Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/MQ1SE2GiW9ki21WNyU-wfbh-aAM.roa
File: MQ1SE2GiW9ki21WNyU-wfbh-aAM.roa (raw, json)
Hash identifier: gS5NkZ8ZbPkmuwNraHzg8kNxk9W9C58DhkQq6MlnBxk=
Subject key identifier: 31:0D:52:13:61:A2:5B:D9:22:DB:55:8D:C9:4F:B0:7D:B8:7E:68:03
Certificate issuer: /CN=cab936b35f92cdec5e90df33bdc508661c27b455
Certificate serial: 01942067E5535046EBEE38E6468FD9725868
Authority key identifier: CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/MQ1SE2GiW9ki21WNyU-wfbh-aAM.roa
Signing time: Wed 01 Jan 2025 05:47:47 +0000
ROA not before: Wed 01 Jan 2025 05:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 45.94.100.0/22 maxlen: 22
193.178.44.0/22 maxlen: 22
2a12:b840::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 Jan 2025 11:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e5:53:50:46:eb:ee:38:e6:46:8f:d9:72:58:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab936b35f92cdec5e90df33bdc508661c27b455
Validity
Not Before: Jan 1 05:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=310d521361a25bd922db558dc94fb07db87e6803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:15:18:08:48:b6:a5:e5:c1:10:d3:e9:ab:01:
bf:bf:9e:3c:0c:9c:f0:2c:a8:01:24:21:fe:ef:7a:
30:43:3a:aa:31:f0:ae:17:08:04:26:b2:e9:09:df:
91:68:60:59:ca:15:98:13:91:94:42:13:ec:74:60:
48:36:2b:e9:3c:5b:73:0b:15:c5:3e:38:46:98:21:
e0:9c:52:9b:10:09:bb:17:cf:04:6e:c5:60:53:9a:
78:b2:d9:ed:65:8e:eb:c8:58:90:e6:3c:58:7f:c2:
c0:97:b2:be:86:10:cc:2c:70:d7:1b:42:f3:bb:53:
6a:82:68:dc:94:fe:14:4e:de:13:60:ce:1c:55:25:
71:64:63:d1:9d:f6:c7:a3:86:54:87:5e:67:44:96:
21:fe:52:c1:42:16:ce:7c:2c:81:b7:27:7f:dc:bb:
6f:66:92:60:02:e4:0c:1e:6b:a0:42:7d:e1:c7:a0:
5b:8e:90:9c:b4:b5:75:c4:60:fc:63:8a:62:9c:e6:
3b:2d:f1:57:c8:42:91:49:fe:3d:b2:b3:f4:91:b4:
5d:0b:62:38:b0:e3:2d:32:ec:33:ba:5e:c6:97:c5:
8c:db:5f:14:07:e0:5f:18:fd:d5:6f:61:cc:cc:2b:
e5:ce:72:0c:cb:99:07:f8:e8:c9:9d:68:3d:37:3e:
ce:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:0D:52:13:61:A2:5B:D9:22:DB:55:8D:C9:4F:B0:7D:B8:7E:68:03
X509v3 Authority Key Identifier:
keyid:CA:B9:36:B3:5F:92:CD:EC:5E:90:DF:33:BD:C5:08:66:1C:27:B4:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yrk2s1-SzexekN8zvcUIZhwntFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/MQ1SE2GiW9ki21WNyU-wfbh-aAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/2f977a-c0db-437e-9f60-5592360e3e8e/1/yrk2s1-SzexekN8zvcUIZhwntFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.100.0/22
193.178.44.0/22
IPv6:
2a12:b840::/32
Signature Algorithm: sha256WithRSAEncryption
06:59:cb:16:4c:b8:7a:a7:eb:94:36:02:09:ea:f6:76:d9:42:
54:7a:58:a5:1a:de:20:02:a8:1a:27:d9:ae:35:af:d7:92:87:
b4:02:d9:26:63:bf:37:e8:f5:f7:eb:7a:ec:c8:00:5e:08:7b:
52:e0:0f:74:ca:d5:bc:db:bf:f1:97:26:2d:6a:b0:8b:e3:5b:
8a:11:18:54:68:bd:66:92:0e:f1:a1:1c:69:ea:4a:98:97:de:
9c:4e:65:67:6b:88:7f:b3:11:3c:30:0f:d4:5b:3e:4d:95:cc:
44:96:59:27:f4:f7:f4:fd:af:64:79:62:fa:22:a1:bc:47:f8:
bd:47:40:d0:0c:9d:c1:c3:bb:1f:68:02:7c:8c:43:66:0c:d4:
f4:18:2f:60:c6:e0:2f:1a:b7:c4:14:25:b8:7d:b4:59:a9:ed:
6c:64:b2:98:3d:82:91:8a:44:aa:0f:8a:1b:8f:19:3d:21:c4:
04:7d:e4:4a:e6:c9:38:61:92:d4:3a:a7:ef:c0:79:60:65:0d:
5d:8e:41:4c:77:76:60:b4:06:f2:1b:b2:ab:e1:ae:b1:0e:e8:
7b:0b:0f:c5:88:e7:ed:74:fb:17:a2:7f:1d:97:91:0b:bd:dc:
1d:03:fd:63:08:60:a5:e9:21:08:6a:8c:af:f5:4e:1b:10:58:
76:45:72:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgZ+VTUEbr7jjmRo/ZclhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYjkzNmIzNWY5MmNkZWM1ZTkwZGYzM2JkYzUwODY2MWMy
N2I0NTUwHhcNMjUwMTAxMDU0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTBkNTIxMzYxYTI1YmQ5MjJkYjU1OGRjOTRmYjA3ZGI4N2U2ODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhUYCEi2peXBENPpqwG/v548DJzw
LKgBJCH+73owQzqqMfCuFwgEJrLpCd+RaGBZyhWYE5GUQhPsdGBINivpPFtzCxXF
PjhGmCHgnFKbEAm7F88EbsVgU5p4stntZY7ryFiQ5jxYf8LAl7K+hhDMLHDXG0Lz
u1NqgmjclP4UTt4TYM4cVSVxZGPRnfbHo4ZUh15nRJYh/lLBQhbOfCyBtyd/3Ltv
ZpJgAuQMHmugQn3hx6BbjpCctLV1xGD8Y4pinOY7LfFXyEKRSf49srP0kbRdC2I4
sOMtMuwzul7Gl8WM218UB+BfGP3Vb2HMzCvlznIMy5kH+OjJnWg9Nz7OwQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDENUhNholvZIttVjclPsH24fmgDMB8GA1UdIwQY
MBaAFMq5NrNfks3sXpDfM73FCGYcJ7RVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAt
NTU5MjM2MGUzZThlLzEvTVExU0UyR2lXOWtpMjFXTnlVLXdmYmgtYUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yZjk3N2EtYzBkYi00MzdlLTlmNjAtNTU5MjM2MGUzZThl
LzEveXJrMnMxLVN6ZXhla044enZjVUlaaHdudEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLV5kAwQC
wbIsMA0EAgACMAcDBQAqErhAMA0GCSqGSIb3DQEBCwUAA4IBAQAGWcsWTLh6p+uU
NgIJ6vZ22UJUelilGt4gAqgaJ9muNa/Xkoe0AtkmY7836PX363rsyABeCHtS4A90
ytW827/xlyYtarCL41uKERhUaL1mkg7xoRxp6kqYl96cTmVna4h/sxE8MA/UWz5N
lcxEllkn9Pf0/a9keWL6IqG8R/i9R0DQDJ3Bw7sfaAJ8jENmDNT0GC9gxuAvGrfE
FCW4fbRZqe1sZLKYPYKRikSqD4objxk9IcQEfeRK5sk4YZLUOqfvwHlgZQ1djkFM
d3ZgtAbyG7Kr4a6xDuh7Cw/FiOftdPsXon8dl5ELvdwdA/1jCGCl6SEIaoyv9U4b
EFh2RXJ4
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:10:42 2025 by rpki-client