Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/_a3QtpqpfnRJiUSjo0_teT105jQ.roa
File: _a3QtpqpfnRJiUSjo0_teT105jQ.roa (raw, json)
Hash identifier: YBKrw9ZpwclWPQm+/Fv263OEVkvNrETOmXvSxBNN2Gk=
Subject key identifier: FD:AD:D0:B6:9A:A9:7E:74:49:89:44:A3:A3:4F:ED:79:3D:74:E6:34
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0195C80D4DB66D0507496C76095C31F8D213
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/_a3QtpqpfnRJiUSjo0_teT105jQ.roa
Signing time: Mon 24 Mar 2025 12:07:49 +0000
ROA not before: Mon 24 Mar 2025 12:07:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 158.46.153.0/24 maxlen: 24
158.46.200.0/23 maxlen: 24
158.46.202.0/23 maxlen: 24
178.171.88.0/23 maxlen: 24
178.171.100.0/24 maxlen: 24
178.171.106.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 12:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:0d:4d:b6:6d:05:07:49:6c:76:09:5c:31:f8:d2:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Mar 24 12:07:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fdadd0b69aa97e74498944a3a34fed793d74e634
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:eb:82:47:4c:0f:f4:4e:de:5f:27:fa:71:b3:
5e:fc:79:69:2d:be:e3:21:30:81:b9:2f:ad:bd:dd:
13:62:55:8b:50:03:8c:b6:3e:a1:90:5b:2c:49:e9:
88:03:61:08:82:47:ec:be:7d:d5:c2:ac:40:68:68:
cd:68:1f:b2:95:5d:65:8c:27:33:45:45:fd:0f:7b:
fa:ce:1d:69:b4:13:8e:96:bc:6a:c9:99:12:74:93:
13:45:b9:ec:ce:e0:3a:57:7c:27:d8:1b:d1:d6:47:
80:21:cb:66:af:26:d4:9d:69:45:c8:d8:80:72:97:
e9:b6:33:c7:fa:64:07:a9:ea:2c:12:50:fd:76:ae:
49:29:d1:53:95:38:16:a0:34:ca:a0:8f:e0:3b:32:
c6:d4:f5:cb:05:0c:a8:fd:fb:d1:81:95:25:d7:f5:
04:81:ef:1a:13:55:7f:86:dd:8f:91:d5:4c:19:da:
42:ba:5f:1a:6c:6e:54:47:5f:4f:52:48:33:e2:8e:
35:73:7f:65:e0:03:9b:da:9c:1d:8b:6b:10:1d:5a:
67:95:69:fd:a1:8f:5f:f3:95:35:5e:df:39:30:f3:
9a:52:12:e9:09:b0:5f:b7:b1:32:e2:e5:61:0f:4e:
80:db:6c:d5:ed:09:24:f4:49:14:ea:49:91:7a:4e:
ef:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:AD:D0:B6:9A:A9:7E:74:49:89:44:A3:A3:4F:ED:79:3D:74:E6:34
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/_a3QtpqpfnRJiUSjo0_teT105jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.153.0/24
158.46.200.0/22
178.171.88.0/23
178.171.100.0/24
178.171.106.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:92:72:c3:cd:db:39:61:51:52:e8:a7:a1:fb:65:91:c3:3c:
2a:f3:c9:c2:a2:a4:77:fd:45:f6:a5:aa:25:c5:dc:24:52:fa:
dd:e2:31:58:b0:a3:7d:52:02:e7:9f:a5:ae:d2:84:47:54:d3:
a1:6b:17:0b:6a:a1:b4:79:82:34:ac:a9:2e:c6:45:7d:83:ab:
44:87:63:70:16:28:9a:59:d3:0a:b8:95:d0:23:23:32:64:44:
2d:22:4a:9f:8e:88:18:5e:36:37:75:14:c4:5c:3a:c1:de:8e:
1d:bf:1f:df:41:0d:17:e3:82:5e:9b:34:05:c2:0d:26:f7:45:
7f:0e:c1:7a:16:aa:d1:0c:1f:b2:09:58:f4:ff:ae:48:07:a7:
ff:ca:a0:a0:3f:98:52:84:4b:ca:1b:2e:5f:11:06:36:c7:d6:
77:d3:69:d9:f3:00:74:03:c3:b2:e6:ee:27:4b:7e:49:1b:97:
44:cf:9b:9c:d2:a9:af:e8:35:4e:5b:cf:36:5f:a9:f7:31:ce:
bb:53:1d:ce:ab:a2:28:88:64:87:35:c2:39:6f:b7:2e:54:8d:
4e:c0:2d:87:f0:62:2f:57:13:14:d7:53:51:a7:74:2a:e2:6f:
48:51:8f:81:49:58:90:37:50:09:82:0c:cb:e0:d1:f2:7a:e2:
58:a5:86:08
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZXIDU22bQUHSWx2CVwx+NITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjUwMzI0MTIwNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGFkZDBiNjlhYTk3ZTc0NDk4OTQ0YTNhMzRmZWQ3OTNkNzRlNjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOuCR0wP9E7eXyf6cbNe/HlpLb7j
ITCBuS+tvd0TYlWLUAOMtj6hkFssSemIA2EIgkfsvn3VwqxAaGjNaB+ylV1ljCcz
RUX9D3v6zh1ptBOOlrxqyZkSdJMTRbnszuA6V3wn2BvR1keAIctmrybUnWlFyNiA
cpfptjPH+mQHqeosElD9dq5JKdFTlTgWoDTKoI/gOzLG1PXLBQyo/fvRgZUl1/UE
ge8aE1V/ht2PkdVMGdpCul8abG5UR19PUkgz4o41c39l4AOb2pwdi2sQHVpnlWn9
oY9f85U1Xt85MPOaUhLpCbBft7Ey4uVhD06A22zV7Qkk9EkU6kmRek7vTQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP2t0LaaqX50SYlEo6NP7Xk9dOY0MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvX2EzUXRwcXBmblJKaVVTam8wX3RlVDEwNWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAni6ZAwQC
ni7IAwQBsqtYAwQAsqtkAwQBsqtqMA0GCSqGSIb3DQEBCwUAA4IBAQA/knLDzds5
YVFS6Keh+2WRwzwq88nCoqR3/UX2paolxdwkUvrd4jFYsKN9UgLnn6Wu0oRHVNOh
axcLaqG0eYI0rKkuxkV9g6tEh2NwFiiaWdMKuJXQIyMyZEQtIkqfjogYXjY3dRTE
XDrB3o4dvx/fQQ0X44JemzQFwg0m90V/DsF6FqrRDB+yCVj0/65IB6f/yqCgP5hS
hEvKGy5fEQY2x9Z302nZ8wB0A8Oy5u4nS35JG5dEz5uc0qmv6DVOW882X6n3Mc67
Ux3Oq6IoiGSHNcI5b7cuVI1OwC2H8GIvVxMU11NRp3Qq4m9IUY+BSViQN1AJggzL
4NHyeuJYpYYI
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:19:42 2025 by rpki-client