Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/076838-5547-4b98-82bb-6950c1cb8879/1/mKKNZIF-7aZrc8Yj0BstWvI3ivA.roa
File: mKKNZIF-7aZrc8Yj0BstWvI3ivA.roa (raw, json)
Hash identifier: xGizkkfQAAQLeV0deu7bSGNB3MABzNIOVc8mmCAmT0Q=
Subject key identifier: 98:A2:8D:64:81:7E:ED:A6:6B:73:C6:23:D0:1B:2D:5A:F2:37:8A:F0
Certificate issuer: /CN=c87fefb4db5746680ad6036934662e236ca77772
Certificate serial: 01941CBDF784A11D0CFA05509343CA9DA3BC
Authority key identifier: C8:7F:EF:B4:DB:57:46:68:0A:D6:03:69:34:66:2E:23:6C:A7:77:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yH_vtNtXRmgK1gNpNGYuI2ynd3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/076838-5547-4b98-82bb-6950c1cb8879/1/mKKNZIF-7aZrc8Yj0BstWvI3ivA.roa
Signing time: Tue 31 Dec 2024 12:43:19 +0000
ROA not before: Tue 31 Dec 2024 12:43:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20516
IP address blocks: 83.142.232.0/21 maxlen: 21
83.142.232.0/24 maxlen: 24
83.142.233.0/24 maxlen: 24
83.142.234.0/24 maxlen: 24
83.142.235.0/24 maxlen: 24
83.142.236.0/24 maxlen: 24
83.142.237.0/24 maxlen: 24
83.142.238.0/24 maxlen: 24
83.142.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:bd:f7:84:a1:1d:0c:fa:05:50:93:43:ca:9d:a3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87fefb4db5746680ad6036934662e236ca77772
Validity
Not Before: Dec 31 12:43:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98a28d64817eeda66b73c623d01b2d5af2378af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2d:ee:f3:5e:0c:18:11:ad:8d:ef:8d:6f:b2:
00:2f:0c:9f:14:2c:af:f6:e7:68:6f:a2:bc:bf:71:
e4:1b:e6:02:f3:77:fd:39:10:e3:11:ad:35:4d:6f:
29:5c:64:c5:d5:b1:96:d3:12:b5:40:e1:e7:ea:53:
67:6f:15:cf:f7:e2:75:86:64:58:03:6f:7d:ab:0f:
a9:4f:d5:9a:c2:e9:86:29:98:50:0b:44:ac:aa:a2:
5d:a0:a2:7a:b9:02:69:d0:10:6b:d4:8a:4f:73:1c:
f1:85:df:32:5e:f7:4d:1d:f5:ca:f2:53:10:d5:35:
50:0b:78:68:f1:b3:55:a0:ca:95:b8:f0:ed:f6:c1:
6b:14:80:c0:b0:1a:69:93:35:9c:32:3c:0e:1b:a9:
af:94:e5:24:5a:80:37:3c:23:73:42:2a:38:3b:17:
7e:9a:02:39:40:33:ec:6e:84:c9:33:f3:68:af:6d:
bd:65:8e:b6:df:6a:5e:9a:df:d9:06:aa:77:a8:ec:
53:9c:b0:63:ce:f9:03:36:47:53:c8:54:8b:f6:60:
12:a0:0b:4d:ed:8a:99:88:e1:3e:d6:ea:8d:77:16:
aa:f8:e0:c3:cb:b7:35:0b:b3:00:ad:7a:36:40:73:
b1:4c:9a:a3:cc:6e:21:43:ca:23:c5:5d:fc:51:fa:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A2:8D:64:81:7E:ED:A6:6B:73:C6:23:D0:1B:2D:5A:F2:37:8A:F0
X509v3 Authority Key Identifier:
keyid:C8:7F:EF:B4:DB:57:46:68:0A:D6:03:69:34:66:2E:23:6C:A7:77:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yH_vtNtXRmgK1gNpNGYuI2ynd3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/076838-5547-4b98-82bb-6950c1cb8879/1/mKKNZIF-7aZrc8Yj0BstWvI3ivA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/076838-5547-4b98-82bb-6950c1cb8879/1/yH_vtNtXRmgK1gNpNGYuI2ynd3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.232.0/21
Signature Algorithm: sha256WithRSAEncryption
de:f4:df:ee:c9:a4:6e:a2:63:1e:03:4e:94:4d:d7:00:99:0d:
4b:94:7a:0a:0a:3d:60:f2:7c:2c:55:c1:bd:8b:39:d7:d6:bb:
09:0e:20:04:33:7e:97:e3:5b:4a:de:f4:bf:ad:67:a6:17:4c:
21:de:30:25:4e:34:a6:a6:a2:d3:a1:f1:73:77:7a:56:1a:1e:
67:1c:ab:8d:09:4a:fa:03:c0:27:94:3f:fe:05:d9:69:5d:5f:
e6:2d:85:2f:ce:f1:81:50:1a:34:1b:d7:a4:97:ed:7c:d2:e7:
2f:3c:a1:e2:1f:6c:7b:4c:39:19:df:34:a9:b7:8a:0e:cf:ea:
f0:ad:67:da:24:bd:dd:0a:a4:33:ea:53:40:13:c2:d7:2d:6f:
36:93:cb:36:ec:18:89:02:ba:15:f2:49:5f:da:99:1b:b5:d8:
71:a9:28:7f:0c:e6:e0:f4:1d:e0:1d:ad:6b:7d:8f:d4:8f:3f:
2b:26:a9:b6:ff:64:dd:3d:86:ea:99:2b:e4:ea:58:f7:45:52:
18:f7:93:2e:8b:d4:e9:65:46:3c:14:7a:45:62:b1:f1:f4:7e:
9f:83:fe:79:81:a7:b5:3a:e1:ea:0d:60:6e:64:60:23:d6:c1:
ad:7a:f1:d4:8c:fb:96:d3:64:c3:d9:40:03:5a:40:68:29:39:
79:cc:42:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQcvfeEoR0M+gVQk0PKnaO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2ZlZmI0ZGI1NzQ2NjgwYWQ2MDM2OTM0NjYyZTIzNmNh
Nzc3NzIwHhcNMjQxMjMxMTI0MzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGEyOGQ2NDgxN2VlZGE2NmI3M2M2MjNkMDFiMmQ1YWYyMzc4YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji3u814MGBGtje+Nb7IALwyfFCyv
9udob6K8v3HkG+YC83f9ORDjEa01TW8pXGTF1bGW0xK1QOHn6lNnbxXP9+J1hmRY
A299qw+pT9WawumGKZhQC0SsqqJdoKJ6uQJp0BBr1IpPcxzxhd8yXvdNHfXK8lMQ
1TVQC3ho8bNVoMqVuPDt9sFrFIDAsBppkzWcMjwOG6mvlOUkWoA3PCNzQio4Oxd+
mgI5QDPsboTJM/Nor229ZY6232pemt/ZBqp3qOxTnLBjzvkDNkdTyFSL9mASoAtN
7YqZiOE+1uqNdxaq+ODDy7c1C7MArXo2QHOxTJqjzG4hQ8ojxV38UfoAoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJiijWSBfu2ma3PGI9AbLVryN4rwMB8GA1UdIwQY
MBaAFMh/77TbV0ZoCtYDaTRmLiNsp3dyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhfdnROdFhSbWdLMWdOcE5HWXVJMnluZDNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wNzY4MzgtNTU0Ny00Yjk4LTgyYmIt
Njk1MGMxY2I4ODc5LzEvbUtLTlpJRi03YVpyYzhZajBCc3RXdkkzaXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wNzY4MzgtNTU0Ny00Yjk4LTgyYmItNjk1MGMxY2I4ODc5
LzEveUhfdnROdFhSbWdLMWdOcE5HWXVJMnluZDNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU47oMA0G
CSqGSIb3DQEBCwUAA4IBAQDe9N/uyaRuomMeA06UTdcAmQ1LlHoKCj1g8nwsVcG9
iznX1rsJDiAEM36X41tK3vS/rWemF0wh3jAlTjSmpqLTofFzd3pWGh5nHKuNCUr6
A8AnlD/+BdlpXV/mLYUvzvGBUBo0G9ekl+180ucvPKHiH2x7TDkZ3zSpt4oOz+rw
rWfaJL3dCqQz6lNAE8LXLW82k8s27BiJAroV8klf2pkbtdhxqSh/DObg9B3gHa1r
fY/Ujz8rJqm2/2TdPYbqmSvk6lj3RVIY95Mui9TpZUY8FHpFYrHx9H6fg/55gae1
OuHqDWBuZGAj1sGtevHUjPuW02TD2UADWkBoKTl5zEJl
-----END CERTIFICATE-----
Generated at Fri May 16 14:57:28 2025 by rpki-client