Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/APf-C-jpbEODqhNVaDUbPbopHdU.roa
File: APf-C-jpbEODqhNVaDUbPbopHdU.roa (raw, json)
Hash identifier: Q3jHPVVPrkr2BsBIlj7CX900hVNTBVJ1EBCbK6ID+pE=
Subject key identifier: 00:F7:FE:0B:E8:E9:6C:43:83:AA:13:55:68:35:1B:3D:BA:29:1D:D5
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 018CC7275E9B05B500C11FA98DCF27C9D94F
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/APf-C-jpbEODqhNVaDUbPbopHdU.roa
Signing time: Mon 01 Jan 2024 22:31:35 +0000
ROA not before: Mon 01 Jan 2024 22:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3549
IP address blocks: 192.109.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5e:9b:05:b5:00:c1:1f:a9:8d:cf:27:c9:d9:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 22:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00f7fe0be8e96c4383aa135568351b3dba291dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ce:22:0d:ff:48:25:1d:c0:83:e9:2e:ea:41:
47:9b:78:4c:a2:cf:a7:fe:96:0f:47:d9:81:94:bc:
9a:4d:4a:71:10:10:82:07:b5:b3:79:f0:c1:c5:dd:
b0:0e:33:74:35:71:ba:23:06:d0:35:be:e6:ff:57:
c4:a1:bd:37:22:7c:2a:b7:9e:9d:b8:58:25:76:73:
2e:59:d0:ef:39:f9:06:01:d5:19:3c:35:33:16:4b:
21:a4:72:a2:ac:b5:2f:26:e8:80:af:1c:97:83:86:
57:62:73:88:d6:4b:04:9e:b6:83:02:38:d9:8f:77:
0a:1a:7c:f8:43:b7:52:5d:c5:a4:5e:b4:61:8c:30:
c6:c1:38:13:7d:01:7f:a4:17:83:7a:f2:93:4d:25:
6d:84:5a:bf:57:80:9e:d7:fc:8a:b5:56:81:fe:44:
e9:c4:8c:1a:f0:55:e7:c1:fb:04:b5:25:bc:00:9c:
67:3a:5b:88:b6:92:c4:ee:fb:14:35:25:c0:e3:19:
b0:50:3c:af:84:22:a4:e6:0c:13:2c:67:c4:6e:04:
7f:6a:5e:7e:44:b5:f9:25:95:94:a3:ce:59:57:07:
6d:3a:67:f8:7a:59:fe:bc:f1:19:cd:dc:69:a9:db:
d9:80:56:db:7e:ae:06:cf:51:8d:37:3b:83:5a:5d:
01:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F7:FE:0B:E8:E9:6C:43:83:AA:13:55:68:35:1B:3D:BA:29:1D:D5
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/APf-C-jpbEODqhNVaDUbPbopHdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.148.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:dd:58:e1:bf:39:35:71:3f:d7:db:a5:82:41:a6:ff:7a:6f:
ba:1b:16:06:d4:b6:fe:77:ed:d3:20:7d:8e:40:f9:a3:5c:e1:
2d:73:b9:67:b8:ee:1a:7e:db:5c:23:98:df:8f:10:6b:dc:0e:
af:2c:05:19:1a:f8:f6:3a:f6:69:5b:f9:fb:e1:ab:ea:d9:c0:
67:28:89:a3:f5:dc:f9:18:38:24:7d:b6:34:a4:8c:3e:71:57:
63:cd:05:ce:87:3c:be:f5:c7:e2:4f:55:16:13:13:0d:9e:1e:
28:18:53:60:d3:86:28:b2:3a:6b:03:ce:5b:7a:62:e7:0c:89:
9c:b7:4a:2d:36:aa:e1:6f:55:9f:71:61:eb:3d:6d:9a:b3:7b:
35:85:42:e1:fc:96:c8:dc:f9:e7:a7:ff:d0:52:36:b6:47:5e:
c8:70:10:85:18:dc:29:f0:59:9c:00:f2:95:33:73:f7:93:69:
7a:a0:e1:7c:4b:39:b4:8f:ef:9b:b0:ab:b0:d7:5b:ab:c7:8b:
31:62:ac:bc:28:75:7f:b0:b1:67:1c:88:30:40:99:8d:b8:e1:
44:fd:a4:ac:07:ff:dc:7d:4c:ca:f8:a1:0a:90:bd:1e:21:b7:
ec:a3:24:80:51:22:34:13:22:bc:0c:bf:7b:53:0f:83:be:4e:
5f:7e:02:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJ16bBbUAwR+pjc8nydlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzdkODA3ZDRmN2NkZDNlMGFmZTRhYmM4ZWU1YTg4MGM2
MDkwZjEwHhcNMjQwMTAxMjIzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGY3ZmUwYmU4ZTk2YzQzODNhYTEzNTU2ODM1MWIzZGJhMjkxZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh84iDf9IJR3Ag+ku6kFHm3hMos+n
/pYPR9mBlLyaTUpxEBCCB7WzefDBxd2wDjN0NXG6IwbQNb7m/1fEob03Inwqt56d
uFgldnMuWdDvOfkGAdUZPDUzFkshpHKirLUvJuiArxyXg4ZXYnOI1ksEnraDAjjZ
j3cKGnz4Q7dSXcWkXrRhjDDGwTgTfQF/pBeDevKTTSVthFq/V4Ce1/yKtVaB/kTp
xIwa8FXnwfsEtSW8AJxnOluItpLE7vsUNSXA4xmwUDyvhCKk5gwTLGfEbgR/al5+
RLX5JZWUo85ZVwdtOmf4eln+vPEZzdxpqdvZgFbbfq4Gz1GNNzuDWl0BFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAD3/gvo6WxDg6oTVWg1Gz26KR3VMB8GA1UdIwQY
MBaAFAo32AfU983T4K/kq8juWogMYJDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjkt
ODAwZWRhMmNmYjM2LzEvQVBmLUMtanBiRU9EcWhOVmFEVWJQYm9wSGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iYzI2OGQtNjFmMC00NzFmLWFhYjktODAwZWRhMmNmYjM2
LzEvQ2pmWUI5VDN6ZFBnci1TcnlPNWFpQXhna1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2UMA0G
CSqGSIb3DQEBCwUAA4IBAQCa3Vjhvzk1cT/X26WCQab/em+6GxYG1Lb+d+3TIH2O
QPmjXOEtc7lnuO4afttcI5jfjxBr3A6vLAUZGvj2OvZpW/n74avq2cBnKImj9dz5
GDgkfbY0pIw+cVdjzQXOhzy+9cfiT1UWExMNnh4oGFNg04YosjprA85bemLnDImc
t0otNqrhb1WfcWHrPW2as3s1hULh/JbI3Pnnp//QUja2R17IcBCFGNwp8FmcAPKV
M3P3k2l6oOF8Szm0j++bsKuw11urx4sxYqy8KHV/sLFnHIgwQJmNuOFE/aSsB//c
fUzK+KEKkL0eIbfsoySAUSI0EyK8DL97Uw+Dvk5ffgJt
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:12:00 2025 by rpki-client