Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/M2-4Z7mVK6Gb2aOk4QiZI1LDhSo.roa
File: M2-4Z7mVK6Gb2aOk4QiZI1LDhSo.roa (raw, json)
Hash identifier: ri/DWyT2ws2x07huX1tDKovWzBntMIfUnU91Axf9FYg=
Subject key identifier: 33:6F:B8:67:B9:95:2B:A1:9B:D9:A3:A4:E1:08:99:23:52:C3:85:2A
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01967AFFDB881D4CF3B4F42BB940712A2D35
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/M2-4Z7mVK6Gb2aOk4QiZI1LDhSo.roa
Signing time: Mon 28 Apr 2025 06:05:10 +0000
ROA not before: Mon 28 Apr 2025 06:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.0.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.20.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.31.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 18:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7a:ff:db:88:1d:4c:f3:b4:f4:2b:b9:40:71:2a:2d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Apr 28 06:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=336fb867b9952ba19bd9a3a4e108992352c3852a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3f:8a:1a:73:3d:a7:b2:24:4d:e4:e9:53:f9:
ec:b1:ae:8f:0a:60:be:c5:dc:c3:77:e9:82:b0:d4:
72:df:8a:18:36:c8:65:2d:5b:f7:5b:8c:c6:4c:7a:
27:f0:ea:d0:06:20:88:2d:40:85:67:9f:72:73:ff:
f9:a9:76:04:0b:ad:fa:e9:9c:f3:ed:4d:7d:57:f9:
5c:26:1c:d7:00:fc:bc:f6:e4:48:f3:47:c1:65:4c:
e6:73:cc:76:3e:fd:df:7a:a6:86:1b:f7:3d:41:38:
7e:e1:6d:0c:d0:63:8c:5c:71:84:0a:ce:18:be:77:
2b:9e:fb:34:e8:dc:2b:01:c4:d3:ea:b0:74:9b:40:
23:3d:94:6f:fb:57:d7:48:e4:24:c8:36:20:37:56:
67:19:d4:24:de:e3:df:9d:65:be:fc:c2:c9:ed:0c:
a6:9e:be:d9:83:fb:5f:01:aa:fa:29:ae:27:97:c7:
a7:98:09:dc:19:10:d6:45:c7:d5:e8:34:37:c3:a3:
6b:2b:f2:73:c0:7c:57:a8:3f:ea:76:95:64:f6:b7:
20:fc:aa:02:c8:f6:b9:91:66:ee:50:a6:d7:5b:5c:
0e:66:4a:ed:15:4a:1c:7d:ac:76:b6:ae:b8:cb:cc:
44:4f:36:50:21:7d:05:3e:35:c4:1d:ec:fa:52:0a:
02:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:6F:B8:67:B9:95:2B:A1:9B:D9:A3:A4:E1:08:99:23:52:C3:85:2A
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/M2-4Z7mVK6Gb2aOk4QiZI1LDhSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.0.0/24
144.56.13.0/24
144.56.17.0/24
144.56.20.0/24
144.56.24.0/24
144.56.27.0/24
144.56.31.0/24
144.56.33.0-144.56.34.255
Signature Algorithm: sha256WithRSAEncryption
b5:3d:09:d8:e8:3e:f9:b0:5b:93:c1:b6:48:46:98:5f:7a:8f:
4c:60:4f:a6:d5:07:15:57:34:1e:71:5a:09:86:ef:6f:cf:46:
94:3a:75:3d:85:e6:68:06:a6:c6:09:e5:7c:cb:e8:ae:9e:55:
f6:7e:c9:71:63:68:df:46:71:91:f5:57:31:12:d8:8d:b6:78:
e7:95:cc:dd:be:41:62:a8:75:57:5b:e4:c0:9c:52:b1:6a:eb:
97:3e:41:ea:cc:44:7b:4a:dc:2b:77:11:c5:c9:68:eb:60:25:
19:42:e2:80:e5:81:4c:18:34:91:cc:e9:4b:1f:b7:40:be:c5:
5c:ec:ef:f9:b4:28:17:97:ef:be:73:2c:07:4d:56:52:c6:f9:
da:69:d8:28:28:4d:a8:5b:1d:95:92:2f:fe:2a:4f:dd:07:93:
9c:0f:a1:35:58:f6:3c:72:ab:57:7a:29:3c:fe:56:13:99:80:
d7:ce:02:3a:0a:06:9f:ed:25:bb:e2:34:c7:be:da:4e:66:3c:
c9:4e:4d:f1:8f:c3:9c:6d:2a:7c:ec:1e:62:5e:34:fb:5b:9e:
96:8d:81:23:00:50:d3:4a:7f:71:c5:cd:ba:ea:1f:0c:44:23:
38:06:3c:fd:f8:22:3f:0f:8d:82:1d:aa:bf:a9:83:a5:ef:c5:
cd:a0:9d:fb
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZZ6/9uIHUzztPQruUBxKi01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNDI4MDYwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzZmYjg2N2I5OTUyYmExOWJkOWEzYTRlMTA4OTkyMzUyYzM4NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD+KGnM9p7IkTeTpU/nssa6PCmC+
xdzDd+mCsNRy34oYNshlLVv3W4zGTHon8OrQBiCILUCFZ59yc//5qXYEC6366Zzz
7U19V/lcJhzXAPy89uRI80fBZUzmc8x2Pv3feqaGG/c9QTh+4W0M0GOMXHGECs4Y
vncrnvs06NwrAcTT6rB0m0AjPZRv+1fXSOQkyDYgN1ZnGdQk3uPfnWW+/MLJ7Qym
nr7Zg/tfAar6Ka4nl8enmAncGRDWRcfV6DQ3w6NrK/JzwHxXqD/qdpVk9rcg/KoC
yPa5kWbuUKbXW1wOZkrtFUocfax2tq64y8xETzZQIX0FPjXEHez6UgoCjQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDNvuGe5lSuhm9mjpOEImSNSw4UqMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvTTItNFo3bVZLNkdiMmFPazRRaVpJMUxEaFNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAkDgAAwQA
kDgNAwQAkDgRAwQAkDgUAwQAkDgYAwQAkDgbAwQAkDgfMAwDBACQOCEDBACQOCIw
DQYJKoZIhvcNAQELBQADggEBALU9CdjoPvmwW5PBtkhGmF96j0xgT6bVBxVXNB5x
WgmG72/PRpQ6dT2F5mgGpsYJ5XzL6K6eVfZ+yXFjaN9GcZH1VzES2I22eOeVzN2+
QWKodVdb5MCcUrFq65c+QerMRHtK3Ct3EcXJaOtgJRlC4oDlgUwYNJHM6Usft0C+
xVzs7/m0KBeX775zLAdNVlLG+dpp2CgoTahbHZWSL/4qT90Hk5wPoTVY9jxyq1d6
KTz+VhOZgNfOAjoKBp/tJbviNMe+2k5mPMlOTfGPw5xtKnzsHmJeNPtbnpaNgSMA
UNNKf3HFzbrqHwxEIzgGPP34Ij8PjYIdqr+pg6Xvxc2gnfs=
-----END CERTIFICATE-----
Generated at Tue May 13 06:21:44 2025 by rpki-client