Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/3ox9mq5tVv_mVzdv6ZkHoCb63AI.roa
File: 3ox9mq5tVv_mVzdv6ZkHoCb63AI.roa (raw, json)
Hash identifier: QVwcZGvCd215nR5Sf1YCx4n+W56hSn6JrQ/ENCkL/zY=
Subject key identifier: DE:8C:7D:9A:AE:6D:56:FF:E6:57:37:6F:E9:99:07:A0:26:FA:DC:02
Certificate issuer: /CN=a8b31004df135aa1a8b943033db14691b11a63dd
Certificate serial: 01940CF87D8AC50D29375997C61E5EE5B0EA
Authority key identifier: A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/3ox9mq5tVv_mVzdv6ZkHoCb63AI.roa
Signing time: Sat 28 Dec 2024 11:13:19 +0000
ROA not before: Sat 28 Dec 2024 11:13:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56559
IP address blocks: 151.1.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0c:f8:7d:8a:c5:0d:29:37:59:97:c6:1e:5e:e5:b0:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b31004df135aa1a8b943033db14691b11a63dd
Validity
Not Before: Dec 28 11:13:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de8c7d9aae6d56ffe657376fe99907a026fadc02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a6:ad:5a:4a:97:3f:9d:95:94:6a:f0:39:62:
44:11:07:64:14:81:fe:d6:7c:05:53:10:e8:a3:16:
c5:cf:27:54:d0:36:59:67:22:50:c9:b9:f4:b7:fd:
39:8b:89:66:02:a0:31:ce:84:e1:d8:62:84:47:2a:
bc:8f:3f:bc:dc:53:c6:6b:70:12:5a:2c:c9:b4:cf:
c6:3d:2e:db:a6:94:6d:7e:8c:f6:9f:e9:e2:3c:c9:
e6:16:a6:44:1d:58:86:2c:5e:6d:53:42:39:e7:92:
28:36:ca:df:e1:cc:1a:3d:b3:d4:b3:8d:6e:e5:a4:
fc:2c:39:66:08:81:06:e5:55:48:04:20:a6:3d:57:
78:12:63:bd:76:c7:53:a3:d9:0a:80:2e:52:4c:87:
22:81:b2:cb:93:e9:60:5a:e0:46:7a:30:09:59:18:
fe:14:b1:07:6b:c3:7e:dd:5d:1e:13:a8:27:9c:e8:
05:32:78:80:53:4f:db:49:6b:20:9c:83:4f:0a:3c:
0e:ab:9b:20:a2:d3:c4:09:e2:d7:cc:72:82:69:ab:
be:c7:eb:e9:da:dd:9d:7a:f8:d7:27:1e:8d:9c:4e:
db:4b:43:13:54:fa:4e:e8:b8:91:51:0a:6f:bd:1f:
14:f5:66:52:8f:46:ac:49:05:d5:56:7a:35:8b:75:
9c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:8C:7D:9A:AE:6D:56:FF:E6:57:37:6F:E9:99:07:A0:26:FA:DC:02
X509v3 Authority Key Identifier:
keyid:A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/3ox9mq5tVv_mVzdv6ZkHoCb63AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.1.252.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:3b:cd:37:bf:11:5e:cb:5d:0d:6f:10:72:bb:f6:b1:83:45:
ea:89:57:57:2c:f4:a7:57:4c:da:a5:82:ee:69:6f:12:96:f9:
5b:1d:1d:dc:21:ad:ab:5c:f8:cb:02:35:22:83:9c:23:ce:95:
0e:a8:6b:d2:4e:e8:09:5f:77:7c:d8:b3:4b:52:a7:54:07:90:
0b:d4:87:7e:f0:a6:82:71:a4:d1:a8:34:e9:8f:b8:36:ff:d7:
ef:6e:c0:aa:2b:42:18:2b:67:65:25:d0:f2:a2:a7:3b:a7:39:
18:2e:5c:4b:ec:11:1a:7d:95:09:24:d1:7a:95:42:f7:6e:fd:
af:ae:64:9f:17:af:29:e5:f9:2b:88:fe:57:0f:a7:50:42:0c:
f1:19:68:e0:eb:33:74:be:f5:3c:45:af:cc:2c:0b:1f:51:94:
db:7a:c3:dc:6b:f3:24:3a:6d:4b:ea:81:09:04:44:42:e6:75:
2f:f1:76:b7:e6:02:0f:f7:ba:2a:75:f1:a9:77:69:41:7d:a4:
af:39:e0:d0:5d:fe:4b:72:aa:f6:b2:b7:88:ff:63:1f:d8:26:
d0:86:72:d5:59:5f:93:13:b5:75:f4:27:5d:ba:8c:d2:25:81:
45:e5:df:b2:e2:73:0b:fd:64:3c:4b:e3:82:51:43:c4:c2:23:
58:7a:f4:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQM+H2KxQ0pN1mXxh5e5bDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjMxMDA0ZGYxMzVhYTFhOGI5NDMwMzNkYjE0NjkxYjEx
YTYzZGQwHhcNMjQxMjI4MTExMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZThjN2Q5YWFlNmQ1NmZmZTY1NzM3NmZlOTk5MDdhMDI2ZmFkYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaatWkqXP52VlGrwOWJEEQdkFIH+
1nwFUxDooxbFzydU0DZZZyJQybn0t/05i4lmAqAxzoTh2GKERyq8jz+83FPGa3AS
WizJtM/GPS7bppRtfoz2n+niPMnmFqZEHViGLF5tU0I555IoNsrf4cwaPbPUs41u
5aT8LDlmCIEG5VVIBCCmPVd4EmO9dsdTo9kKgC5STIcigbLLk+lgWuBGejAJWRj+
FLEHa8N+3V0eE6gnnOgFMniAU0/bSWsgnINPCjwOq5sgotPECeLXzHKCaau+x+vp
2t2devjXJx6NnE7bS0MTVPpO6LiRUQpvvR8U9WZSj0asSQXVVno1i3WcLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN6MfZqubVb/5lc3b+mZB6Am+twCMB8GA1UdIwQY
MBaAFKizEATfE1qhqLlDAz2xRpGxGmPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQt
YzJhNDNiMDgwZDZmLzEvM294OW1xNXRWdl9tVnpkdjZaa0hvQ2I2M0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQtYzJhNDNiMDgwZDZm
LzEvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlwH8MA0G
CSqGSIb3DQEBCwUAA4IBAQB7O803vxFey10NbxByu/axg0XqiVdXLPSnV0zapYLu
aW8SlvlbHR3cIa2rXPjLAjUig5wjzpUOqGvSTugJX3d82LNLUqdUB5AL1Id+8KaC
caTRqDTpj7g2/9fvbsCqK0IYK2dlJdDyoqc7pzkYLlxL7BEafZUJJNF6lUL3bv2v
rmSfF68p5fkriP5XD6dQQgzxGWjg6zN0vvU8Ra/MLAsfUZTbesPca/MkOm1L6oEJ
BERC5nUv8Xa35gIP97oqdfGpd2lBfaSvOeDQXf5Lcqr2sreI/2Mf2CbQhnLVWV+T
E7V19CdduozSJYFF5d+y4nML/WQ8S+OCUUPEwiNYevSa
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:10:59 2025 by rpki-client