Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/fF3QBOp4oTpOnWHPvCPLB1yHDKQ.roa
File: fF3QBOp4oTpOnWHPvCPLB1yHDKQ.roa (raw, json)
Hash identifier: xJX0akuVL4D+9te3uOrJAO0gcWsRGuhmnCi9+Vnvzhk=
Subject key identifier: 7C:5D:D0:04:EA:78:A1:3A:4E:9D:61:CF:BC:23:CB:07:5C:87:0C:A4
Certificate issuer: /CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Certificate serial: 018CC6B934C81E223CC180F568C21A41E73C
Authority key identifier: 3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/fF3QBOp4oTpOnWHPvCPLB1yHDKQ.roa
Signing time: Mon 01 Jan 2024 20:31:15 +0000
ROA not before: Mon 01 Jan 2024 20:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201470
IP address blocks: 155.133.24.0/23 maxlen: 23
2a02:28e9::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:34:c8:1e:22:3c:c1:80:f5:68:c2:1a:41:e7:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Validity
Not Before: Jan 1 20:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c5dd004ea78a13a4e9d61cfbc23cb075c870ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:1b:93:84:30:ec:8a:1d:9f:58:85:66:e9:26:
2b:74:09:27:59:08:ba:82:2f:55:63:5c:1b:ef:d9:
7d:15:92:64:62:f5:a9:f3:c8:53:86:48:bb:c5:06:
6b:b3:57:a6:0f:14:f5:2b:73:96:81:ed:df:f1:01:
c1:66:b0:b6:2d:f3:c8:82:be:1b:17:d4:31:56:e9:
16:0f:bb:4c:da:01:8f:ec:bb:b8:aa:89:8d:ce:70:
f5:f9:a1:24:71:6a:51:e7:8c:b6:b5:c7:5f:8b:18:
eb:82:10:ed:e8:48:90:89:31:e0:b5:28:3d:d1:ec:
61:03:45:c4:c7:42:66:aa:f8:b9:27:ee:a5:9f:54:
03:2b:76:e6:8b:e1:e8:01:11:df:b0:f7:d8:f8:e2:
ee:b1:93:a0:68:69:33:96:aa:70:a7:dd:32:ab:3e:
26:82:c8:96:c9:fa:60:c2:de:a2:85:37:75:40:cd:
97:68:37:44:16:9e:d3:72:9e:19:0e:33:b1:d3:b6:
07:36:96:65:4b:23:5a:27:52:92:6b:98:85:1a:27:
e6:e9:e5:82:5d:90:1c:e4:d2:31:4b:7b:50:fb:a6:
dc:23:90:c7:3f:8f:b2:3c:5c:b5:ef:02:0d:94:76:
1e:21:32:62:51:65:47:7c:20:6b:05:66:da:4f:08:
ac:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5D:D0:04:EA:78:A1:3A:4E:9D:61:CF:BC:23:CB:07:5C:87:0C:A4
X509v3 Authority Key Identifier:
keyid:3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/fF3QBOp4oTpOnWHPvCPLB1yHDKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.24.0/23
IPv6:
2a02:28e9::/32
Signature Algorithm: sha256WithRSAEncryption
b0:ee:9b:c7:e1:46:59:ce:78:79:d5:b5:be:65:b0:d6:95:2b:
0a:2c:31:d9:5e:d9:c9:43:91:65:a4:a6:8f:c9:22:f1:84:09:
ba:5c:b4:0d:e1:40:58:7a:4a:b9:b0:2c:62:0f:4e:45:d7:57:
8f:b8:52:2e:bd:bc:1e:b9:6d:5e:dc:e9:b4:18:0c:ac:4a:58:
90:47:01:9d:63:fe:e5:42:64:91:a8:17:59:42:67:7a:fa:90:
d7:ae:ba:92:15:09:0f:11:29:72:3e:a6:d8:dc:4a:f8:25:60:
1c:2e:79:20:7f:35:cf:30:f4:1d:9a:9e:80:96:02:2b:6c:11:
d0:6b:8f:a8:c8:8c:03:41:a0:91:45:50:ca:56:d0:c1:0e:f8:
07:51:e0:fc:0a:92:82:60:21:eb:a9:57:94:39:d6:7b:fa:d7:
0c:49:8d:31:e5:67:17:f6:59:78:3a:6d:8f:9f:25:d8:ea:d8:
02:5e:3c:f3:8b:df:56:90:95:d7:37:b5:e8:50:fa:e4:37:69:
0f:71:b3:a8:e9:5f:44:19:1d:bc:c2:57:f1:a2:be:33:81:42:
e9:42:20:03:77:26:1c:7b:a1:d3:30:2f:c9:d7:f7:d2:c5:6f:
46:6c:2c:ce:81:a5:16:92:bb:25:6c:45:3b:63:f9:0a:59:a9:
6f:e8:15:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGuTTIHiI8wYD1aMIaQec8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjMyNWVmNGNiYWE2NmNjNzFmZmNjNjg4MDg3N2U3NmUx
NDlhZmQwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVkZDAwNGVhNzhhMTNhNGU5ZDYxY2ZiYzIzY2IwNzVjODcwY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xuThDDsih2fWIVm6SYrdAknWQi6
gi9VY1wb79l9FZJkYvWp88hThki7xQZrs1emDxT1K3OWge3f8QHBZrC2LfPIgr4b
F9QxVukWD7tM2gGP7Lu4qomNznD1+aEkcWpR54y2tcdfixjrghDt6EiQiTHgtSg9
0exhA0XEx0Jmqvi5J+6ln1QDK3bmi+HoARHfsPfY+OLusZOgaGkzlqpwp90yqz4m
gsiWyfpgwt6ihTd1QM2XaDdEFp7Tcp4ZDjOx07YHNpZlSyNaJ1KSa5iFGifm6eWC
XZAc5NIxS3tQ+6bcI5DHP4+yPFy17wINlHYeITJiUWVHfCBrBWbaTwisNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHxd0ATqeKE6Tp1hz7wjywdchwykMB8GA1UdIwQY
MBaAFD7zJe9MuqZsxx/8xogId+duFJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUt
MzRkNzE0ODVjNTQ3LzEvZkYzUUJPcDRvVHBPbldIUHZDUExCMXlIREtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUtMzRkNzE0ODVjNTQ3
LzEvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBm4UYMA0E
AgACMAcDBQAqAijpMA0GCSqGSIb3DQEBCwUAA4IBAQCw7pvH4UZZznh51bW+ZbDW
lSsKLDHZXtnJQ5FlpKaPySLxhAm6XLQN4UBYekq5sCxiD05F11ePuFIuvbweuW1e
3Om0GAysSliQRwGdY/7lQmSRqBdZQmd6+pDXrrqSFQkPESlyPqbY3Er4JWAcLnkg
fzXPMPQdmp6AlgIrbBHQa4+oyIwDQaCRRVDKVtDBDvgHUeD8CpKCYCHrqVeUOdZ7
+tcMSY0x5WcX9ll4Om2PnyXY6tgCXjzzi99WkJXXN7XoUPrkN2kPcbOo6V9EGR28
wlfxor4zgULpQiADdyYce6HTMC/J1/fSxW9GbCzOgaUWkrslbEU7Y/kKWalv6BUq
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:43 2025 by rpki-client