Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8xswMfXZJvNN4SXNRGr4h_U3MSc.roa
File: 8xswMfXZJvNN4SXNRGr4h_U3MSc.roa (raw, json)
Hash identifier: fOUFt2AeF0L7ZKpJxjHMRfSHReQcH5LGWK8R1xpKyno=
Subject key identifier: F3:1B:30:31:F5:D9:26:F3:4D:E1:25:CD:44:6A:F8:87:F5:37:31:27
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01901C433F02F0DDE0E6E556309105BF998B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8xswMfXZJvNN4SXNRGr4h_U3MSc.roa
Signing time: Sat 15 Jun 2024 14:18:07 +0000
ROA not before: Sat 15 Jun 2024 14:18:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214704
IP address blocks: 82.152.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 15:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1c:43:3f:02:f0:dd:e0:e6:e5:56:30:91:05:bf:99:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 15 14:18:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f31b3031f5d926f34de125cd446af887f5373127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:15:8c:f8:08:9e:40:9c:fd:7a:21:7c:09:2b:
0c:8d:f2:1c:6b:02:34:87:75:7f:69:28:00:c7:70:
7a:52:ba:d7:3e:20:7f:06:18:9d:85:41:33:a0:7f:
e1:77:8e:f5:7d:6b:7d:28:38:fa:a5:d4:9f:95:52:
37:32:d8:6b:80:72:7d:b1:58:60:c9:2d:4e:a3:0f:
58:2b:79:f9:30:bd:a6:0f:d0:1c:bd:f0:23:b5:78:
63:95:7b:4a:6f:aa:65:55:af:85:ac:8f:78:fa:83:
04:9c:21:eb:6b:3b:e2:c3:35:03:11:51:13:72:18:
f0:24:42:97:b5:cf:19:b4:ca:10:0d:84:4c:21:54:
8c:0f:24:01:d4:f3:36:f1:05:ce:59:a7:6c:c2:f0:
8f:ab:2b:12:58:2e:1c:da:38:95:7e:99:8a:94:7d:
7c:31:a9:a7:b1:e9:40:62:00:16:78:89:89:50:38:
62:4c:d4:25:63:3a:5c:46:14:d8:db:42:16:4c:26:
c3:0b:78:df:57:3c:24:d6:15:49:cf:76:fb:32:02:
15:1c:b7:1b:08:83:ef:be:cd:39:87:3a:78:96:68:
af:fc:db:3b:7b:c1:6c:18:d1:75:b8:b3:6d:4c:b4:
6a:0c:0f:d6:f2:25:48:2c:f8:45:70:69:fd:81:a3:
48:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:1B:30:31:F5:D9:26:F3:4D:E1:25:CD:44:6A:F8:87:F5:37:31:27
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8xswMfXZJvNN4SXNRGr4h_U3MSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f8:b1:55:f0:d6:f6:2c:04:a7:59:89:f3:b8:8d:58:4e:33:
f0:32:67:56:24:60:06:d6:5b:42:9c:48:9b:a5:d4:e2:71:fd:
03:fb:65:c5:05:f5:69:bb:86:cd:d4:e9:81:db:67:91:45:0b:
63:f4:57:4f:b3:67:ad:d0:67:37:8f:3b:1e:f4:3e:a6:e3:a1:
58:0a:dc:0c:59:d5:02:49:a8:36:3a:ed:a4:77:ed:0a:9e:3c:
1d:25:d9:9e:69:63:16:a3:71:9b:9d:69:22:05:92:62:c3:6f:
51:44:a7:b6:d3:f0:a7:86:dc:80:70:b0:ce:7a:36:f8:2f:a3:
84:6c:f6:a1:40:0b:f4:6d:57:fb:98:08:0b:2b:44:fb:b2:48:
cb:15:cc:55:82:32:89:8a:7e:21:ac:14:5a:81:d4:06:44:b6:
5d:0b:01:fd:cc:6f:46:82:ed:d6:06:11:74:21:be:25:fa:00:
fa:5a:d9:2b:71:b7:95:40:f3:3f:00:b9:13:21:53:b1:57:16:
30:4d:bd:ea:ea:e0:91:38:76:ab:97:98:07:c0:dc:8c:d7:15:
46:e7:9e:fa:db:17:f0:c3:74:a4:79:48:37:1d:69:1d:69:23:
fa:19:9e:9e:b7:26:54:f7:5a:79:63:24:49:78:a7:4b:c0:ce:
ed:5b:d5:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAcQz8C8N3g5uVWMJEFv5mLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjE1MTQxODA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzFiMzAzMWY1ZDkyNmYzNGRlMTI1Y2Q0NDZhZjg4N2Y1MzczMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1BWM+AieQJz9eiF8CSsMjfIcawI0
h3V/aSgAx3B6UrrXPiB/BhidhUEzoH/hd471fWt9KDj6pdSflVI3MthrgHJ9sVhg
yS1Oow9YK3n5ML2mD9AcvfAjtXhjlXtKb6plVa+FrI94+oMEnCHrazviwzUDEVET
chjwJEKXtc8ZtMoQDYRMIVSMDyQB1PM28QXOWadswvCPqysSWC4c2jiVfpmKlH18
MamnselAYgAWeImJUDhiTNQlYzpcRhTY20IWTCbDC3jfVzwk1hVJz3b7MgIVHLcb
CIPvvs05hzp4lmiv/Ns7e8FsGNF1uLNtTLRqDA/W8iVILPhFcGn9gaNICQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMbMDH12SbzTeElzURq+If1NzEnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOHhzd01mWFpKdk5ONFNYTlJHcjRoX1UzTVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpiOMA0G
CSqGSIb3DQEBCwUAA4IBAQBn+LFV8Nb2LASnWYnzuI1YTjPwMmdWJGAG1ltCnEib
pdTicf0D+2XFBfVpu4bN1OmB22eRRQtj9FdPs2et0Gc3jzse9D6m46FYCtwMWdUC
Sag2Ou2kd+0KnjwdJdmeaWMWo3GbnWkiBZJiw29RRKe20/CnhtyAcLDOejb4L6OE
bPahQAv0bVf7mAgLK0T7skjLFcxVgjKJin4hrBRagdQGRLZdCwH9zG9Ggu3WBhF0
Ib4l+gD6WtkrcbeVQPM/ALkTIVOxVxYwTb3q6uCROHarl5gHwNyM1xVG55762xfw
w3SkeUg3HWkdaSP6GZ6etyZU91p5YyRJeKdLwM7tW9WE
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:47 2025 by rpki-client