Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/a635af-a46d-4d0b-b931-a3abdbd1da06/1/mBTYuLmXXcpeF62DbU0H4bzfinA.roa
File: mBTYuLmXXcpeF62DbU0H4bzfinA.roa (raw, json)
Hash identifier: JD/m6MgIU7rD+YnNGJul8h550qCDtC/84sSppbPibBg=
Subject key identifier: 98:14:D8:B8:B9:97:5D:CA:5E:17:AD:83:6D:4D:07:E1:BC:DF:8A:70
Certificate issuer: /CN=f12d94bb3dc534a6427fe9a67300d8f4c49146c4
Certificate serial: 0192B3AAA0EDD5CCB8627826009D4963E4FE
Authority key identifier: F1:2D:94:BB:3D:C5:34:A6:42:7F:E9:A6:73:00:D8:F4:C4:91:46:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8S2Uuz3FNKZCf-mmcwDY9MSRRsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/a635af-a46d-4d0b-b931-a3abdbd1da06/1/mBTYuLmXXcpeF62DbU0H4bzfinA.roa
Signing time: Tue 22 Oct 2024 09:59:16 +0000
ROA not before: Tue 22 Oct 2024 09:59:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209899
IP address blocks: 185.136.244.0/22 maxlen: 24
2a09:300::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Oct 2024 11:24:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:aa:a0:ed:d5:cc:b8:62:78:26:00:9d:49:63:e4:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f12d94bb3dc534a6427fe9a67300d8f4c49146c4
Validity
Not Before: Oct 22 09:59:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9814d8b8b9975dca5e17ad836d4d07e1bcdf8a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ad:5e:e8:72:a4:04:6d:cb:96:2e:99:ca:b5:
71:65:d6:d9:bf:82:2c:7d:84:8e:a5:39:b0:5c:b8:
42:74:61:ac:f6:4e:72:04:54:26:86:bd:68:59:25:
32:5f:7a:df:b3:83:c3:69:31:28:a6:c0:b7:ab:0b:
7f:94:6d:ac:57:27:81:44:b0:9f:0f:b2:e3:fd:b5:
5d:7c:0b:ef:53:20:d4:e0:58:8d:79:af:da:7d:f8:
1f:d5:b9:15:89:d7:59:64:19:fa:87:01:70:cb:5e:
ca:39:b3:5f:f1:5a:dc:49:49:38:9b:e8:84:a0:ea:
37:00:c4:c8:b2:6a:3f:18:0c:ab:4c:d0:77:26:3d:
84:5a:53:1b:70:c7:2a:a2:50:1d:2c:9e:70:b5:f9:
12:58:d9:29:a3:09:58:83:4f:f1:d8:8e:df:75:98:
42:2a:9d:ae:02:d4:0e:11:01:a4:9b:e2:b7:1a:f9:
e0:a4:44:62:65:51:ba:12:a9:97:47:62:f4:7a:41:
43:7a:a7:e6:92:28:0f:1a:12:73:48:4a:68:49:ce:
a0:ed:05:93:93:89:8e:f9:d7:54:0b:58:74:a8:1f:
f4:9c:db:1d:fd:a4:7d:dc:a6:e7:80:d4:04:5e:0c:
61:e2:e7:39:57:08:88:ca:5b:b9:a6:70:04:e0:a7:
76:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:14:D8:B8:B9:97:5D:CA:5E:17:AD:83:6D:4D:07:E1:BC:DF:8A:70
X509v3 Authority Key Identifier:
keyid:F1:2D:94:BB:3D:C5:34:A6:42:7F:E9:A6:73:00:D8:F4:C4:91:46:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8S2Uuz3FNKZCf-mmcwDY9MSRRsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/a635af-a46d-4d0b-b931-a3abdbd1da06/1/mBTYuLmXXcpeF62DbU0H4bzfinA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/a635af-a46d-4d0b-b931-a3abdbd1da06/1/8S2Uuz3FNKZCf-mmcwDY9MSRRsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.244.0/22
IPv6:
2a09:300::/29
Signature Algorithm: sha256WithRSAEncryption
12:3d:48:5d:71:be:74:71:3a:6b:40:a0:ad:81:6e:7e:af:03:
2d:8e:e2:dd:f6:a2:00:4e:d8:7f:5c:b0:4e:ea:d9:6f:17:7f:
c6:01:29:5c:55:22:3b:df:a8:fc:99:97:cf:b9:54:68:7e:97:
c2:38:13:de:f6:46:ff:de:98:55:aa:95:26:da:26:e1:d6:d3:
34:6b:ef:c4:af:a3:e0:7e:1f:7f:8b:44:fe:ab:0c:b6:aa:10:
64:dc:aa:cf:d8:80:23:c0:e4:42:08:24:b1:30:25:50:3b:ca:
a1:d5:a8:3b:cc:df:38:24:8e:a8:52:a6:ec:00:6e:39:bb:9a:
e8:fd:48:2e:ca:17:d1:72:38:4e:9a:3a:7b:65:97:1b:31:96:
8d:09:21:20:3d:36:66:63:7d:e7:19:9a:8b:c0:ff:39:a0:f3:
39:4f:c9:7c:30:e6:8c:75:64:14:3f:a6:c1:89:a6:42:13:1d:
d7:81:56:fc:e1:d7:e8:1e:b9:eb:d3:20:b2:a0:52:b6:98:72:
b5:90:da:da:6c:6f:45:a0:17:db:56:8b:29:22:c6:9a:c5:5d:
29:15:6e:dd:37:c1:11:ee:3a:a9:e9:83:d6:04:87:68:a0:d9:
08:ad:23:8a:43:e6:a1:99:c8:67:ff:44:1c:5a:17:2c:c9:66:
f8:8a:9d:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKzqqDt1cy4YngmAJ1JY+T+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMmQ5NGJiM2RjNTM0YTY0MjdmZTlhNjczMDBkOGY0YzQ5
MTQ2YzQwHhcNMjQxMDIyMDk1OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE0ZDhiOGI5OTc1ZGNhNWUxN2FkODM2ZDRkMDdlMWJjZGY4YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl61e6HKkBG3Lli6ZyrVxZdbZv4Is
fYSOpTmwXLhCdGGs9k5yBFQmhr1oWSUyX3rfs4PDaTEopsC3qwt/lG2sVyeBRLCf
D7Lj/bVdfAvvUyDU4FiNea/affgf1bkViddZZBn6hwFwy17KObNf8VrcSUk4m+iE
oOo3AMTIsmo/GAyrTNB3Jj2EWlMbcMcqolAdLJ5wtfkSWNkpowlYg0/x2I7fdZhC
Kp2uAtQOEQGkm+K3GvngpERiZVG6EqmXR2L0ekFDeqfmkigPGhJzSEpoSc6g7QWT
k4mO+ddUC1h0qB/0nNsd/aR93KbngNQEXgxh4uc5VwiIylu5pnAE4Kd2fwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJgU2Li5l13KXhetg21NB+G834pwMB8GA1UdIwQY
MBaAFPEtlLs9xTSmQn/ppnMA2PTEkUbEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFMyVXV6M0ZOS1pDZi1tbWN3RFk5TVNSUnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9hNjM1YWYtYTQ2ZC00ZDBiLWI5MzEt
YTNhYmRiZDFkYTA2LzEvbUJUWXVMbVhYY3BlRjYyRGJVMEg0YnpmaW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9hNjM1YWYtYTQ2ZC00ZDBiLWI5MzEtYTNhYmRiZDFkYTA2
LzEvOFMyVXV6M0ZOS1pDZi1tbWN3RFk5TVNSUnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYj0MA0E
AgACMAcDBQMqCQMAMA0GCSqGSIb3DQEBCwUAA4IBAQASPUhdcb50cTprQKCtgW5+
rwMtjuLd9qIATth/XLBO6tlvF3/GASlcVSI736j8mZfPuVRofpfCOBPe9kb/3phV
qpUm2ibh1tM0a+/Er6Pgfh9/i0T+qwy2qhBk3KrP2IAjwORCCCSxMCVQO8qh1ag7
zN84JI6oUqbsAG45u5ro/UguyhfRcjhOmjp7ZZcbMZaNCSEgPTZmY33nGZqLwP85
oPM5T8l8MOaMdWQUP6bBiaZCEx3XgVb84dfoHrnr0yCyoFK2mHK1kNrabG9FoBfb
VospIsaaxV0pFW7dN8ER7jqp6YPWBIdooNkIrSOKQ+ahmchn/0QcWhcsyWb4ip1a
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:59:55 2025 by rpki-client