Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4CUAqFdj51bsa1jDmboFnIEFQ5M.roa
File: 4CUAqFdj51bsa1jDmboFnIEFQ5M.roa (raw, json)
Hash identifier: lVMwq44EdRYh11lY5wN6vtz15nmapVUzVLnDoRW5K9Y=
Subject key identifier: E0:25:00:A8:57:63:E7:56:EC:6B:58:C3:99:BA:05:9C:81:05:43:93
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143F7EB51C403E53B76471F53DA8F42
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4CUAqFdj51bsa1jDmboFnIEFQ5M.roa
Signing time: Wed 01 Jan 2025 09:48:10 +0000
ROA not before: Wed 01 Jan 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138997
IP address blocks: 82.153.228.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 15:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f7:eb:51:c4:03:e5:3b:76:47:1f:53:da:8f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e02500a85763e756ec6b58c399ba059c81054393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ae:03:38:93:e0:ae:9a:69:78:f3:1f:57:74:
0b:b5:c7:fd:60:36:ed:8f:80:67:0b:26:42:68:7b:
45:22:ee:fd:e9:d2:9f:43:dc:4d:41:0f:b7:00:46:
54:d5:49:21:c3:74:7c:6c:d3:92:4c:cd:12:14:fc:
87:ce:d3:ca:e8:96:68:63:7e:b7:22:2a:2e:1c:8a:
4f:33:8f:7c:8f:12:38:94:83:f2:fb:57:e4:46:ad:
4c:a5:ab:30:82:fe:92:47:b2:56:6b:da:1f:ea:dd:
59:1f:e5:3e:37:5e:77:80:16:1c:95:34:96:60:c9:
7a:dc:10:43:c8:de:c7:e6:54:1d:bf:9c:42:69:36:
09:8e:c2:d5:64:f3:9b:b5:f2:f3:49:4d:96:24:98:
e9:b0:44:51:f2:41:d6:72:4b:0a:2d:e0:f5:3c:f1:
75:10:c9:fd:1f:46:20:c7:47:83:06:f7:c0:09:df:
19:2d:d4:5d:fb:07:19:4f:11:36:c9:73:4d:ee:a4:
92:4b:99:f5:b3:74:f3:c7:21:12:94:ef:38:87:72:
e6:58:6d:25:05:8f:97:72:30:f4:db:a4:4b:70:c2:
3d:64:c0:b7:0e:48:ce:3f:f8:f7:8e:9c:03:57:9a:
8c:5b:05:b2:b9:49:92:4e:6a:08:b2:2f:04:6d:7f:
9f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:25:00:A8:57:63:E7:56:EC:6B:58:C3:99:BA:05:9C:81:05:43:93
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4CUAqFdj51bsa1jDmboFnIEFQ5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.228.0/23
Signature Algorithm: sha256WithRSAEncryption
14:71:8a:98:da:10:de:73:02:52:47:9a:44:a6:98:e0:a5:fb:
9d:2e:47:98:aa:96:95:ca:d5:d4:82:c2:00:89:ab:ea:d2:35:
36:47:c7:b9:9f:60:b5:2c:65:95:79:57:26:a2:75:e4:df:ab:
63:b9:42:bc:37:ec:af:af:ae:ec:6d:16:bb:9c:26:d7:33:78:
f1:68:d1:51:d8:b2:fb:92:7f:c1:73:72:1b:61:05:80:3f:36:
ab:e7:15:62:f6:41:1c:c0:4b:6d:36:e9:f8:e8:a6:37:4e:c4:
f6:fd:e7:46:47:7c:63:00:0d:b0:39:9d:aa:9a:76:70:37:15:
fa:c2:d4:4e:9f:29:e0:56:7b:fe:74:85:00:c0:47:d7:36:d4:
bc:cf:b3:c2:93:08:e5:ae:1f:37:bc:14:67:a1:0f:be:d1:9b:
1c:68:79:9c:b1:ee:a8:b8:8a:f8:00:78:27:9c:74:79:82:a3:
67:fb:7d:03:a7:a6:3e:a5:e3:61:e0:11:c9:3a:6f:9c:8a:f2:
22:92:e9:23:cf:28:c9:92:64:6b:15:48:ed:1d:dc:e7:ce:9b:
0e:16:70:5f:fa:07:b4:fb:72:8e:a4:2b:b4:bb:de:fe:8d:4b:
ac:87:ec:84:f9:0e:e2:2b:16:df:42:cc:00:6b:dd:3b:2c:7a:
4b:da:3d:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/frUcQD5Tt2Rx9T2o9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI1MDBhODU3NjNlNzU2ZWM2YjU4YzM5OWJhMDU5YzgxMDU0MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4q4DOJPgrpppePMfV3QLtcf9YDbt
j4BnCyZCaHtFIu796dKfQ9xNQQ+3AEZU1Ukhw3R8bNOSTM0SFPyHztPK6JZoY363
IiouHIpPM498jxI4lIPy+1fkRq1Mpaswgv6SR7JWa9of6t1ZH+U+N153gBYclTSW
YMl63BBDyN7H5lQdv5xCaTYJjsLVZPObtfLzSU2WJJjpsERR8kHWcksKLeD1PPF1
EMn9H0Ygx0eDBvfACd8ZLdRd+wcZTxE2yXNN7qSSS5n1s3TzxyESlO84h3LmWG0l
BY+XcjD026RLcMI9ZMC3DkjOP/j3jpwDV5qMWwWyuUmSTmoIsi8EbX+fuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOAlAKhXY+dW7GtYw5m6BZyBBUOTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNENVQXFGZGo1MWJzYTFqRG1ib0ZuSUVGUTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUpnkMA0G
CSqGSIb3DQEBCwUAA4IBAQAUcYqY2hDecwJSR5pEppjgpfudLkeYqpaVytXUgsIA
iavq0jU2R8e5n2C1LGWVeVcmonXk36tjuUK8N+yvr67sbRa7nCbXM3jxaNFR2LL7
kn/Bc3IbYQWAPzar5xVi9kEcwEttNun46KY3TsT2/edGR3xjAA2wOZ2qmnZwNxX6
wtROnyngVnv+dIUAwEfXNtS8z7PCkwjlrh83vBRnoQ++0ZscaHmcse6ouIr4AHgn
nHR5gqNn+30Dp6Y+peNh4BHJOm+civIikukjzyjJkmRrFUjtHdznzpsOFnBf+ge0
+3KOpCu0u97+jUush+yE+Q7iKxbfQswAa907LHpL2j1r
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:38:32 2025 by rpki-client