Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/1-SPSAYzXHr_mbcweyDkwFCyuZR4.roa
File: 1-SPSAYzXHr_mbcweyDkwFCyuZR4.roa (raw, json)
Hash identifier: PvQ5z1WhiXuTGn3rsrWkpJ6X5xO8ite85STDePZX8xw=
Subject key identifier: F9:23:D2:01:8C:D7:1E:BF:E6:6D:CC:1E:C8:39:30:14:2C:AE:65:1E
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 01936E815521EA5539CB383FD8F847D9E1A4
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/1-SPSAYzXHr_mbcweyDkwFCyuZR4.roa
Signing time: Wed 27 Nov 2024 16:43:09 +0000
ROA not before: Wed 27 Nov 2024 16:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.155.0/24 maxlen: 24
78.143.252.0/24 maxlen: 24
78.143.253.0/24 maxlen: 24
194.33.150.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Dec 2024 17:31:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:81:55:21:ea:55:39:cb:38:3f:d8:f8:47:d9:e1:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Nov 27 16:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f923d2018cd71ebfe66dcc1ec83930142cae651e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:b9:0d:47:b1:38:da:6c:80:94:cc:d3:bf:2b:
60:e9:cc:f5:7d:f6:2e:31:f2:46:ff:26:11:84:b6:
24:9c:69:a1:be:1e:fa:a9:91:ca:d5:c8:d9:05:69:
9d:fa:90:d3:a1:b0:73:a1:77:fd:86:45:6f:37:69:
0a:46:a6:7b:f9:9c:f4:51:40:a1:f5:48:fa:d9:92:
b2:ae:95:fd:a4:c3:1c:a9:3d:b9:00:85:83:d6:10:
e8:73:90:8b:e5:41:38:c3:f5:30:87:5b:b6:0b:09:
1d:f6:a6:cd:2c:7f:7d:6a:26:c8:95:19:de:3c:6c:
91:4f:c3:59:3a:23:0e:2c:c1:2b:50:37:33:f6:8d:
4c:3d:99:11:d8:d6:4c:3e:67:96:6e:ee:a8:ce:a9:
e1:cd:b4:86:46:4e:06:38:37:40:bf:08:2c:1a:f9:
32:d7:0f:51:1c:27:0e:06:07:3d:b3:fa:93:33:af:
11:47:22:96:c4:95:a6:56:f3:a9:a4:ed:9b:bb:6e:
83:80:98:f8:e6:e4:d6:0a:c9:09:68:f4:d3:13:56:
f6:ee:a7:34:7c:1c:04:f4:f2:56:05:6a:e6:ac:aa:
0b:53:01:49:24:d2:fa:6f:47:a2:27:0d:ad:43:e2:
1a:a4:97:68:e2:0b:68:0e:ac:b4:d7:ec:9b:26:6d:
bc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:23:D2:01:8C:D7:1E:BF:E6:6D:CC:1E:C8:39:30:14:2C:AE:65:1E
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/1-SPSAYzXHr_mbcweyDkwFCyuZR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
78.143.252.0/23
194.33.150.0/24
Signature Algorithm: sha256WithRSAEncryption
87:74:e7:ff:53:e8:0f:bf:dd:64:59:79:ec:b5:a0:d0:c6:7f:
ed:c0:bd:eb:b8:e3:5a:1a:82:7b:25:65:34:7f:6f:70:92:aa:
e8:8e:35:fe:22:70:32:19:fc:e5:33:58:3e:98:88:76:83:97:
0d:c4:b2:e6:6d:45:a0:b1:82:90:0f:59:9d:03:06:59:3c:dc:
03:7c:73:3f:41:df:ad:38:51:13:f0:26:78:f3:43:bb:9f:dd:
47:8a:84:34:48:7d:c1:72:64:89:97:a2:77:fd:1a:05:ee:2d:
73:59:29:2c:c3:22:f3:b5:35:54:a3:82:d3:6d:b4:78:6f:d3:
2e:3e:92:4b:65:f4:a0:7f:a5:61:a0:e7:66:8b:04:b1:27:da:
6e:23:8e:f3:33:01:31:28:b6:10:18:f0:df:ab:21:b7:fb:25:
6b:40:b5:c2:2a:d9:be:9a:2b:d4:ba:de:ad:ed:11:f2:0a:64:
b5:8f:e7:ba:b0:e1:5b:c6:e7:30:80:9c:47:1d:b1:f2:97:a3:
ba:55:99:70:f5:9c:fc:bd:3d:b6:75:dd:f8:ad:29:c9:87:34:
df:dd:fb:de:0d:46:93:9c:83:af:5c:54:b7:d3:f5:1f:07:38:
34:ac:42:fa:b7:45:41:22:09:2e:6d:76:5a:c6:26:8f:98:7a:
38:ab:0e:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZNugVUh6lU5yzg/2PhH2eGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQxMTI3MTY0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTIzZDIwMThjZDcxZWJmZTY2ZGNjMWVjODM5MzAxNDJjYWU2NTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9rkNR7E42myAlMzTvytg6cz1ffYu
MfJG/yYRhLYknGmhvh76qZHK1cjZBWmd+pDTobBzoXf9hkVvN2kKRqZ7+Zz0UUCh
9Uj62ZKyrpX9pMMcqT25AIWD1hDoc5CL5UE4w/Uwh1u2Cwkd9qbNLH99aibIlRne
PGyRT8NZOiMOLMErUDcz9o1MPZkR2NZMPmeWbu6ozqnhzbSGRk4GODdAvwgsGvky
1w9RHCcOBgc9s/qTM68RRyKWxJWmVvOppO2bu26DgJj45uTWCskJaPTTE1b27qc0
fBwE9PJWBWrmrKoLUwFJJNL6b0eiJw2tQ+IapJdo4gtoDqy01+ybJm28MwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPkj0gGM1x6/5m3MHsg5MBQsrmUeMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvMS1TUFNBWXpYSHJfbWJjd2V5RGt3RkN5dVpSNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWEvZDE3NTI3LWNmOTgtNGQzNy04NjZmLThlOWI5OGE5OWNk
Yi8xL3V3MU9oWk43ZWc4bkVGVFNoaFR5azAxT3BRQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAAWQmwME
AU6P/AMEAMIhljANBgkqhkiG9w0BAQsFAAOCAQEAh3Tn/1PoD7/dZFl57LWg0MZ/
7cC967jjWhqCeyVlNH9vcJKq6I41/iJwMhn85TNYPpiIdoOXDcSy5m1FoLGCkA9Z
nQMGWTzcA3xzP0HfrThRE/AmePNDu5/dR4qENEh9wXJkiZeid/0aBe4tc1kpLMMi
87U1VKOC0220eG/TLj6SS2X0oH+lYaDnZosEsSfabiOO8zMBMSi2EBjw36sht/sl
a0C1wirZvpor1Lrere0R8gpktY/nurDhW8bnMICcRx2x8pejulWZcPWc/L09tnXd
+K0pyYc039373g1Gk5yDr1xUt9P1Hwc4NKxC+rdFQSIJLm12WsYmj5h6OKsOjw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:34:57 2025 by rpki-client