Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bw9L2KYpEb7GGm2WiCHPiResi9E.roa
File: Bw9L2KYpEb7GGm2WiCHPiResi9E.roa (raw, json)
Hash identifier: noYZilFtWW/51o/V/toVkOW2srgWkftEpvn9EHkWLN4=
Subject key identifier: 07:0F:4B:D8:A6:29:11:BE:C6:1A:6D:96:88:21:CF:89:17:AC:8B:D1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190175C7965281B04BF34E8775C25E96910
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bw9L2KYpEb7GGm2WiCHPiResi9E.roa
Signing time: Fri 14 Jun 2024 15:27:34 +0000
ROA not before: Fri 14 Jun 2024 15:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212027
IP address blocks: 82.153.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 15:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:5c:79:65:28:1b:04:bf:34:e8:77:5c:25:e9:69:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 14 15:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=070f4bd8a62911bec61a6d968821cf8917ac8bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:78:e9:22:2c:aa:68:4c:67:ff:53:b2:bb:d0:
f7:b4:b6:3e:1e:92:d2:54:e4:5e:b6:66:f7:bc:97:
2f:36:1c:52:ff:a5:60:d0:db:04:39:9c:19:11:8f:
a3:f2:f6:5b:70:a1:ca:4a:c6:0e:2f:11:e5:02:fd:
7f:e0:9b:48:fe:1b:61:d5:25:de:eb:1f:57:cc:c8:
ad:e4:f3:70:ca:71:d5:4e:ab:95:ff:be:9c:14:83:
f8:89:7c:70:ec:45:dd:5e:d1:2e:13:fa:e8:ce:8e:
8d:ab:a2:5c:3e:97:1a:38:07:ee:16:f1:3f:b7:14:
4b:32:45:86:24:e9:aa:59:ab:02:e9:58:89:ba:7a:
e9:f0:ee:c7:52:00:ef:aa:f2:6c:a1:36:85:a2:0c:
ef:6b:3a:69:ec:9a:99:4c:7d:74:20:f7:03:7e:93:
5f:28:12:97:28:40:56:21:7f:ed:51:d5:37:d2:c6:
c7:98:19:5b:08:6d:0a:99:07:17:35:8f:a5:a8:5f:
a4:e3:39:f0:6e:2a:b0:50:49:c3:55:78:e2:6c:0c:
24:85:55:ca:ab:51:aa:b8:0e:94:32:29:43:44:58:
94:2e:86:da:ce:7d:70:1b:20:4c:7c:f8:80:5b:66:
af:b9:77:cf:ff:dc:a7:79:43:e5:14:39:b8:85:2f:
d1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0F:4B:D8:A6:29:11:BE:C6:1A:6D:96:88:21:CF:89:17:AC:8B:D1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Bw9L2KYpEb7GGm2WiCHPiResi9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.159.0/24
Signature Algorithm: sha256WithRSAEncryption
04:29:c4:ed:63:c8:16:62:2a:2e:cd:0f:b1:7e:e3:be:de:37:
65:8b:cd:87:46:b5:84:ee:95:08:77:97:df:03:cc:db:53:ae:
88:0c:0f:76:7c:4f:bb:55:71:63:32:22:bb:3c:73:7e:20:11:
cb:f8:a5:75:57:b9:94:5d:64:1f:e4:3b:4b:8e:e0:17:5e:e3:
c9:c5:b1:73:96:31:dd:33:9c:9d:9e:03:e0:70:0b:d5:1c:56:
4d:4f:db:02:6a:71:58:bc:4e:67:b1:26:8c:d2:b4:c1:c3:4b:
f3:59:d5:6d:21:d3:63:a6:20:eb:38:32:6e:72:2e:01:22:cd:
8f:7c:e7:f3:82:bf:3a:62:61:c8:30:b7:7c:72:31:15:a9:b3:
df:4c:6c:22:05:dc:59:ee:70:75:96:9f:66:e1:d7:fd:c3:3d:
e6:9a:bf:3d:97:ac:7f:80:f2:1a:79:13:ca:87:ca:53:cf:e0:
45:84:92:3e:32:d3:b4:26:c6:58:9a:99:9d:21:42:8b:52:87:
97:15:1f:f3:a0:81:a6:2e:2e:42:7f:51:37:f0:9a:c0:b0:b0:
97:c8:2f:bb:80:d5:74:c7:9a:9a:f8:7f:a9:57:59:ab:93:4b:
42:7b:b1:d8:35:a7:4c:7e:61:a9:49:d3:42:f5:93:02:9f:2b:
dc:b2:e0:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZAXXHllKBsEvzTod1wl6WkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjE0MTUyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzBmNGJkOGE2MjkxMWJlYzYxYTZkOTY4ODIxY2Y4OTE3YWM4YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXjpIiyqaExn/1Oyu9D3tLY+HpLS
VORetmb3vJcvNhxS/6Vg0NsEOZwZEY+j8vZbcKHKSsYOLxHlAv1/4JtI/hth1SXe
6x9XzMit5PNwynHVTquV/76cFIP4iXxw7EXdXtEuE/rozo6Nq6JcPpcaOAfuFvE/
txRLMkWGJOmqWasC6ViJunrp8O7HUgDvqvJsoTaFogzvazpp7JqZTH10IPcDfpNf
KBKXKEBWIX/tUdU30sbHmBlbCG0KmQcXNY+lqF+k4znwbiqwUEnDVXjibAwkhVXK
q1GquA6UMilDRFiULobazn1wGyBMfPiAW2avuXfP/9yneUPlFDm4hS/RQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcPS9imKRG+xhptloghz4kXrIvRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQnc5TDJLWXBFYjdHR20yV2lDSFBpUmVzaTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpmfMA0G
CSqGSIb3DQEBCwUAA4IBAQAEKcTtY8gWYiouzQ+xfuO+3jdli82HRrWE7pUId5ff
A8zbU66IDA92fE+7VXFjMiK7PHN+IBHL+KV1V7mUXWQf5DtLjuAXXuPJxbFzljHd
M5ydngPgcAvVHFZNT9sCanFYvE5nsSaM0rTBw0vzWdVtIdNjpiDrODJuci4BIs2P
fOfzgr86YmHIMLd8cjEVqbPfTGwiBdxZ7nB1lp9m4df9wz3mmr89l6x/gPIaeRPK
h8pTz+BFhJI+MtO0JsZYmpmdIUKLUoeXFR/zoIGmLi5Cf1E38JrAsLCXyC+7gNV0
x5qa+H+pV1mrk0tCe7HYNadMfmGpSdNC9ZMCnyvcsuB4
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:18 2025 by rpki-client