Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5jQnLOQT5ME3OqQf4kE8bstMqgQ.roa
File: 5jQnLOQT5ME3OqQf4kE8bstMqgQ.roa (raw, json)
Hash identifier: xND1mVwbe64XNPxKf/iOmRkYTNBZWCJjUSDJNIkNz30=
Subject key identifier: E6:34:27:2C:E4:13:E4:C1:37:3A:A4:1F:E2:41:3C:6E:CB:4C:AA:04
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3495D5FDE5B8A09582A768DE391452C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5jQnLOQT5ME3OqQf4kE8bstMqgQ.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204174
IP address blocks: 82.153.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Sep 2024 10:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5d:5f:de:5b:8a:09:58:2a:76:8d:e3:91:45:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e634272ce413e4c1373aa41fe2413c6ecb4caa04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4e:02:99:24:bf:c6:9d:80:e8:67:81:58:a8:
41:3a:50:a6:17:2e:e7:15:ef:eb:e2:3f:75:ef:4e:
05:2c:18:18:1b:fe:4f:ba:2e:07:53:6e:47:54:16:
fd:96:5d:7e:06:52:c5:5a:bf:6d:e0:32:07:8a:4b:
13:03:b6:65:a3:9b:98:e7:87:51:83:14:6a:4b:81:
a3:23:a8:8b:99:18:07:4b:bd:c9:4d:48:ed:8b:ed:
fc:67:09:b4:1e:c6:27:b2:c1:17:d0:40:4c:4f:24:
2f:e1:26:2c:7b:d2:6f:c0:25:b2:24:f0:14:5c:4c:
f6:72:c3:f0:5d:ce:97:c3:b3:d8:93:1c:f6:6b:9d:
e5:8f:c0:b4:5f:c7:9f:4a:65:57:91:e6:26:c1:36:
e9:95:16:80:62:fa:90:5d:bd:1b:5a:7d:d5:81:3a:
6f:e5:c5:a4:ee:e6:6e:85:f8:58:c6:2e:3e:33:78:
3b:73:dc:8f:9e:10:f0:d0:c2:4c:6d:a2:14:75:2f:
2b:26:4b:ed:c7:d2:2c:11:80:48:a8:08:80:35:d8:
da:25:c1:a2:9f:c3:47:a6:5d:3b:4e:64:4c:17:3d:
03:89:fa:1b:9d:e0:ae:3a:d6:02:2c:1b:39:04:f1:
f7:4e:6b:60:40:01:dd:e0:4f:f2:9e:24:86:07:26:
43:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:34:27:2C:E4:13:E4:C1:37:3A:A4:1F:E2:41:3C:6E:CB:4C:AA:04
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5jQnLOQT5ME3OqQf4kE8bstMqgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.222.0/24
Signature Algorithm: sha256WithRSAEncryption
12:e1:95:bd:a1:98:d2:b0:ed:66:03:d4:6c:46:46:3e:69:35:
63:51:e8:72:a9:03:c2:5d:e3:3b:4f:fa:19:4b:37:25:ac:1b:
e4:a9:9b:1f:8e:63:33:71:b7:57:9c:b8:5c:62:2d:09:e5:f5:
98:d5:e4:49:8c:f8:2f:0b:da:b3:ef:ca:5d:77:68:71:5d:c7:
e7:ee:a5:5a:17:2c:33:58:d6:3a:6f:d4:95:40:d3:4c:67:02:
5c:76:0c:77:48:17:6b:29:49:ae:a9:d2:81:54:ad:4d:eb:e6:
88:7d:b1:97:69:19:ae:da:67:85:85:ad:0b:87:73:fd:64:60:
48:1d:1f:39:d9:04:76:d1:ad:e6:47:e5:69:52:81:ea:3c:0b:
5c:64:60:22:b1:06:9c:45:19:57:f8:87:d7:0e:83:6d:5f:9c:
96:4a:3c:2d:b8:57:00:31:63:cb:0e:ce:2e:a0:85:82:40:91:
20:f8:8e:64:67:42:73:a4:cd:9b:e5:32:c3:7d:78:36:c2:97:
5e:9a:5c:96:5d:d1:d7:d1:d1:4e:95:d9:90:88:8f:8a:12:40:
16:b2:d1:68:eb:f6:f4:31:07:36:6f:44:10:43:d0:f9:9f:12:
19:aa:77:aa:cc:8b:0d:f6:84:78:59:5a:2c:12:0e:fa:ec:f6:
67:61:42:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSV1f3luKCVgqdo3jkUUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjM0MjcyY2U0MTNlNGMxMzczYWE0MWZlMjQxM2M2ZWNiNGNhYTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm04CmSS/xp2A6GeBWKhBOlCmFy7n
Fe/r4j91704FLBgYG/5Pui4HU25HVBb9ll1+BlLFWr9t4DIHiksTA7Zlo5uY54dR
gxRqS4GjI6iLmRgHS73JTUjti+38Zwm0HsYnssEX0EBMTyQv4SYse9JvwCWyJPAU
XEz2csPwXc6Xw7PYkxz2a53lj8C0X8efSmVXkeYmwTbplRaAYvqQXb0bWn3VgTpv
5cWk7uZuhfhYxi4+M3g7c9yPnhDw0MJMbaIUdS8rJkvtx9IsEYBIqAiANdjaJcGi
n8NHpl07TmRMFz0DifobneCuOtYCLBs5BPH3TmtgQAHd4E/yniSGByZDowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOY0JyzkE+TBNzqkH+JBPG7LTKoEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNWpRbkxPUVQ1TUUzT3FRZjRrRThic3RNcWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpneMA0G
CSqGSIb3DQEBCwUAA4IBAQAS4ZW9oZjSsO1mA9RsRkY+aTVjUehyqQPCXeM7T/oZ
SzclrBvkqZsfjmMzcbdXnLhcYi0J5fWY1eRJjPgvC9qz78pdd2hxXcfn7qVaFywz
WNY6b9SVQNNMZwJcdgx3SBdrKUmuqdKBVK1N6+aIfbGXaRmu2meFha0Lh3P9ZGBI
HR852QR20a3mR+VpUoHqPAtcZGAisQacRRlX+IfXDoNtX5yWSjwtuFcAMWPLDs4u
oIWCQJEg+I5kZ0JzpM2b5TLDfXg2wpdemlyWXdHX0dFOldmQiI+KEkAWstFo6/b0
MQc2b0QQQ9D5nxIZqneqzIsN9oR4WVosEg767PZnYULa
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:27:32 2025 by rpki-client