Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/843IEkdirNbDMxRrrGf-4aOGOS4.roa
File: 843IEkdirNbDMxRrrGf-4aOGOS4.roa (raw, json)
Hash identifier: Kpm1x1F8YBp/ifkYSQaWJwT28KfVO46dN+74sCp9Pa8=
Subject key identifier: F3:8D:C8:12:47:62:AC:D6:C3:33:14:6B:AC:67:FE:E1:A3:86:39:2E
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01942747F5056900AEE34B5209E0C6C45498
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/843IEkdirNbDMxRrrGf-4aOGOS4.roa
Signing time: Thu 02 Jan 2025 13:50:14 +0000
ROA not before: Thu 02 Jan 2025 13:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215664
IP address blocks: 5.182.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 Jan 2025 10:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f5:05:69:00:ae:e3:4b:52:09:e0:c6:c4:54:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 2 13:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f38dc8124762acd6c333146bac67fee1a386392e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:17:e3:b7:e0:02:d2:88:73:7f:b9:a6:5a:db:
eb:2d:98:ea:16:47:9f:1a:b4:a4:4c:a6:2b:1d:d6:
93:93:1b:c7:94:28:aa:97:53:86:9d:ce:ce:ac:47:
25:c9:32:52:56:e6:26:e0:a8:e7:83:1a:ba:64:70:
89:67:c1:66:32:b7:d2:d2:2a:6f:b0:28:49:50:f4:
3b:53:cd:45:67:96:89:09:1b:66:ab:7b:ff:38:0f:
9d:90:27:72:70:54:28:3d:4b:c1:a0:a6:e5:22:16:
3f:81:e5:18:02:55:50:84:7c:40:6a:68:ab:d0:26:
c3:2f:07:01:39:3b:12:e3:17:cb:3a:b4:01:0b:95:
d3:ff:ab:1a:1b:e3:c6:e5:e3:94:f0:6b:2e:83:77:
c8:e8:3d:db:45:31:04:82:da:7d:61:b9:82:9b:b9:
05:5d:bd:bd:33:c3:46:1d:be:6b:ff:e1:27:c5:a5:
bd:df:32:fd:42:5a:47:b9:84:4f:76:d2:bd:fa:f7:
74:63:6c:b1:26:6f:1d:e0:21:c8:80:2d:3a:fa:f1:
7f:06:7e:c1:f1:96:32:35:1a:62:e7:c1:2d:93:2d:
c8:c7:72:09:9e:92:92:3b:f3:6f:4b:00:3b:de:c7:
68:00:e5:3e:2c:08:d2:66:15:cd:e1:65:bb:17:91:
fa:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:8D:C8:12:47:62:AC:D6:C3:33:14:6B:AC:67:FE:E1:A3:86:39:2E
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/843IEkdirNbDMxRrrGf-4aOGOS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.48.0/24
Signature Algorithm: sha256WithRSAEncryption
05:43:d1:69:bc:e9:a5:a4:12:d9:34:24:24:e5:4c:51:ae:2f:
48:c8:b2:12:cb:03:0f:ad:95:a5:1d:79:d7:e8:bf:be:2d:29:
82:db:f5:a8:e2:3a:22:25:1d:6d:db:5e:d5:43:aa:3b:cd:86:
0b:cb:f3:2b:42:7f:07:38:b1:f7:ef:fe:a0:1a:71:8f:7e:7c:
be:48:5f:8f:be:59:20:68:17:d2:60:f6:91:93:43:39:d9:b8:
06:d2:df:c4:23:8c:c3:d3:7d:0c:2a:9f:d8:1e:19:56:d9:29:
d8:45:6d:22:b4:b6:c5:2a:17:8f:52:14:6e:95:4a:ad:a1:3f:
c2:3d:ea:b4:b2:45:52:88:3b:1f:ab:87:6b:38:7d:cb:ff:0f:
58:ba:19:d8:7c:bc:3e:ab:da:f7:77:40:60:7a:92:53:13:29:
ce:b8:f5:25:04:ff:45:7b:6d:c4:8f:c2:64:5e:e1:58:56:c7:
db:db:a0:1e:0c:2d:e0:aa:1a:12:13:f3:01:c5:40:63:b3:a2:
65:a2:b4:5c:85:80:dc:ee:4a:3b:25:58:42:3e:2b:62:d3:fb:
96:3f:cc:a6:23:c5:be:55:2f:62:f0:53:60:f4:a5:e3:fe:4c:
86:e7:23:e3:29:2c:5b:c9:98:b6:2b:65:85:89:83:c6:50:8e:
42:2d:e2:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR/UFaQCu40tSCeDGxFSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwMTAyMTM1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzhkYzgxMjQ3NjJhY2Q2YzMzMzE0NmJhYzY3ZmVlMWEzODYzOTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhfjt+AC0ohzf7mmWtvrLZjqFkef
GrSkTKYrHdaTkxvHlCiql1OGnc7OrEclyTJSVuYm4Kjngxq6ZHCJZ8FmMrfS0ipv
sChJUPQ7U81FZ5aJCRtmq3v/OA+dkCdycFQoPUvBoKblIhY/geUYAlVQhHxAamir
0CbDLwcBOTsS4xfLOrQBC5XT/6saG+PG5eOU8Gsug3fI6D3bRTEEgtp9YbmCm7kF
Xb29M8NGHb5r/+EnxaW93zL9QlpHuYRPdtK9+vd0Y2yxJm8d4CHIgC06+vF/Bn7B
8ZYyNRpi58Etky3Ix3IJnpKSO/NvSwA73sdoAOU+LAjSZhXN4WW7F5H6OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPONyBJHYqzWwzMUa6xn/uGjhjkuMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvODQzSUVrZGlyTmJETXhScnJHZi00YU9HT1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbYwMA0G
CSqGSIb3DQEBCwUAA4IBAQAFQ9FpvOmlpBLZNCQk5UxRri9IyLISywMPrZWlHXnX
6L++LSmC2/Wo4joiJR1t217VQ6o7zYYLy/MrQn8HOLH37/6gGnGPfny+SF+Pvlkg
aBfSYPaRk0M52bgG0t/EI4zD030MKp/YHhlW2SnYRW0itLbFKhePUhRulUqtoT/C
Peq0skVSiDsfq4drOH3L/w9YuhnYfLw+q9r3d0BgepJTEynOuPUlBP9Fe23Ej8Jk
XuFYVsfb26AeDC3gqhoSE/MBxUBjs6JlorRchYDc7ko7JVhCPiti0/uWP8ymI8W+
VS9i8FNg9KXj/kyG5yPjKSxbyZi2K2WFiYPGUI5CLeKk
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:23:44 2025 by rpki-client