Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Hs25izVXiOq8y2CeuEsMW6day4.roa
File: 0Hs25izVXiOq8y2CeuEsMW6day4.roa (raw, json)
Hash identifier: dcjb5GRMpDqyxQRaoW5M2OduvdKuXEx/jRe+djJipH8=
Subject key identifier: D0:7B:36:E6:2C:D5:5E:23:AA:F3:2D:82:7A:E1:2C:31:6E:9D:6B:2E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CCE8A4B7159B1E2DD4C72BC5EB211EBB6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Hs25izVXiOq8y2CeuEsMW6day4.roa
Signing time: Wed 03 Jan 2024 08:56:58 +0000
ROA not before: Wed 03 Jan 2024 08:56:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 82.153.228.0/23 maxlen: 23
82.152.176.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 23 Jan 2024 10:58:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:8a:4b:71:59:b1:e2:dd:4c:72:bc:5e:b2:11:eb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 3 08:56:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d07b36e62cd55e23aaf32d827ae12c316e9d6b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e9:5d:d8:09:64:cd:8b:35:e3:33:8b:30:1c:
dd:dd:cb:46:d3:38:04:af:b1:93:f0:43:9f:8c:0f:
e2:ba:88:82:18:9a:3e:7b:b2:da:f7:65:69:75:d4:
c9:49:99:1c:a5:9d:db:c8:c8:13:73:80:18:de:23:
87:2a:fd:e3:42:63:56:e4:54:c2:d9:57:14:26:28:
52:b1:ee:aa:d5:3a:97:10:23:e4:68:c4:3e:3a:fa:
fd:ec:5a:36:90:9d:d6:2f:cd:c3:40:1e:67:d1:ae:
a9:e6:29:98:18:a2:28:17:aa:43:3d:7c:b7:a3:88:
35:27:05:90:64:b0:24:72:a9:b2:bd:24:99:18:6e:
5f:b0:92:6e:16:5e:7f:2d:8a:78:f2:72:bb:d9:2e:
15:07:7e:e7:35:e8:94:8a:b0:34:37:9d:c3:23:87:
df:5c:15:cb:f9:42:81:b1:39:19:b8:ae:81:08:87:
05:81:62:69:f1:67:d0:05:eb:b2:74:bb:08:f9:fc:
d5:0b:23:45:d0:cd:f7:5a:ba:80:26:b6:67:b7:05:
cd:e4:b7:5e:08:34:3c:b5:29:73:1f:84:38:6a:77:
f8:e3:2a:aa:32:23:35:54:6d:e0:e6:00:6a:ea:15:
ea:00:84:a2:1f:fb:5f:3d:4e:a3:40:57:03:50:fb:
8c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7B:36:E6:2C:D5:5E:23:AA:F3:2D:82:7A:E1:2C:31:6E:9D:6B:2E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0Hs25izVXiOq8y2CeuEsMW6day4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/23
82.153.228.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:2d:80:ef:83:8f:fd:d8:a8:97:a6:d8:aa:fd:3b:fd:46:f6:
0a:ca:e3:80:62:9a:83:4d:07:8b:e8:73:92:9e:50:49:71:70:
3f:cc:2e:1f:dc:7a:23:87:c0:84:cc:0a:c8:50:23:e4:d9:c5:
58:fd:78:82:20:e8:36:61:bc:2c:ad:46:4e:61:68:f4:ea:45:
35:7c:73:2d:ec:34:5c:db:40:68:22:dc:f4:8c:15:f2:36:dc:
9c:ce:d1:8e:9c:ec:a6:89:d2:ce:f5:bf:9e:f0:bb:24:bd:00:
25:e9:af:be:03:67:7d:07:4c:eb:a3:d8:82:e5:ef:cb:68:5a:
f6:57:5d:24:4d:25:f4:da:a6:b7:93:04:51:d6:a7:14:9c:48:
b9:41:83:5f:97:10:05:52:1a:9f:81:74:86:76:99:0e:2d:1e:
dc:71:86:1c:bc:ca:a8:5a:2b:16:e2:e4:a8:d9:59:17:a2:d7:
f8:2a:3f:f5:0e:57:44:8a:ab:eb:25:1e:b6:89:16:c5:9f:83:
65:9b:4f:e5:23:cc:3e:a7:7d:f9:a8:84:c7:08:b4:37:6d:8b:
58:cb:6a:2b:b1:87:e9:15:6b:c7:4e:f5:b0:58:0c:e2:cc:f7:
f7:0f:bd:d6:68:f6:8c:a0:51:9f:06:92:2d:3e:f9:5c:33:82:
88:4b:8a:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzOiktxWbHi3UxyvF6yEeu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAzMDg1NjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdiMzZlNjJjZDU1ZTIzYWFmMzJkODI3YWUxMmMzMTZlOWQ2YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+ld2AlkzYs14zOLMBzd3ctG0zgE
r7GT8EOfjA/iuoiCGJo+e7La92VpddTJSZkcpZ3byMgTc4AY3iOHKv3jQmNW5FTC
2VcUJihSse6q1TqXECPkaMQ+Ovr97Fo2kJ3WL83DQB5n0a6p5imYGKIoF6pDPXy3
o4g1JwWQZLAkcqmyvSSZGG5fsJJuFl5/LYp48nK72S4VB37nNeiUirA0N53DI4ff
XBXL+UKBsTkZuK6BCIcFgWJp8WfQBeuydLsI+fzVCyNF0M33WrqAJrZntwXN5Lde
CDQ8tSlzH4Q4anf44yqqMiM1VG3g5gBq6hXqAISiH/tfPU6jQFcDUPuM6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNB7NuYs1V4jqvMtgnrhLDFunWsuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMEhzMjVpelZYaU9xOHkyQ2V1RXNNVzZkYXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUpiwAwQB
UpnkMA0GCSqGSIb3DQEBCwUAA4IBAQBaLYDvg4/92KiXptiq/Tv9RvYKyuOAYpqD
TQeL6HOSnlBJcXA/zC4f3Hojh8CEzArIUCPk2cVY/XiCIOg2YbwsrUZOYWj06kU1
fHMt7DRc20BoItz0jBXyNtycztGOnOymidLO9b+e8LskvQAl6a++A2d9B0zro9iC
5e/LaFr2V10kTSX02qa3kwRR1qcUnEi5QYNflxAFUhqfgXSGdpkOLR7ccYYcvMqo
WisW4uSo2VkXotf4Kj/1DldEiqvrJR62iRbFn4Nlm0/lI8w+p335qITHCLQ3bYtY
y2orsYfpFWvHTvWwWAzizPf3D73WaPaMoFGfBpItPvlcM4KIS4oy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:19 2024 by rpki-client on console-ams.rpki-client.org