Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/CX80vsBic6jpP_8mrMl8zE16zK0.roa
File: CX80vsBic6jpP_8mrMl8zE16zK0.roa (raw, json)
Hash identifier: N1QGYhMndrstiRTZpuTjWtPq0K4ww+lbbSbQKNXGVzs=
Subject key identifier: 09:7F:34:BE:C0:62:73:A8:E9:3F:FF:26:AC:C9:7C:CC:4D:7A:CC:AD
Certificate issuer: /CN=4ee52752a81bdfe0a401f9a261d79fee4b617115
Certificate serial: 018CC3B7461E6978BBCDD045F3CEF7952100
Authority key identifier: 4E:E5:27:52:A8:1B:DF:E0:A4:01:F9:A2:61:D7:9F:EE:4B:61:71:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuUnUqgb3-CkAfmiYdef7kthcRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/CX80vsBic6jpP_8mrMl8zE16zK0.roa
Signing time: Mon 01 Jan 2024 06:30:17 +0000
ROA not before: Mon 01 Jan 2024 06:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43623
IP address blocks: 149.219.8.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Aug 2024 09:39:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:46:1e:69:78:bb:cd:d0:45:f3:ce:f7:95:21:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee52752a81bdfe0a401f9a261d79fee4b617115
Validity
Not Before: Jan 1 06:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=097f34bec06273a8e93fff26acc97ccc4d7accad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e8:5e:d9:e5:6d:f9:19:08:03:2b:73:d8:bc:
e1:6c:83:35:61:27:c6:ad:d5:54:43:58:40:75:85:
7c:a3:1c:10:07:eb:68:6e:24:94:a5:dc:05:1d:3c:
ac:eb:23:e5:f7:cd:31:8e:96:e5:97:1f:23:91:53:
5b:e6:f5:dd:08:e1:8d:88:f2:3f:65:88:76:75:2d:
b6:5b:2d:3c:a6:07:31:a6:49:d0:4d:57:4f:e2:52:
b3:16:3d:3b:e6:30:70:fb:f7:97:f0:04:6a:fb:b8:
03:24:bf:ab:ad:d0:cb:50:03:34:8b:8f:7c:03:ef:
3d:be:b9:f6:3f:81:72:eb:e1:8d:29:81:aa:9d:5a:
f1:11:5b:af:49:53:4b:a9:94:85:ec:9b:59:38:cd:
40:1f:6a:ec:5f:f4:eb:cd:73:19:c6:ee:6f:f3:04:
6c:80:21:e3:3a:d7:9b:cf:dd:56:5b:c1:ea:e9:0e:
25:b1:f2:38:1a:3f:ad:38:13:9e:35:15:fe:18:05:
1c:2f:b5:7b:2b:57:e2:27:0a:c0:b9:c2:c9:25:f3:
aa:4f:89:96:90:bd:db:02:62:51:95:15:5b:c7:04:
08:10:44:7e:34:96:c9:98:9c:f4:e6:ad:0a:43:f1:
5d:40:c9:0d:2d:52:3a:58:99:9b:30:1e:1d:42:31:
ef:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7F:34:BE:C0:62:73:A8:E9:3F:FF:26:AC:C9:7C:CC:4D:7A:CC:AD
X509v3 Authority Key Identifier:
keyid:4E:E5:27:52:A8:1B:DF:E0:A4:01:F9:A2:61:D7:9F:EE:4B:61:71:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuUnUqgb3-CkAfmiYdef7kthcRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/CX80vsBic6jpP_8mrMl8zE16zK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/31e0d4-35ce-4d02-9734-d78fb97f9828/1/TuUnUqgb3-CkAfmiYdef7kthcRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.219.8.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:85:64:22:ac:b2:c4:59:f7:cf:8c:b3:0b:da:a2:3f:1f:ed:
0d:5f:9a:54:a4:92:77:ea:d9:df:aa:d9:23:9c:9a:09:e9:36:
59:5f:94:20:0b:65:8b:35:ff:56:d7:0b:d3:ae:41:70:d2:02:
78:45:bb:a1:8c:ff:02:2d:53:f0:bb:bf:62:eb:f9:c9:4c:b1:
53:23:66:8f:aa:05:fa:3a:3d:69:de:e5:b2:ae:2d:f7:d5:1e:
f4:35:b8:44:04:2f:d1:fb:9f:cd:5e:0a:c8:5e:6f:24:78:98:
5b:e5:e6:02:6f:0a:35:6d:a3:e0:8a:c2:90:ce:2f:6d:1e:66:
0e:bd:0e:ef:da:50:bf:81:00:e1:7e:5c:c7:cd:91:9e:47:eb:
e7:5d:d6:72:83:42:5c:7c:af:3b:03:c9:86:6b:6f:82:88:3b:
0e:66:1c:c1:e4:6e:1c:70:b5:d2:50:fb:fe:8b:76:ee:5f:10:
dc:bf:5c:77:6d:13:2a:6d:f0:0a:54:87:e4:00:16:aa:f2:e4:
2b:fc:5b:e7:68:9f:c2:f9:0d:0f:f0:9a:ce:d9:17:17:17:60:
a6:62:ef:b4:94:01:28:11:ea:25:7e:0c:e4:db:75:7b:16:70:
ad:b0:a5:fa:1a:1d:6f:b0:dc:52:a6:9b:99:45:53:ee:d1:c5:
ea:c3:28:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDt0YeaXi7zdBF8873lSEAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTUyNzUyYTgxYmRmZTBhNDAxZjlhMjYxZDc5ZmVlNGI2
MTcxMTUwHhcNMjQwMTAxMDYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdmMzRiZWMwNjI3M2E4ZTkzZmZmMjZhY2M5N2NjYzRkN2FjY2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtehe2eVt+RkIAytz2LzhbIM1YSfG
rdVUQ1hAdYV8oxwQB+tobiSUpdwFHTys6yPl980xjpbllx8jkVNb5vXdCOGNiPI/
ZYh2dS22Wy08pgcxpknQTVdP4lKzFj075jBw+/eX8ARq+7gDJL+rrdDLUAM0i498
A+89vrn2P4Fy6+GNKYGqnVrxEVuvSVNLqZSF7JtZOM1AH2rsX/TrzXMZxu5v8wRs
gCHjOtebz91WW8Hq6Q4lsfI4Gj+tOBOeNRX+GAUcL7V7K1fiJwrAucLJJfOqT4mW
kL3bAmJRlRVbxwQIEER+NJbJmJz05q0KQ/FdQMkNLVI6WJmbMB4dQjHvlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAl/NL7AYnOo6T//JqzJfMxNesytMB8GA1UdIwQY
MBaAFE7lJ1KoG9/gpAH5omHXn+5LYXEVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVVblVxZ2IzLUNrQWZtaVlkZWY3a3RoY1JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8zMWUwZDQtMzVjZS00ZDAyLTk3MzQt
ZDc4ZmI5N2Y5ODI4LzEvQ1g4MHZzQmljNmpwUF84bXJNbDh6RTE2ekswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8zMWUwZDQtMzVjZS00ZDAyLTk3MzQtZDc4ZmI5N2Y5ODI4
LzEvVHVVblVxZ2IzLUNrQWZtaVlkZWY3a3RoY1JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBldsIMA0G
CSqGSIb3DQEBCwUAA4IBAQCfhWQirLLEWffPjLML2qI/H+0NX5pUpJJ36tnfqtkj
nJoJ6TZZX5QgC2WLNf9W1wvTrkFw0gJ4RbuhjP8CLVPwu79i6/nJTLFTI2aPqgX6
Oj1p3uWyri331R70NbhEBC/R+5/NXgrIXm8keJhb5eYCbwo1baPgisKQzi9tHmYO
vQ7v2lC/gQDhflzHzZGeR+vnXdZyg0JcfK87A8mGa2+CiDsOZhzB5G4ccLXSUPv+
i3buXxDcv1x3bRMqbfAKVIfkABaq8uQr/FvnaJ/C+Q0P8JrO2RcXF2CmYu+0lAEo
Eeolfgzk23V7FnCtsKX6Gh1vsNxSppuZRVPu0cXqwyiQ
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:30:28 2025 by rpki-client