Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/PelBp1nrDLVYr3u8Qqewx4mWNXo.roa
File: PelBp1nrDLVYr3u8Qqewx4mWNXo.roa (raw, json)
Hash identifier: D3wmNwJGS01b8EbLiQZZ78Eh5DxBZaTY7dJJ4PlOzu8=
Subject key identifier: 3D:E9:41:A7:59:EB:0C:B5:58:AF:7B:BC:42:A7:B0:C7:89:96:35:7A
Certificate issuer: /CN=d6fb452a0ae33dfa52aaaacba794df1af6bc4334
Certificate serial: 018CC72573F4932940CEE61ADC1AE0CCD2FE
Authority key identifier: D6:FB:45:2A:0A:E3:3D:FA:52:AA:AA:CB:A7:94:DF:1A:F6:BC:43:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vtFKgrjPfpSqqrLp5TfGva8QzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/PelBp1nrDLVYr3u8Qqewx4mWNXo.roa
Signing time: Mon 01 Jan 2024 22:29:29 +0000
ROA not before: Mon 01 Jan 2024 22:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34959
IP address blocks: 194.55.234.0/23 maxlen: 23
194.55.244.0/23 maxlen: 23
2a0f:1140::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 26 Jul 2024 11:12:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:73:f4:93:29:40:ce:e6:1a:dc:1a:e0:cc:d2:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6fb452a0ae33dfa52aaaacba794df1af6bc4334
Validity
Not Before: Jan 1 22:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3de941a759eb0cb558af7bbc42a7b0c78996357a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8c:a9:3a:99:f0:ed:50:38:97:09:a9:54:e8:
b3:19:fa:68:23:8f:d3:c5:6b:b8:f1:cd:51:66:91:
2c:4e:37:ab:cb:4a:30:7d:cf:47:15:52:11:cd:cf:
f6:24:a6:ee:5e:13:60:36:92:43:d5:8a:1c:d4:8e:
c9:3d:02:2b:9a:87:6e:b3:64:8b:22:91:e8:8b:ff:
e7:7a:a7:4a:a9:66:f7:16:8a:ba:2c:f3:e8:c2:5f:
ef:fc:82:80:29:66:d9:ab:35:b9:2f:e9:de:dc:2f:
2b:af:b6:cb:a5:f7:6f:63:b6:96:5e:29:af:b8:78:
c7:11:9f:ab:14:63:61:36:40:bb:47:09:23:a7:89:
6b:17:86:1b:81:02:ef:50:23:34:2b:ad:8e:7c:74:
38:af:ce:70:aa:f0:58:23:5c:9f:f4:53:67:17:90:
47:1c:2c:2a:b9:85:24:62:49:24:40:c3:d7:d7:d3:
68:b8:b7:60:4d:5f:47:4c:f3:bc:1b:16:1e:a8:65:
59:f2:32:5b:10:30:f8:c0:de:49:f5:91:03:b9:5d:
96:1b:70:56:ab:cb:03:ee:1b:87:f6:2a:fd:50:b1:
5e:c0:05:b1:83:e6:c9:51:d6:2f:f5:5a:62:ac:c3:
cf:04:c4:14:06:96:2d:ad:6a:4e:fa:6a:7a:fc:7d:
22:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E9:41:A7:59:EB:0C:B5:58:AF:7B:BC:42:A7:B0:C7:89:96:35:7A
X509v3 Authority Key Identifier:
keyid:D6:FB:45:2A:0A:E3:3D:FA:52:AA:AA:CB:A7:94:DF:1A:F6:BC:43:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vtFKgrjPfpSqqrLp5TfGva8QzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/PelBp1nrDLVYr3u8Qqewx4mWNXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/1vtFKgrjPfpSqqrLp5TfGva8QzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.234.0/23
194.55.244.0/23
IPv6:
2a0f:1140::/32
Signature Algorithm: sha256WithRSAEncryption
a5:0e:f1:70:db:21:dc:17:fa:a5:86:de:5c:3f:83:87:17:be:
fd:83:ae:a1:44:2a:e1:29:80:2d:1e:d0:b5:fb:7a:b9:ee:99:
bb:5d:eb:72:34:a3:98:60:08:c0:64:aa:fc:71:9d:50:1f:bf:
f0:f4:39:0f:b8:3a:e6:07:58:ec:7d:c7:32:27:50:19:d0:f9:
8c:ac:01:43:e7:cb:95:ed:0c:a9:66:b7:35:dd:96:5f:58:0f:
f3:5e:37:21:0e:db:2b:c3:07:55:cc:27:c9:40:23:b4:ee:4a:
76:fc:9c:d1:4a:d9:3c:93:ba:77:ff:51:a2:22:71:e5:15:80:
29:88:34:e5:90:56:dc:fe:f0:74:26:b5:09:e6:a8:d9:f7:c7:
7b:95:e5:42:d9:e0:f6:09:e4:ef:c4:d8:df:45:5d:39:76:83:
93:0b:77:4c:93:67:3b:f5:f2:27:20:de:4f:5c:9b:38:0f:2a:
00:49:9b:1e:89:94:21:28:4b:58:d5:39:b1:22:86:03:8b:55:
03:5c:18:b6:f4:9a:ba:66:d7:c4:8c:90:f3:11:65:92:af:1f:
2c:dc:4a:e1:8f:3f:1d:d7:05:a5:27:8b:0d:b1:5a:22:1e:31:
1c:36:28:cf:3e:94:fe:7d:f1:b2:3d:4d:b4:57:24:0e:6f:11:
df:db:e8:bb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJXP0kylAzuYa3BrgzNL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZmI0NTJhMGFlMzNkZmE1MmFhYWFjYmE3OTRkZjFhZjZi
YzQzMzQwHhcNMjQwMTAxMjIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGU5NDFhNzU5ZWIwY2I1NThhZjdiYmM0MmE3YjBjNzg5OTYzNTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIypOpnw7VA4lwmpVOizGfpoI4/T
xWu48c1RZpEsTjery0owfc9HFVIRzc/2JKbuXhNgNpJD1Yoc1I7JPQIrmodus2SL
IpHoi//neqdKqWb3Foq6LPPowl/v/IKAKWbZqzW5L+ne3C8rr7bLpfdvY7aWXimv
uHjHEZ+rFGNhNkC7Rwkjp4lrF4YbgQLvUCM0K62OfHQ4r85wqvBYI1yf9FNnF5BH
HCwquYUkYkkkQMPX19NouLdgTV9HTPO8GxYeqGVZ8jJbEDD4wN5J9ZEDuV2WG3BW
q8sD7huH9ir9ULFewAWxg+bJUdYv9VpirMPPBMQUBpYtrWpO+mp6/H0ijwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD3pQadZ6wy1WK97vEKnsMeJljV6MB8GA1UdIwQY
MBaAFNb7RSoK4z36Uqqqy6eU3xr2vEM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXZ0RktncmpQZnBTcXFyTHA1VGZHdmE4UXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYmRkN2UtYTcyOS00OWFkLTg1YWEt
Zjc1OTYyZDMwZTM2LzEvUGVsQnAxbnJETFZZcjN1OFFxZXd4NG1XTlhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zYmRkN2UtYTcyOS00OWFkLTg1YWEtZjc1OTYyZDMwZTM2
LzEvMXZ0RktncmpQZnBTcXFyTHA1VGZHdmE4UXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwjfqAwQB
wjf0MA0EAgACMAcDBQAqDxFAMA0GCSqGSIb3DQEBCwUAA4IBAQClDvFw2yHcF/ql
ht5cP4OHF779g66hRCrhKYAtHtC1+3q57pm7XetyNKOYYAjAZKr8cZ1QH7/w9DkP
uDrmB1jsfccyJ1AZ0PmMrAFD58uV7QypZrc13ZZfWA/zXjchDtsrwwdVzCfJQCO0
7kp2/JzRStk8k7p3/1GiInHlFYApiDTlkFbc/vB0JrUJ5qjZ98d7leVC2eD2CeTv
xNjfRV05doOTC3dMk2c79fInIN5PXJs4DyoASZseiZQhKEtY1TmxIoYDi1UDXBi2
9Jq6ZtfEjJDzEWWSrx8s3Erhjz8d1wWlJ4sNsVoiHjEcNijPPpT+ffGyPU20VyQO
bxHf2+i7
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:37:38 2025 by rpki-client