Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/mpMztQUEME3iyEaa3Mr3pFC026Q.roa
File: mpMztQUEME3iyEaa3Mr3pFC026Q.roa (raw, json)
Hash identifier: Je5ujBWq375KIRmPcEwKYEUcqcOiBz5WDxYSoNCeYHw=
Subject key identifier: 9A:93:33:B5:05:04:30:4D:E2:C8:46:9A:DC:CA:F7:A4:50:B4:DB:A4
Certificate issuer: /CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Certificate serial: 019423D7259EC2190B24B161B2ADCCBAC2EA
Authority key identifier: 02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/mpMztQUEME3iyEaa3Mr3pFC026Q.roa
Signing time: Wed 01 Jan 2025 21:48:09 +0000
ROA not before: Wed 01 Jan 2025 21:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208731
IP address blocks: 147.78.192.0/23 maxlen: 24
185.203.112.0/24 maxlen: 24
2a0f:98c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 Jan 2025 15:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:25:9e:c2:19:0b:24:b1:61:b2:ad:cc:ba:c2:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Validity
Not Before: Jan 1 21:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a9333b50504304de2c8469adccaf7a450b4dba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:4d:b6:fc:9e:c2:73:ec:73:da:2d:f2:63:
fc:63:84:b2:4a:98:d3:29:bd:c9:67:55:fc:a4:7e:
b5:87:c8:5d:8d:c3:55:dd:10:39:09:34:9d:e9:23:
41:ef:49:53:a9:5c:34:d9:c0:03:ce:d9:62:c9:1d:
ec:cc:4c:44:08:34:1a:96:cc:a4:03:ab:7d:e5:18:
19:29:9b:e5:9b:77:45:e8:bf:be:7f:3c:47:e9:59:
62:31:a8:f7:c5:23:ab:4e:02:34:dc:83:d7:cf:1c:
99:30:4e:4b:31:c4:54:dd:0c:c0:26:55:6c:c2:28:
d1:7e:8e:f8:80:50:25:52:d8:f6:37:92:57:80:2a:
61:51:2c:63:f7:40:cf:11:6f:52:8d:9c:16:98:30:
ef:a7:2b:24:2d:24:0e:1e:d6:b5:7b:fe:e0:f5:04:
a7:36:7a:5f:35:4f:65:b1:a5:a9:df:44:e2:68:15:
26:70:06:2f:ad:06:23:1a:b5:bb:4b:c0:01:c2:83:
be:dc:36:23:0e:53:20:78:4b:39:9e:45:65:82:ea:
d3:c4:21:7a:20:17:00:f9:05:04:2d:bd:0f:77:d1:
f1:a3:fc:c0:e0:fd:e8:46:66:1e:b3:1f:52:2e:21:
9c:1e:98:02:9a:aa:17:77:e3:10:e5:44:4b:0f:85:
08:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:93:33:B5:05:04:30:4D:E2:C8:46:9A:DC:CA:F7:A4:50:B4:DB:A4
X509v3 Authority Key Identifier:
keyid:02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/mpMztQUEME3iyEaa3Mr3pFC026Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/AvxcBk9RWcih-kBmyMuP9wFnHdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.192.0/23
185.203.112.0/24
IPv6:
2a0f:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
87:30:d4:d4:d7:20:01:8e:2b:70:c9:fd:83:99:b2:e2:73:be:
40:99:16:77:88:70:c5:54:dc:2c:d3:98:3f:26:0e:52:b6:bd:
f3:7e:6e:7b:2d:2d:d8:9e:bd:43:cf:ab:81:2b:b9:ef:1b:12:
f3:e1:6d:ca:33:21:59:80:ab:8f:15:39:5b:cb:5e:3e:d9:c9:
78:14:d1:8a:67:73:51:9c:a0:1c:3d:24:fa:2f:95:62:86:33:
a8:34:ab:57:78:0d:7a:57:0b:d9:24:a1:58:7a:a0:e6:08:5d:
ac:e2:b1:eb:e2:ab:74:2c:26:25:be:9a:31:72:d3:26:8c:44:
12:6e:cb:f6:c0:34:f1:f5:63:2f:59:65:ef:bd:6a:1e:96:ce:
3e:54:79:58:1b:2d:e6:42:45:ec:f1:af:2c:0d:49:7c:bd:51:
e8:96:b4:ab:6a:61:a2:e5:cc:7d:d0:f7:10:d8:d1:ee:13:93:
16:d8:cc:2d:ab:0a:b8:4d:54:b1:7d:cd:d8:b4:a5:d4:54:1e:
1c:0a:77:7a:71:f6:e2:a2:61:ae:e7:4e:d0:af:7c:cb:95:a6:
56:48:2c:05:af:c4:37:4d:51:3e:55:cb:2b:55:21:32:a0:d3:
ae:8b:ce:20:08:59:ef:b1:24:9d:ce:41:56:e9:3d:0d:2d:41:
f9:e6:8b:e4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQj1yWewhkLJLFhsq3MusLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZmM1YzA2NGY1MTU5YzhhMWZhNDA2NmM4Y2I4ZmY3MDE2
NzFkZDIwHhcNMjUwMTAxMjE0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTkzMzNiNTA1MDQzMDRkZTJjODQ2OWFkY2NhZjdhNDUwYjRkYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT5NtvyewnPsc9ot8mP8Y4SySpjT
Kb3JZ1X8pH61h8hdjcNV3RA5CTSd6SNB70lTqVw02cADztliyR3szExECDQalsyk
A6t95RgZKZvlm3dF6L++fzxH6VliMaj3xSOrTgI03IPXzxyZME5LMcRU3QzAJlVs
wijRfo74gFAlUtj2N5JXgCphUSxj90DPEW9SjZwWmDDvpyskLSQOHta1e/7g9QSn
NnpfNU9lsaWp30TiaBUmcAYvrQYjGrW7S8ABwoO+3DYjDlMgeEs5nkVlgurTxCF6
IBcA+QUELb0Pd9Hxo/zA4P3oRmYesx9SLiGcHpgCmqoXd+MQ5URLD4UIYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJqTM7UFBDBN4shGmtzK96RQtNukMB8GA1UdIwQY
MBaAFAL8XAZPUVnIofpAZsjLj/cBZx3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEt
NzkyYTkxYzVjYTJiLzEvbXBNenRRVUVNRTNpeUVhYTNNcjNwRkMwMjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEtNzkyYTkxYzVjYTJi
LzEvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBk07AAwQA
uctwMA0EAgACMAcDBQMqD5jAMA0GCSqGSIb3DQEBCwUAA4IBAQCHMNTU1yABjitw
yf2DmbLic75AmRZ3iHDFVNws05g/Jg5Str3zfm57LS3Ynr1Dz6uBK7nvGxLz4W3K
MyFZgKuPFTlby14+2cl4FNGKZ3NRnKAcPST6L5VihjOoNKtXeA16VwvZJKFYeqDm
CF2s4rHr4qt0LCYlvpoxctMmjEQSbsv2wDTx9WMvWWXvvWoels4+VHlYGy3mQkXs
8a8sDUl8vVHolrSramGi5cx90PcQ2NHuE5MW2Mwtqwq4TVSxfc3YtKXUVB4cCnd6
cfbiomGu507Qr3zLlaZWSCwFr8Q3TVE+VcsrVSEyoNOui84gCFnvsSSdzkFW6T0N
LUH55ovk
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:59:00 2025 by rpki-client