Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/7FBIOCaSLezF8oVVn8c9XHB_mio.roa
File: 7FBIOCaSLezF8oVVn8c9XHB_mio.roa (raw, json)
Hash identifier: CDQC8Z+WOvOr4r4WWr/SVQPm6RA3vLNSoPL3F6gzaog=
Subject key identifier: EC:50:48:38:26:92:2D:EC:C5:F2:85:55:9F:C7:3D:5C:70:7F:9A:2A
Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Certificate serial: 019634504C5A6030D6B1219D0A6AADDD8683
Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/7FBIOCaSLezF8oVVn8c9XHB_mio.roa
Signing time: Mon 14 Apr 2025 12:39:59 +0000
ROA not before: Mon 14 Apr 2025 12:39:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 46.254.0.0/21 maxlen: 24
62.249.192.0/18 maxlen: 18
78.32.0.0/15 maxlen: 15
79.143.144.0/20 maxlen: 20
81.31.96.0/19 maxlen: 24
84.45.128.0/17 maxlen: 24
87.127.0.0/16 maxlen: 16
109.224.160.0/19 maxlen: 24
156.67.240.0/20 maxlen: 24
185.81.192.0/22 maxlen: 24
185.101.148.0/22 maxlen: 24
185.129.72.0/22 maxlen: 24
185.220.12.0/22 maxlen: 24
188.39.0.0/16 maxlen: 16
195.74.96.0/19 maxlen: 19
2001:4d48::/29 maxlen: 29
2001:4d48::/32 maxlen: 32
2a05:8940::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 14 Apr 2025 13:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:34:50:4c:5a:60:30:d6:b1:21:9d:0a:6a:ad:dd:86:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81
Validity
Not Before: Apr 14 12:39:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec50483826922decc5f285559fc73d5c707f9a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:55:66:c8:aa:ea:77:4f:04:ec:f1:df:48:80:
16:66:a1:47:4d:a5:97:04:85:a7:fb:a8:72:cd:f3:
9f:d9:b7:bd:ae:38:4b:86:72:95:ae:f7:4a:ab:d3:
72:57:97:1e:d9:56:22:82:96:4d:3b:1a:58:ba:7a:
74:bb:db:25:d8:01:ce:3a:29:80:59:b8:e3:66:53:
32:5b:3a:e7:92:4c:62:df:92:53:80:e5:74:6c:97:
ee:1c:08:33:ea:cf:01:20:2f:68:5a:f7:7d:ec:e8:
3b:bf:74:a6:27:89:b4:84:f0:18:44:54:8c:6c:ff:
19:e5:62:bb:8b:76:3b:4d:61:92:00:0b:c9:a4:26:
a0:0b:00:d2:fa:5b:2d:f0:cd:c6:ac:41:8e:4b:af:
4f:d4:d6:f2:8e:90:61:92:ac:a0:00:49:47:35:d0:
ca:0e:e4:81:0d:67:1a:9e:eb:72:0a:80:fc:c4:50:
99:d1:42:f2:7e:8e:40:e7:b3:6c:cc:fd:96:37:ea:
d9:98:79:a2:d4:39:0b:82:ec:2e:fb:20:a4:66:47:
2c:03:e7:c5:21:fb:00:75:70:6b:41:f2:cd:55:5c:
41:0d:57:43:35:5d:b3:92:7d:f6:7b:36:d6:17:59:
07:e3:86:0b:eb:d4:78:e8:d2:24:e7:50:79:64:64:
de:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:50:48:38:26:92:2D:EC:C5:F2:85:55:9F:C7:3D:5C:70:7F:9A:2A
X509v3 Authority Key Identifier:
keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/7FBIOCaSLezF8oVVn8c9XHB_mio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.0.0/21
62.249.192.0/18
78.32.0.0/15
79.143.144.0/20
81.31.96.0/19
84.45.128.0/17
87.127.0.0/16
109.224.160.0/19
156.67.240.0/20
185.81.192.0/22
185.101.148.0/22
185.129.72.0/22
185.220.12.0/22
188.39.0.0/16
195.74.96.0/19
IPv6:
2001:4d48::/29
2a05:8940::/29
Signature Algorithm: sha256WithRSAEncryption
7e:42:a5:3b:e9:2a:bc:ef:1e:26:98:8e:a8:83:dc:3e:8e:28:
a7:16:a6:3f:c4:1a:ad:41:a9:89:82:29:fd:27:bd:bf:f9:de:
ce:79:ad:ed:4d:7d:5b:b9:ff:e0:45:12:3a:30:5d:ea:3b:2f:
49:c8:9b:83:eb:14:6c:89:2c:56:2e:f0:07:91:1e:21:d5:b4:
98:d9:66:ea:40:a4:a2:7d:e6:fe:ff:03:6b:64:6b:3e:e3:dd:
80:32:de:65:15:4f:22:76:ea:84:89:67:56:e3:e3:03:2b:3c:
e1:4a:07:41:d7:73:54:fb:3d:ce:62:17:59:cb:3a:1f:56:bb:
05:b1:9b:27:45:7c:6e:ab:28:90:1b:4b:48:df:df:21:a5:18:
1a:18:f5:8c:9a:ad:7b:9b:b1:5b:2d:e5:75:cb:04:0a:b3:58:
78:38:12:ed:71:d5:96:e9:c5:d4:a9:9b:35:76:25:46:56:0b:
eb:42:5f:9b:ab:cd:fe:ee:63:78:15:a2:1d:98:02:fd:20:f6:
21:64:8c:a3:a1:01:33:ca:19:b9:1b:70:8a:b9:64:39:d6:06:
50:87:5c:38:ef:c9:c1:ce:9a:4d:27:83:59:31:d3:18:5e:2f:
5b:18:6a:d4:70:b6:45:8b:df:a4:b8:9f:15:71:d8:9d:41:44:
37:ea:89:f1
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZY0UExaYDDWsSGdCmqt3YaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4
Y2FiODEwHhcNMjUwNDE0MTIzOTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzUwNDgzODI2OTIyZGVjYzVmMjg1NTU5ZmM3M2Q1YzcwN2Y5YTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVVmyKrqd08E7PHfSIAWZqFHTaWX
BIWn+6hyzfOf2be9rjhLhnKVrvdKq9NyV5ce2VYigpZNOxpYunp0u9sl2AHOOimA
WbjjZlMyWzrnkkxi35JTgOV0bJfuHAgz6s8BIC9oWvd97Og7v3SmJ4m0hPAYRFSM
bP8Z5WK7i3Y7TWGSAAvJpCagCwDS+lst8M3GrEGOS69P1NbyjpBhkqygAElHNdDK
DuSBDWcanutyCoD8xFCZ0ULyfo5A57NszP2WN+rZmHmi1DkLguwu+yCkZkcsA+fF
IfsAdXBrQfLNVVxBDVdDNV2zkn32ezbWF1kH44YL69R46NIk51B5ZGTelwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFOxQSDgmki3sxfKFVZ/HPVxwf5oqMB8GA1UdIwQY
MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt
MWVmOWYyMzE5NTIyLzEvN0ZCSU9DYVNMZXpGOG9WVm44YzlYSEJfbWlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy
LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwXQQCAAEwVwMEAy7+AAME
Bj75wAMDAU4gAwQET4+QAwQFUR9gAwQHVC2AAwMAV38DBAVt4KADBAScQ/ADBAK5
UcADBAK5ZZQDBAK5gUgDBAK53AwDAwC8JwMEBcNKYDAUBAIAAjAOAwUDIAFNSAMF
AyoFiUAwDQYJKoZIhvcNAQELBQADggEBAH5CpTvpKrzvHiaYjqiD3D6OKKcWpj/E
Gq1BqYmCKf0nvb/53s55re1NfVu5/+BFEjowXeo7L0nIm4PrFGyJLFYu8AeRHiHV
tJjZZupApKJ95v7/A2tkaz7j3YAy3mUVTyJ26oSJZ1bj4wMrPOFKB0HXc1T7Pc5i
F1nLOh9WuwWxmydFfG6rKJAbS0jf3yGlGBoY9YyarXubsVst5XXLBAqzWHg4Eu1x
1ZbpxdSpmzV2JUZWC+tCX5urzf7uY3gVoh2YAv0g9iFkjKOhATPKGbkbcIq5ZDnW
BlCHXDjvycHOmk0ng1kx0xheL1sYatRwtkWL36S4nxVx2J1BRDfqifE=
-----END CERTIFICATE-----
Generated at Sat May 10 20:07:38 2025 by rpki-client