Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/s9ux3PVbaXJO1emFzFEeQi-h4u0.roa
File: s9ux3PVbaXJO1emFzFEeQi-h4u0.roa (raw, json)
Hash identifier: fNgfUDYYgOyoHRInFEjEYsUJ/GSkfxzDHi5M1471sao=
Subject key identifier: B3:DB:B1:DC:F5:5B:69:72:4E:D5:E9:85:CC:51:1E:42:2F:A1:E2:ED
Certificate issuer: /CN=7bab6c11d41162db0306858f83e5e65121132a6b
Certificate serial: 018CC2DB5C56740188876FC55F8FF0ADDD92
Authority key identifier: 7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/s9ux3PVbaXJO1emFzFEeQi-h4u0.roa
Signing time: Mon 01 Jan 2024 02:30:05 +0000
ROA not before: Mon 01 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64473
IP address blocks: 107.150.174.0/24 maxlen: 24
2a07:22c0:c100::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:5c:56:74:01:88:87:6f:c5:5f:8f:f0:ad:dd:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bab6c11d41162db0306858f83e5e65121132a6b
Validity
Not Before: Jan 1 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3dbb1dcf55b69724ed5e985cc511e422fa1e2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:96:0a:c2:88:84:70:e5:15:fd:84:fc:20:d2:
fe:68:d1:a3:19:48:23:0d:41:22:ab:77:96:c3:c1:
dd:71:0f:4c:63:7f:6d:a3:bd:19:35:78:89:12:ce:
6d:a7:46:69:77:ac:21:ee:56:9e:47:80:4e:f0:18:
b9:c0:3b:80:61:93:45:00:25:39:7e:56:11:d2:7e:
04:6f:d1:d9:59:f5:b0:3d:2a:c3:b7:56:94:da:01:
dc:78:28:c3:99:b6:8a:d2:2e:42:68:d2:2a:83:81:
33:ea:e7:7d:3a:56:7d:40:cd:fa:9a:78:50:5e:04:
8e:8b:fb:a5:47:d3:40:97:0b:d8:0c:e8:f7:e9:7f:
4b:d8:0d:17:8a:0d:d6:f0:69:d1:41:25:1c:0c:d4:
fa:51:4a:e2:58:a6:64:a7:44:a3:68:7a:10:99:ff:
9b:af:b7:1d:2a:8f:61:c8:4a:e9:ab:4d:a3:9a:c7:
38:f1:c5:ac:70:3a:56:13:8b:78:bf:90:86:40:9c:
ca:4f:99:b1:da:76:10:43:72:0f:f5:30:d4:fe:6a:
4f:7b:13:4d:32:b0:ee:f9:19:64:ea:84:ad:de:41:
bd:1d:c3:83:a4:76:22:e4:ea:87:6a:2a:97:d0:29:
b6:6c:83:ea:cc:4e:34:4b:5c:6e:da:80:6b:12:32:
12:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DB:B1:DC:F5:5B:69:72:4E:D5:E9:85:CC:51:1E:42:2F:A1:E2:ED
X509v3 Authority Key Identifier:
keyid:7B:AB:6C:11:D4:11:62:DB:03:06:85:8F:83:E5:E6:51:21:13:2A:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6tsEdQRYtsDBoWPg-XmUSETKms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/s9ux3PVbaXJO1emFzFEeQi-h4u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/d334ad-5240-4daa-a050-9f5bf736720e/1/e6tsEdQRYtsDBoWPg-XmUSETKms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.150.174.0/24
IPv6:
2a07:22c0:c100::/40
Signature Algorithm: sha256WithRSAEncryption
51:13:e2:44:a2:02:10:eb:f5:1c:3e:7e:80:7f:48:23:66:71:
53:e5:6b:2c:df:ad:de:e0:d1:b3:ee:ab:49:67:97:6b:9c:c2:
d6:cc:07:d2:bc:8b:91:4b:aa:f9:fd:1f:51:71:15:d7:78:6f:
f3:ea:8d:08:3b:b3:ef:e0:d5:a5:ee:9a:ff:4e:db:78:6e:b6:
16:c9:84:3e:f7:62:5f:b4:9d:9f:d8:61:51:0d:b5:85:bc:05:
ce:1f:93:64:1d:36:e9:6a:29:65:74:8b:1e:2d:53:20:a8:83:
34:cf:6b:e3:f0:0b:7a:a9:d9:ac:4b:ea:80:13:c7:05:77:ef:
a2:ef:db:52:8e:20:dd:25:0c:26:fb:94:6e:c3:ae:21:21:29:
8b:12:aa:a2:81:ca:14:48:2a:0e:e4:1d:ba:32:c2:e4:7d:93:
b9:6f:dd:ed:e0:33:dc:ae:95:2a:54:a8:ef:e1:92:6d:06:e7:
ce:02:63:b6:62:81:2e:99:9b:40:66:71:71:b6:f3:a4:4d:d9:
2b:b6:bd:57:62:44:a5:55:31:0d:d6:eb:22:82:0c:1a:b4:9e:
0a:37:dd:58:c7:d7:ba:68:09:5d:84:0e:0a:3e:33:b0:94:b3:
eb:d6:49:71:77:db:4d:a1:f1:1e:71:84:62:01:e8:c7:bc:ad:
e7:c3:d8:26
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzC21xWdAGIh2/FX4/wrd2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYWI2YzExZDQxMTYyZGIwMzA2ODU4ZjgzZTVlNjUxMjEx
MzJhNmIwHhcNMjQwMTAxMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RiYjFkY2Y1NWI2OTcyNGVkNWU5ODVjYzUxMWU0MjJmYTFlMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5YKwoiEcOUV/YT8INL+aNGjGUgj
DUEiq3eWw8HdcQ9MY39to70ZNXiJEs5tp0Zpd6wh7laeR4BO8Bi5wDuAYZNFACU5
flYR0n4Eb9HZWfWwPSrDt1aU2gHceCjDmbaK0i5CaNIqg4Ez6ud9OlZ9QM36mnhQ
XgSOi/ulR9NAlwvYDOj36X9L2A0Xig3W8GnRQSUcDNT6UUriWKZkp0SjaHoQmf+b
r7cdKo9hyErpq02jmsc48cWscDpWE4t4v5CGQJzKT5mx2nYQQ3IP9TDU/mpPexNN
MrDu+Rlk6oSt3kG9HcODpHYi5OqHaiqX0Cm2bIPqzE40S1xu2oBrEjISvQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLPbsdz1W2lyTtXphcxRHkIvoeLtMB8GA1UdIwQY
MBaAFHurbBHUEWLbAwaFj4Pl5lEhEyprMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAt
OWY1YmY3MzY3MjBlLzEvczl1eDNQVmJhWEpPMWVtRnpGRWVRaS1oNHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kMzM0YWQtNTI0MC00ZGFhLWEwNTAtOWY1YmY3MzY3MjBl
LzEvZTZ0c0VkUVJZdHNEQm9XUGctWG1VU0VUS21zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAa5auMA4E
AgACMAgDBgAqByLAwTANBgkqhkiG9w0BAQsFAAOCAQEAURPiRKICEOv1HD5+gH9I
I2ZxU+VrLN+t3uDRs+6rSWeXa5zC1swH0ryLkUuq+f0fUXEV13hv8+qNCDuz7+DV
pe6a/07beG62FsmEPvdiX7Sdn9hhUQ21hbwFzh+TZB026WopZXSLHi1TIKiDNM9r
4/ALeqnZrEvqgBPHBXfvou/bUo4g3SUMJvuUbsOuISEpixKqooHKFEgqDuQdujLC
5H2TuW/d7eAz3K6VKlSo7+GSbQbnzgJjtmKBLpmbQGZxcbbzpE3ZK7a9V2JEpVUx
DdbrIoIMGrSeCjfdWMfXumgJXYQOCj4zsJSz69ZJcXfbTaHxHnGEYgHox7yt58PY
Jg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:56:12 2025 by rpki-client