Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/52b481-f303-4a96-97dd-7370fd80df6c/1/maFjQ1twfwQTZ-0yMVwKKpAa8x4.roa
File: maFjQ1twfwQTZ-0yMVwKKpAa8x4.roa (raw, json)
Hash identifier: ii5nJsUtskBbqZ/QNsVsMHchPS4zYe04uHdMgqV1ySE=
Subject key identifier: 99:A1:63:43:5B:70:7F:04:13:67:ED:32:31:5C:0A:2A:90:1A:F3:1E
Certificate issuer: /CN=586b0182105bb27b0c8bcf2842bd3c1a85164bd1
Certificate serial: 019600D60BB0B0B925AE376287C5F4BDB968
Authority key identifier: 58:6B:01:82:10:5B:B2:7B:0C:8B:CF:28:42:BD:3C:1A:85:16:4B:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGsBghBbsnsMi88oQr08GoUWS9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/52b481-f303-4a96-97dd-7370fd80df6c/1/maFjQ1twfwQTZ-0yMVwKKpAa8x4.roa
Signing time: Fri 04 Apr 2025 12:45:49 +0000
ROA not before: Fri 04 Apr 2025 12:45:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 194.179.150.0/23 maxlen: 24
194.179.152.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 15:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:d6:0b:b0:b0:b9:25:ae:37:62:87:c5:f4:bd:b9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=586b0182105bb27b0c8bcf2842bd3c1a85164bd1
Validity
Not Before: Apr 4 12:45:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99a163435b707f041367ed32315c0a2a901af31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:69:c5:02:1b:f5:bc:10:bb:27:cd:89:05:27:
2f:37:d8:81:4c:11:e4:bb:35:41:29:0e:12:ce:f8:
7f:c7:f6:9d:b8:d7:99:ae:9c:2f:be:f5:f0:7a:35:
22:8e:b7:59:b3:3b:08:5b:f4:b2:ba:d6:bb:02:aa:
d7:32:68:0d:a5:8c:f5:19:49:20:55:93:41:1c:e6:
f6:93:69:84:2c:1f:20:e5:47:64:9c:12:c8:16:7b:
6e:06:77:93:bf:8e:46:ac:cf:46:69:16:52:a0:f0:
79:7f:ce:b2:b7:9a:ff:51:5a:49:d5:9f:9a:4a:63:
db:e4:58:3d:de:62:ac:ab:8b:4a:38:e0:85:df:6c:
6d:14:0a:99:8b:72:9c:fc:2d:9b:81:a3:10:c8:04:
c8:4a:c2:61:0b:2b:57:c8:62:28:74:29:97:60:d4:
0a:fc:6c:65:bd:fd:71:27:9a:24:ad:ef:d4:aa:87:
1f:3b:cb:c8:58:ef:13:22:9b:79:91:96:59:b4:21:
28:1f:37:18:42:21:48:65:b9:d2:a0:39:b4:10:e9:
da:36:a9:93:d0:d7:31:1b:4d:4b:5e:8b:a6:47:25:
47:51:c6:07:b9:f7:17:8d:0c:51:19:4d:a2:26:bd:
65:a8:67:57:a2:04:ad:e2:5c:e6:aa:e0:44:8d:70:
2d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:A1:63:43:5B:70:7F:04:13:67:ED:32:31:5C:0A:2A:90:1A:F3:1E
X509v3 Authority Key Identifier:
keyid:58:6B:01:82:10:5B:B2:7B:0C:8B:CF:28:42:BD:3C:1A:85:16:4B:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGsBghBbsnsMi88oQr08GoUWS9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/52b481-f303-4a96-97dd-7370fd80df6c/1/maFjQ1twfwQTZ-0yMVwKKpAa8x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/52b481-f303-4a96-97dd-7370fd80df6c/1/WGsBghBbsnsMi88oQr08GoUWS9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.179.150.0-194.179.159.255
Signature Algorithm: sha256WithRSAEncryption
83:18:a3:6c:43:b3:ca:4b:9a:f5:c9:54:65:20:4c:aa:2c:f3:
ad:a8:0f:f0:02:43:a6:84:01:20:c0:d6:84:de:ac:fb:e2:d8:
17:aa:b3:c0:3f:ca:e5:ec:ab:cd:cc:2f:85:f7:f2:7d:bb:dd:
9b:d0:95:4d:cb:07:49:b1:1b:8a:2a:e7:69:a4:1f:e4:68:95:
a6:91:37:79:ef:b1:9b:b6:99:32:be:d9:ef:05:b4:bc:6c:a6:
b4:a0:00:bc:57:a6:ec:85:a3:bc:2f:88:ef:d2:64:9d:55:23:
ac:54:9c:da:15:ef:34:c1:5f:e8:bd:e3:59:93:da:01:42:ee:
77:1b:ee:fc:8f:ea:b1:f2:96:fb:67:bb:ff:fd:8a:56:cd:7d:
3c:f5:69:76:e0:0f:81:be:9e:6f:16:42:8e:c0:17:12:96:8e:
df:fb:94:2f:ed:41:a8:9a:83:09:79:58:7d:ee:a4:5b:82:57:
0e:4c:28:0d:52:f8:01:01:bb:cf:5f:6e:19:d5:98:40:49:e6:
2a:a2:e8:f2:eb:b5:b4:f1:19:e7:91:85:86:74:b7:6f:6f:eb:
15:0d:dd:b8:92:f4:22:42:e6:58:c0:37:18:6d:58:48:a2:a8:
2a:de:b5:dc:1d:d5:9e:c1:f9:31:e3:1d:27:53:47:6e:b2:65:
bf:ec:74:86
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZYA1guwsLklrjdih8X0vbloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NmIwMTgyMTA1YmIyN2IwYzhiY2YyODQyYmQzYzFhODUx
NjRiZDEwHhcNMjUwNDA0MTI0NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWExNjM0MzViNzA3ZjA0MTM2N2VkMzIzMTVjMGEyYTkwMWFmMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7mnFAhv1vBC7J82JBScvN9iBTBHk
uzVBKQ4Szvh/x/aduNeZrpwvvvXwejUijrdZszsIW/Syuta7AqrXMmgNpYz1GUkg
VZNBHOb2k2mELB8g5UdknBLIFntuBneTv45GrM9GaRZSoPB5f86yt5r/UVpJ1Z+a
SmPb5Fg93mKsq4tKOOCF32xtFAqZi3Kc/C2bgaMQyATISsJhCytXyGIodCmXYNQK
/Gxlvf1xJ5okre/UqocfO8vIWO8TIpt5kZZZtCEoHzcYQiFIZbnSoDm0EOnaNqmT
0NcxG01LXoumRyVHUcYHufcXjQxRGU2iJr1lqGdXogSt4lzmquBEjXAtdwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJmhY0NbcH8EE2ftMjFcCiqQGvMeMB8GA1UdIwQY
MBaAFFhrAYIQW7J7DIvPKEK9PBqFFkvRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0dzQmdoQmJzbnNNaTg4b1FyMDhHb1VXUzlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81MmI0ODEtZjMwMy00YTk2LTk3ZGQt
NzM3MGZkODBkZjZjLzEvbWFGalExdHdmd1FUWi0weU1Wd0tLcEFhOHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81MmI0ODEtZjMwMy00YTk2LTk3ZGQtNzM3MGZkODBkZjZj
LzEvV0dzQmdoQmJzbnNNaTg4b1FyMDhHb1VXUzlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHCs5YD
BAXCs4AwDQYJKoZIhvcNAQELBQADggEBAIMYo2xDs8pLmvXJVGUgTKos862oD/AC
Q6aEASDA1oTerPvi2Beqs8A/yuXsq83ML4X38n273ZvQlU3LB0mxG4oq52mkH+Ro
laaRN3nvsZu2mTK+2e8FtLxsprSgALxXpuyFo7wviO/SZJ1VI6xUnNoV7zTBX+i9
41mT2gFC7ncb7vyP6rHylvtnu//9ilbNfTz1aXbgD4G+nm8WQo7AFxKWjt/7lC/t
Qaiagwl5WH3upFuCVw5MKA1S+AEBu89fbhnVmEBJ5iqi6PLrtbTxGeeRhYZ0t29v
6xUN3biS9CJC5ljANxhtWEiiqCretdwd1Z7B+THjHSdTR26yZb/sdIY=
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:10:26 2025 by rpki-client