cb:c0:55:14:be:0e:13:b6:b4:2c:65:be:aa:20:92:
1e:9f:8e:90:d9:d6:5a:47:4c:b8:bb:48:23:b1:06:bd:d9:0a:
70:95:21:53:89:b4:1e:64:df:6c:08:35:c7:97:ec:06:bd:2a:
75:3f:4a:de:10:c4:28:18:65:37:2e:2a:0e:d8:be:93:81:45:
9a:46:5d:2c:7b:11:0a:72:44:d5:76:71:3f:a4:70:84:2a:f6:
af:cd:08:10:52:f2:85:ce:f1:3f:96:26:47:46:fe:52:9f:78:
22:62:aa:05:1b:18:18:87:f8:3a:d6:d7:d0:20:e3:bf:3a:3c:
72:39:11:5c:bd:bf:b8:39:03:21:17:06:5c:e5:2a:70:c9:88:
3b:7d:d5:3e:fb:64:b9:dd:91:5b:be:ea:d2:80:cd:be:6f:ad:
6f:bb:04:e3:c7:42:69:d3:1f:b6:92:ff:24:31:55:0b:24:65:
7c:da:61:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYf6p8U+FGuanKoK9h0T9VWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwNDEwMTMzNjMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc2M2YxNjdmOWY2NDk1ZTQ0YTcwZWZjZGRhNmU2ZTNkMjQxMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8Xmq2oPjX/4N6yEasAX+kPX3R7Y
LeaJl5iJ5ptA3s2yYkX8IfwLu65gLpXHcNv2+SF8PHDTD2wxig/XRQNHP7BuczTH
76nw/qFZUi4+zAeFckFLzmzsWr3vs82OZcSJNvZVN8UgGnY185bYsXTfmRhH6Lj1
mIkNjdg8WdLdIbNKUupiwEVr6TXUlujfVF3tlrkhQwR1SGqXU6p29J/Y21gNrzR8
bbIVM2UHNAcyYhtB44udUthUM3qZSNmPvCjTxPe2VVVzBzRASH7ga8MbdFqSnVJC
RJ9GD6bM5LOTCruJG+NWjdxDGA6PQ4OxgyXS+iD34d4VZ8fHcxXj27c7oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDF2PxZ/n2SV5Epw783abm49JBDhMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvTVhZX0ZuLWZaSlhrU25EdnpkcHViajBrRU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGDMA0G
CSqGSIb3DQEBCwUAA4IBAQANnvd6ikG45pPLI4ketgUOu75DwBjDv4xqXOum95k0
1thStmjHnSZ1ayDDl9hTk71VfeREcOsT9jMpwm0nPN31rqnBLERLjaf1fKrLwFUU
vg4TtrQsZb6qIJIen46Q2dZaR0y4u0gjsQa92QpwlSFTibQeZN9sCDXHl+wGvSp1
P0reEMQoGGU3LioO2L6TgUWaRl0sexEKckTVdnE/pHCEKvavzQgQUvKFzvE/liZH
Rv5Sn3giYqoFGxgYh/g61tfQIOO/OjxyORFcvb+4OQMhFwZc5SpwyYg7fdU++2S5
3ZFbvurSgM2+b61vuwTjx0Jp0x+2kv8kMVULJGV82mF1
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:07:46 2025 by rpki-client