Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FOSrdBTQ-onaROjrE2aEkkiuIz0.roa
File: FOSrdBTQ-onaROjrE2aEkkiuIz0.roa (raw, json)
Hash identifier: /WX7yMgBN+csSRJcLtjTI6OGc96rKTZeckZaiLJNxxE=
Subject key identifier: 14:E4:AB:74:14:D0:FA:89:DA:44:E8:EB:13:66:84:92:48:AE:23:3D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F576523454257C77F56D45A6D754CFCF5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FOSrdBTQ-onaROjrE2aEkkiuIz0.roa
Signing time: Wed 08 May 2024 08:49:56 +0000
ROA not before: Wed 08 May 2024 08:49:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399820
IP address blocks: 82.153.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 08:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:65:23:45:42:57:c7:7f:56:d4:5a:6d:75:4c:fc:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 8 08:49:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14e4ab7414d0fa89da44e8eb1366849248ae233d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f2:f3:dc:a3:97:f9:55:ef:cc:de:35:ad:ef:
ba:59:b7:01:34:67:31:bb:45:6d:5c:45:84:72:1a:
25:c6:78:85:97:0a:7a:8b:cd:72:03:3a:33:1a:50:
3e:1a:59:4f:1a:40:3b:9b:19:dd:e0:cc:2d:3d:db:
75:00:b0:29:09:d8:f0:a5:e3:15:75:dd:a6:b3:6c:
ad:60:5c:93:fd:95:05:7a:0f:02:d8:a0:82:62:1c:
1d:6f:1e:73:82:11:4b:2a:95:5c:48:77:e8:b8:ac:
fa:4c:76:1e:57:28:51:ab:53:93:24:a8:74:ab:18:
4c:91:f5:99:59:0d:cb:16:9d:50:f7:b1:a5:7f:cd:
08:b7:a4:2d:9f:c0:c4:a7:44:06:58:3f:cd:31:8c:
ee:d0:66:16:84:d3:8b:ce:79:4d:3e:78:83:9d:b1:
98:dc:f1:54:12:c6:8e:ee:54:3f:af:4b:83:4e:51:
8f:d4:eb:25:40:6f:69:1f:57:e3:6c:70:f5:01:be:
ba:89:ae:e8:ed:44:09:38:46:23:fe:ea:9c:f5:72:
e1:1e:4c:98:49:76:90:27:68:f1:0d:48:b3:6b:fc:
01:33:6e:e1:95:f6:62:68:e2:bb:88:60:f0:f8:ed:
d8:fa:48:56:eb:ac:fb:14:6a:3f:d6:0f:64:3a:d3:
ff:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E4:AB:74:14:D0:FA:89:DA:44:E8:EB:13:66:84:92:48:AE:23:3D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FOSrdBTQ-onaROjrE2aEkkiuIz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.134.0/24
Signature Algorithm: sha256WithRSAEncryption
89:c2:70:5b:67:fc:76:5c:9e:d8:9c:97:74:42:ec:c4:ec:d3:
d8:fc:6d:ad:d3:1b:c6:fb:01:6c:dc:ac:5c:1c:7b:11:fd:b1:
cc:44:83:6a:df:fb:ea:d5:a9:7a:c3:83:01:24:f5:5c:56:e1:
db:5e:49:04:ad:b2:00:53:d3:01:52:e4:e3:06:29:3b:77:d9:
2a:d2:cd:72:38:56:c8:7f:58:03:92:76:1f:a8:17:73:95:76:
fc:8c:69:08:9a:ca:32:74:67:bd:b9:21:8b:2c:4b:be:69:94:
42:d9:46:78:1a:1e:ef:f1:b1:c9:1d:7e:61:7c:f9:ca:68:aa:
7a:a8:29:56:53:0d:57:32:5b:b4:a8:a4:1c:d1:60:32:ad:a8:
97:fc:99:2d:5d:73:5a:a8:58:40:15:5e:43:1a:ff:21:3f:f6:
c4:41:25:51:85:10:ff:9d:2f:d8:bd:43:74:55:d9:3e:11:3f:
c7:49:b8:9e:1c:74:88:33:c3:5c:ab:a2:30:af:14:c6:09:43:
38:14:a8:11:41:54:81:06:25:8c:96:54:91:70:1b:c5:0e:6b:
5c:a5:ad:a2:41:33:47:8e:25:8f:1c:e4:7b:ae:f8:d7:79:95:
bf:a2:da:a8:ce:56:53:4c:34:58:bc:54:0f:e2:bb:c6:b4:3a:
0d:93:e5:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9XZSNFQlfHf1bUWm11TPz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA4MDg0OTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGU0YWI3NDE0ZDBmYTg5ZGE0NGU4ZWIxMzY2ODQ5MjQ4YWUyMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfLz3KOX+VXvzN41re+6WbcBNGcx
u0VtXEWEcholxniFlwp6i81yAzozGlA+GllPGkA7mxnd4MwtPdt1ALApCdjwpeMV
dd2ms2ytYFyT/ZUFeg8C2KCCYhwdbx5zghFLKpVcSHfouKz6THYeVyhRq1OTJKh0
qxhMkfWZWQ3LFp1Q97Glf80It6Qtn8DEp0QGWD/NMYzu0GYWhNOLznlNPniDnbGY
3PFUEsaO7lQ/r0uDTlGP1OslQG9pH1fjbHD1Ab66ia7o7UQJOEYj/uqc9XLhHkyY
SXaQJ2jxDUiza/wBM27hlfZiaOK7iGDw+O3Y+khW66z7FGo/1g9kOtP/CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTkq3QU0PqJ2kTo6xNmhJJIriM9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRk9TcmRCVFEtb25hUk9qckUyYUVra2l1SXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpmGMA0G
CSqGSIb3DQEBCwUAA4IBAQCJwnBbZ/x2XJ7YnJd0QuzE7NPY/G2t0xvG+wFs3Kxc
HHsR/bHMRINq3/vq1al6w4MBJPVcVuHbXkkErbIAU9MBUuTjBik7d9kq0s1yOFbI
f1gDknYfqBdzlXb8jGkImsoydGe9uSGLLEu+aZRC2UZ4Gh7v8bHJHX5hfPnKaKp6
qClWUw1XMlu0qKQc0WAyraiX/JktXXNaqFhAFV5DGv8hP/bEQSVRhRD/nS/YvUN0
Vdk+ET/HSbieHHSIM8Ncq6IwrxTGCUM4FKgRQVSBBiWMllSRcBvFDmtcpa2iQTNH
jiWPHOR7rvjXeZW/otqozlZTTDRYvFQP4rvGtDoNk+Vm
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:54 2025 by rpki-client