Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/mOdcHCOMS--gSQx3SuVcrrLbjNA.roa
File: mOdcHCOMS--gSQx3SuVcrrLbjNA.roa (raw, json)
Hash identifier: 6fnw9cRhFgsK10r3z60BIGB5LA5pYlZo0GUqcK+JLKM=
Subject key identifier: 98:E7:5C:1C:23:8C:4B:EF:A0:49:0C:77:4A:E5:5C:AE:B2:DB:8C:D0
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 01961F31AEFA931CF0DA78F0DB36B97E4CBF
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/mOdcHCOMS--gSQx3SuVcrrLbjNA.roa
Signing time: Thu 10 Apr 2025 10:14:31 +0000
ROA not before: Thu 10 Apr 2025 10:14:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 2a05:8944::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Apr 2025 11:14:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1f:31:ae:fa:93:1c:f0:da:78:f0:db:36:b9:7e:4c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Apr 10 10:14:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98e75c1c238c4befa0490c774ae55caeb2db8cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f4:fd:34:63:a3:a6:91:f4:4d:73:9f:dc:d2:
a3:7e:93:02:a0:83:ec:8a:d0:ef:b3:18:77:ef:52:
24:e5:ef:01:d4:f7:04:e2:5f:51:5a:e8:85:45:6b:
b4:3b:9c:15:c5:d6:bc:63:3f:d7:b6:5a:6c:9a:d0:
51:59:2c:04:c3:be:c7:7b:13:5b:f8:8f:88:ee:5e:
90:0a:0a:c6:62:d0:20:1f:4d:29:18:14:1f:10:82:
96:06:29:66:f3:29:a2:73:6b:49:4b:99:9e:b9:22:
8c:81:d9:da:c0:76:e7:5f:6b:77:32:50:5b:37:df:
44:63:ed:10:3e:b1:db:27:88:35:04:33:50:b7:f5:
db:16:b3:12:c3:ea:2c:6d:98:c5:b9:d1:9d:e2:6f:
a0:03:f4:66:4c:2c:ca:04:7d:35:c4:15:34:5e:e6:
37:8a:14:58:04:79:b6:c7:13:6f:45:d0:e2:b9:bc:
13:f8:0a:21:43:b8:8e:5e:11:8e:fa:23:88:84:8d:
89:e1:50:bd:11:83:cf:e7:a2:9e:7f:6e:bf:b0:a8:
46:61:83:2e:e0:1a:ac:fc:d9:f3:23:53:fb:15:d7:
cb:f3:fb:0e:86:7a:c6:d6:b8:10:ff:2d:cb:f8:0f:
75:aa:6b:58:1d:5d:80:16:9c:30:a4:5d:79:93:64:
6b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E7:5C:1C:23:8C:4B:EF:A0:49:0C:77:4A:E5:5C:AE:B2:DB:8C:D0
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/mOdcHCOMS--gSQx3SuVcrrLbjNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:8944::/32
Signature Algorithm: sha256WithRSAEncryption
10:69:1d:4e:cf:be:74:d7:8a:5a:97:f9:67:e2:3d:90:1f:25:
f7:1a:f4:0b:8e:27:8c:f3:a4:36:f7:07:cd:24:84:d0:bb:23:
f5:07:04:d8:a7:54:05:7e:f7:8d:65:59:b7:3f:d7:a9:75:68:
5e:08:00:12:f1:88:e5:37:b7:90:71:7d:69:d8:9d:70:f1:6a:
4f:41:3f:90:27:d6:04:11:86:5b:35:7a:37:68:f0:3f:7b:46:
6d:9b:1a:ef:19:76:c7:49:9c:f0:14:71:4b:2d:48:21:40:ee:
ce:62:24:f7:5d:c2:d4:39:5c:90:4b:b5:04:b9:74:12:19:6c:
4b:46:3f:09:7d:2f:0b:f2:5f:08:31:df:42:2c:99:a8:24:54:
93:16:65:c9:5c:7d:80:9a:cc:46:0d:c8:67:18:87:ea:b0:39:
d7:fa:95:94:32:15:55:f2:80:51:2f:9e:02:8c:8d:81:96:c8:
a1:6d:59:91:9e:7d:ca:20:ca:48:e2:4c:6e:04:2c:7e:8d:4f:
96:17:7d:50:1e:6b:22:27:f7:63:0b:8e:99:05:11:36:30:e2:
54:e7:96:18:64:81:02:16:b3:14:1a:6a:0d:7c:35:78:ac:75:
7a:d4:2d:36:86:d1:00:01:19:cf:6d:8b:8f:f1:95:c8:61:3c:
03:ca:c0:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZYfMa76kxzw2njw2za5fky/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjUwNDEwMTAxNDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGU3NWMxYzIzOGM0YmVmYTA0OTBjNzc0YWU1NWNhZWIyZGI4Y2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/T9NGOjppH0TXOf3NKjfpMCoIPs
itDvsxh371Ik5e8B1PcE4l9RWuiFRWu0O5wVxda8Yz/XtlpsmtBRWSwEw77HexNb
+I+I7l6QCgrGYtAgH00pGBQfEIKWBilm8ymic2tJS5meuSKMgdnawHbnX2t3MlBb
N99EY+0QPrHbJ4g1BDNQt/XbFrMSw+osbZjFudGd4m+gA/RmTCzKBH01xBU0XuY3
ihRYBHm2xxNvRdDiubwT+AohQ7iOXhGO+iOIhI2J4VC9EYPP56Kef26/sKhGYYMu
4Bqs/NnzI1P7FdfL8/sOhnrG1rgQ/y3L+A91qmtYHV2AFpwwpF15k2RrLwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJjnXBwjjEvvoEkMd0rlXK6y24zQMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvbU9kY0hDT01TLS1nU1F4M1N1VmNyckxiak5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgWJRDAN
BgkqhkiG9w0BAQsFAAOCAQEAEGkdTs++dNeKWpf5Z+I9kB8l9xr0C44njPOkNvcH
zSSE0Lsj9QcE2KdUBX73jWVZtz/XqXVoXggAEvGI5Te3kHF9adidcPFqT0E/kCfW
BBGGWzV6N2jwP3tGbZsa7xl2x0mc8BRxSy1IIUDuzmIk913C1DlckEu1BLl0Ehls
S0Y/CX0vC/JfCDHfQiyZqCRUkxZlyVx9gJrMRg3IZxiH6rA51/qVlDIVVfKAUS+e
AoyNgZbIoW1ZkZ59yiDKSOJMbgQsfo1Plhd9UB5rIif3YwuOmQURNjDiVOeWGGSB
AhazFBpqDXw1eKx1etQtNobRAAEZz22Lj/GVyGE8A8rAnQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 09:52:46 2025 by rpki-client