Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0BzV1U2BDUr4i0ioKFs14PxJiPg.roa
File: 0BzV1U2BDUr4i0ioKFs14PxJiPg.roa (raw, json)
Hash identifier: gwoxGxiX47EzdlMkntpmmGQPGz9ihjEBMNV+1kpqcpI=
Subject key identifier: D0:1C:D5:D5:4D:81:0D:4A:F8:8B:48:A8:28:5B:35:E0:FC:49:88:F8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194B715BCBF0806290FE506547C0E66DF40
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0BzV1U2BDUr4i0ioKFs14PxJiPg.roa
Signing time: Thu 30 Jan 2025 12:00:42 +0000
ROA not before: Thu 30 Jan 2025 12:00:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 82.152.7.0/24 maxlen: 24
82.153.228.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 30 Jan 2025 15:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:15:bc:bf:08:06:29:0f:e5:06:54:7c:0e:66:df:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 30 12:00:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d01cd5d54d810d4af88b48a8285b35e0fc4988f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ec:08:ed:49:09:aa:38:5c:9e:22:46:c5:90:
e2:7d:c4:57:07:48:bd:0c:cc:d8:9e:51:35:78:93:
a7:73:bc:43:f0:9a:41:68:81:b8:75:79:df:25:6f:
3a:b2:4f:92:13:ee:24:ab:b2:35:8d:5f:f6:3e:0d:
80:5b:4c:88:3d:31:77:5d:bf:2a:09:31:90:f5:26:
d9:12:14:02:e1:8e:9c:c8:66:26:14:02:5b:41:a0:
c2:5f:c9:ec:4d:d1:9a:d1:44:88:e8:e4:d0:57:ee:
96:99:9f:23:35:f1:b5:d8:c3:f7:7b:49:52:2d:3b:
2b:e6:de:a0:55:b9:d8:85:61:9a:4b:c7:af:74:48:
52:8b:40:a0:c0:52:76:24:ce:ee:d6:29:e9:ed:23:
43:52:af:a3:e0:18:68:cf:cf:e5:99:ce:bf:d4:80:
14:cf:08:b8:52:b9:2b:ad:fe:a7:64:0c:9b:fb:48:
ae:cb:5b:c8:69:47:f6:bb:ce:47:b9:09:07:b1:25:
38:65:76:e1:c0:26:d9:2f:9f:92:53:30:7b:a0:7c:
71:27:84:df:a9:be:ca:4f:d3:61:3f:95:10:4a:63:
ea:fc:7b:03:37:14:81:f5:ac:8f:8c:9d:b9:51:bb:
d5:21:30:fb:b7:f0:be:9d:ae:d0:b5:40:4c:d7:ce:
e8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:1C:D5:D5:4D:81:0D:4A:F8:8B:48:A8:28:5B:35:E0:FC:49:88:F8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0BzV1U2BDUr4i0ioKFs14PxJiPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.7.0/24
82.153.228.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:75:5a:82:08:7f:b7:58:8f:b5:59:dd:b4:80:8b:ca:34:e2:
81:7f:32:3a:3d:4a:0b:60:03:7d:9a:9b:8a:9d:bb:e8:db:8e:
d8:b8:2f:af:fa:75:7f:da:31:7b:82:f1:25:57:a0:d9:c5:d8:
92:6d:d5:39:85:af:f3:29:03:72:5b:00:fa:c5:91:4a:39:32:
86:48:0e:a7:f0:c2:3f:32:f2:3b:20:2f:1d:f9:b6:06:9c:a0:
23:76:42:fc:91:0e:2a:36:17:75:5f:55:74:91:a4:6a:7e:e0:
11:6a:1f:09:6b:1c:08:4a:53:c2:62:d6:e2:c2:f9:2c:44:98:
9e:f0:84:ef:0a:56:40:b4:a5:b6:92:44:bc:18:14:15:75:30:
5b:08:51:2f:bd:69:1d:98:23:32:b4:c4:75:53:9e:2a:d6:6e:
7b:15:c5:d0:4c:3f:04:55:fc:b3:4a:59:15:6a:ba:f6:d8:3c:
db:c0:18:c5:16:99:58:d9:69:e3:d7:86:d4:6d:93:d2:3a:29:
58:98:94:04:b8:35:f1:33:9d:3c:eb:8c:58:57:c9:bf:0a:a7:
49:8f:93:4d:c8:30:3d:d0:d0:c2:15:fc:c9:a2:ea:f9:72:b5:
f1:c6:2e:18:a8:0f:27:38:ca:3e:24:8f:78:eb:37:be:0f:41:
df:b9:60:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZS3Fby/CAYpD+UGVHwOZt9AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTMwMTIwMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDFjZDVkNTRkODEwZDRhZjg4YjQ4YTgyODViMzVlMGZjNDk4OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzewI7UkJqjhcniJGxZDifcRXB0i9
DMzYnlE1eJOnc7xD8JpBaIG4dXnfJW86sk+SE+4kq7I1jV/2Pg2AW0yIPTF3Xb8q
CTGQ9SbZEhQC4Y6cyGYmFAJbQaDCX8nsTdGa0USI6OTQV+6WmZ8jNfG12MP3e0lS
LTsr5t6gVbnYhWGaS8evdEhSi0CgwFJ2JM7u1inp7SNDUq+j4Bhoz8/lmc6/1IAU
zwi4Urkrrf6nZAyb+0iuy1vIaUf2u85HuQkHsSU4ZXbhwCbZL5+SUzB7oHxxJ4Tf
qb7KT9NhP5UQSmPq/HsDNxSB9ayPjJ25UbvVITD7t/C+na7QtUBM187oCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNAc1dVNgQ1K+ItIqChbNeD8SYj4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMEJ6VjFVMkJEVXI0aTBpb0tGczE0UHhKaVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpgHAwQB
UpnkMA0GCSqGSIb3DQEBCwUAA4IBAQCrdVqCCH+3WI+1Wd20gIvKNOKBfzI6PUoL
YAN9mpuKnbvo247YuC+v+nV/2jF7gvElV6DZxdiSbdU5ha/zKQNyWwD6xZFKOTKG
SA6n8MI/MvI7IC8d+bYGnKAjdkL8kQ4qNhd1X1V0kaRqfuARah8JaxwISlPCYtbi
wvksRJie8ITvClZAtKW2kkS8GBQVdTBbCFEvvWkdmCMytMR1U54q1m57FcXQTD8E
VfyzSlkVarr22DzbwBjFFplY2Wnj14bUbZPSOilYmJQEuDXxM50864xYV8m/CqdJ
j5NNyDA90NDCFfzJour5crXxxi4YqA8nOMo+JI946ze+D0HfuWDc
-----END CERTIFICATE-----
Generated at Wed Apr 9 13:13:50 2025 by rpki-client