Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/8mlCeKPalAWEVj6yBLZzy6okm8k.roa
File: 8mlCeKPalAWEVj6yBLZzy6okm8k.roa (raw, json)
Hash identifier: lsH8hEFMmMjdcYbxRdVk7D+/OFKsGfWMQ9fGOv/dwQY=
Subject key identifier: F2:69:42:78:A3:DA:94:05:84:56:3E:B2:04:B6:73:CB:AA:24:9B:C9
Certificate issuer: /CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Certificate serial: 019537CAF5C9AE4A38C8A3211ABB9AB6173B
Authority key identifier: 31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/8mlCeKPalAWEVj6yBLZzy6okm8k.roa
Signing time: Mon 24 Feb 2025 11:50:02 +0000
ROA not before: Mon 24 Feb 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 2a0e:4581::/32 maxlen: 32
2a11:9886::/32 maxlen: 32
2a12:9504::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Feb 2025 17:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:ca:f5:c9:ae:4a:38:c8:a3:21:1a:bb:9a:b6:17:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=310b05251378994cfa8088d23b6eeed4e9e6ab08
Validity
Not Before: Feb 24 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2694278a3da940584563eb204b673cbaa249bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3a:f1:04:3c:e3:4f:9b:77:22:ee:fd:70:3f:
72:70:10:2e:fe:cd:d6:02:12:e4:4e:a9:88:3e:99:
d4:81:64:fe:fc:be:c6:0f:12:78:de:75:04:19:16:
97:60:f0:75:7e:e0:b3:21:ff:53:db:d6:c4:f9:7b:
00:36:9d:a3:01:b9:24:a2:52:c6:77:77:e8:99:85:
b4:e7:fd:78:24:67:74:a7:a3:a3:c1:9f:bf:35:7a:
cf:e6:f3:f1:72:47:a2:eb:f3:38:52:fa:ce:9a:36:
cc:65:e9:24:c8:40:7c:34:c9:11:3c:c5:b7:17:60:
bf:15:63:03:4a:29:4e:63:f8:e2:9a:a4:c1:2e:46:
a2:73:aa:e2:c5:8f:9d:c7:c8:c4:bc:ae:2e:d1:fa:
10:0a:60:c4:6f:aa:8e:c1:11:8d:8f:37:a0:b7:76:
fd:eb:38:bf:de:4f:70:aa:89:1c:b4:06:38:dd:73:
73:a1:58:19:38:d9:fa:d5:9b:d3:4a:23:d3:bc:b7:
6b:7e:11:f7:7c:aa:cf:d7:b6:27:b1:fb:61:e1:ed:
f2:a0:3c:5e:48:d4:3f:65:2c:02:ed:c9:ce:1f:81:
84:d9:76:6a:50:01:bd:11:b6:23:f4:b5:32:9d:49:
9d:93:2d:9a:79:e9:c6:6e:c8:d4:e7:e5:c3:bc:21:
53:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:69:42:78:A3:DA:94:05:84:56:3E:B2:04:B6:73:CB:AA:24:9B:C9
X509v3 Authority Key Identifier:
keyid:31:0B:05:25:13:78:99:4C:FA:80:88:D2:3B:6E:EE:D4:E9:E6:AB:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MQsFJRN4mUz6gIjSO27u1Onmqwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/8mlCeKPalAWEVj6yBLZzy6okm8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/771486-bee3-424a-b341-7cfdf2df6632/1/MQsFJRN4mUz6gIjSO27u1Onmqwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4581::/32
2a11:9886::/32
2a12:9504::/32
Signature Algorithm: sha256WithRSAEncryption
57:ee:68:3b:5f:99:6a:88:dc:44:41:73:8f:c0:d2:5a:9e:56:
ca:37:78:dc:30:71:2a:75:da:f0:94:10:3b:79:bf:41:22:73:
ba:ee:95:01:b6:40:90:de:5a:de:15:0c:61:4a:f2:1d:b0:73:
24:5d:62:4a:b9:aa:34:d3:46:69:ff:a8:f0:80:d5:17:d2:bd:
9d:55:c9:33:24:15:9e:3a:3a:31:ce:83:2f:2e:8a:8c:20:e9:
cb:b2:5c:c1:f3:71:16:26:57:f1:13:fe:ab:63:26:6a:4f:85:
53:a2:03:9b:fb:b4:8e:bc:48:0f:d9:ae:5c:97:05:db:64:f0:
c6:b7:4f:3a:e9:c6:b7:01:d8:ea:01:7c:b2:ce:0b:eb:ee:e8:
41:73:07:8b:37:59:16:6e:08:0a:2b:a5:41:c0:c7:96:6e:d6:
b1:71:88:dc:ca:c2:02:5f:95:6e:74:6d:6d:19:98:2f:21:23:
46:b8:9a:84:d0:e0:8c:81:48:05:72:be:05:88:75:58:e4:e7:
de:6a:a8:4a:48:63:b4:91:7d:a1:99:7b:8d:83:10:ae:fe:11:
61:2a:8a:87:ad:e4:20:aa:48:c3:6b:c1:82:af:d4:fc:d9:09:
93:40:3b:89:52:5b:0c:06:16:89:3e:93:e8:39:84:60:5b:91:
7a:f4:e6:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZU3yvXJrko4yKMhGruathc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMGIwNTI1MTM3ODk5NGNmYTgwODhkMjNiNmVlZWQ0ZTll
NmFiMDgwHhcNMjUwMjI0MTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjY5NDI3OGEzZGE5NDA1ODQ1NjNlYjIwNGI2NzNjYmFhMjQ5YmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjrxBDzjT5t3Iu79cD9ycBAu/s3W
AhLkTqmIPpnUgWT+/L7GDxJ43nUEGRaXYPB1fuCzIf9T29bE+XsANp2jAbkkolLG
d3fomYW05/14JGd0p6OjwZ+/NXrP5vPxckei6/M4UvrOmjbMZekkyEB8NMkRPMW3
F2C/FWMDSilOY/jimqTBLkaic6rixY+dx8jEvK4u0foQCmDEb6qOwRGNjzegt3b9
6zi/3k9wqokctAY43XNzoVgZONn61ZvTSiPTvLdrfhH3fKrP17Ynsfth4e3yoDxe
SNQ/ZSwC7cnOH4GE2XZqUAG9EbYj9LUynUmdky2aeenGbsjU5+XDvCFTrwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPJpQnij2pQFhFY+sgS2c8uqJJvJMB8GA1UdIwQY
MBaAFDELBSUTeJlM+oCI0jtu7tTp5qsIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEt
N2NmZGYyZGY2NjMyLzEvOG1sQ2VLUGFsQVdFVmo2eUJMWnp5Nm9rbThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC83NzE0ODYtYmVlMy00MjRhLWIzNDEtN2NmZGYyZGY2NjMy
LzEvTVFzRkpSTjRtVXo2Z0lqU08yN3UxT25tcXdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg5FgQMF
ACoRmIYDBQAqEpUEMA0GCSqGSIb3DQEBCwUAA4IBAQBX7mg7X5lqiNxEQXOPwNJa
nlbKN3jcMHEqddrwlBA7eb9BInO67pUBtkCQ3lreFQxhSvIdsHMkXWJKuao000Zp
/6jwgNUX0r2dVckzJBWeOjoxzoMvLoqMIOnLslzB83EWJlfxE/6rYyZqT4VTogOb
+7SOvEgP2a5clwXbZPDGt0866ca3AdjqAXyyzgvr7uhBcweLN1kWbggKK6VBwMeW
btaxcYjcysICX5VudG1tGZgvISNGuJqE0OCMgUgFcr4FiHVY5OfeaqhKSGO0kX2h
mXuNgxCu/hFhKoqHreQgqkjDa8GCr9T82QmTQDuJUlsMBhaJPpPoOYRgW5F69OY5
-----END CERTIFICATE-----
Generated at Mon May 12 15:58:34 2025 by rpki-client