Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Giru5Qd4guHm7IyPxVfxU8R1fIY.roa
File: Giru5Qd4guHm7IyPxVfxU8R1fIY.roa (raw, json)
Hash identifier: 1Mi5cRGMPH3sisUMy1CbE9gSaYsol8fsNLVym3dv96Q=
Subject key identifier: 1A:2A:EE:E5:07:78:82:E1:E6:EC:8C:8F:C5:57:F1:53:C4:75:7C:86
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190123D716BE99D17D7654CF52BE46D7564
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Giru5Qd4guHm7IyPxVfxU8R1fIY.roa
Signing time: Thu 13 Jun 2024 15:35:34 +0000
ROA not before: Thu 13 Jun 2024 15:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 82.152.140.0/24 maxlen: 24
89.213.238.0/24 maxlen: 24
185.49.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Aug 2024 12:57:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:12:3d:71:6b:e9:9d:17:d7:65:4c:f5:2b:e4:6d:75:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 13 15:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1a2aeee5077882e1e6ec8c8fc557f153c4757c86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:46:58:8a:a3:e4:c1:f1:f7:c4:a8:43:e4:21:
7f:37:52:88:d1:1c:d6:77:8f:5a:e4:9d:5c:d2:9b:
a4:a3:dd:9f:48:5e:4e:01:59:9f:b2:7a:5a:a1:56:
9f:65:f2:41:ba:7b:8f:79:41:33:33:8c:77:75:e2:
13:49:d6:fa:d7:3f:da:b5:5f:d4:42:d6:ce:50:2c:
87:78:e2:67:e1:3d:fe:2c:e8:fd:a0:31:57:34:9a:
a1:b6:4a:92:0e:48:c0:ea:d8:98:8c:61:19:dc:4d:
6c:3b:fa:11:37:39:9e:37:58:1c:fd:47:78:97:ef:
00:79:7a:33:d3:5a:08:70:e0:c9:8c:ad:52:c9:e9:
85:d9:cb:1d:07:f1:db:5a:b6:18:06:4d:56:81:72:
67:19:65:aa:25:7c:5f:ab:67:a1:41:5e:8a:c7:2f:
56:2f:ca:f5:4a:a2:54:40:50:b8:16:e0:3f:8d:dc:
fe:a6:35:a3:6a:a2:c3:9c:98:d2:b6:f3:15:d3:7b:
9a:a8:d5:54:35:64:d2:2b:3b:e0:d9:54:95:2e:7b:
85:8c:59:0f:44:45:15:5f:9e:1e:99:a0:ef:e0:10:
fb:f1:82:60:15:9b:ca:85:8a:85:ca:22:e7:fd:3c:
59:4d:bd:e1:9a:3a:38:56:f3:14:93:87:d8:f6:01:
0b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2A:EE:E5:07:78:82:E1:E6:EC:8C:8F:C5:57:F1:53:C4:75:7C:86
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Giru5Qd4guHm7IyPxVfxU8R1fIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.140.0/24
89.213.238.0/24
185.49.127.0/24
Signature Algorithm: sha256WithRSAEncryption
54:db:1d:81:fb:8e:02:0d:54:15:33:e3:ae:5f:4d:15:7e:07:
a4:f9:f9:d3:1c:5c:b1:f1:09:7a:75:51:cd:6b:fe:bf:c3:d8:
49:ad:a3:20:08:d9:05:66:ed:84:39:49:01:e9:a6:46:5e:fe:
46:cb:34:b7:fd:58:e7:ca:25:9a:d8:0d:87:93:80:4c:3c:dd:
ca:7a:e9:38:44:0e:29:60:f8:2b:12:a0:af:cc:77:05:4a:a9:
66:2e:7f:02:5e:9a:e8:24:ce:8c:64:01:4e:ab:bc:ab:90:03:
b3:91:aa:18:d9:80:0f:fb:36:90:d4:2b:f1:f0:46:77:ef:81:
5b:9d:f0:62:e6:8c:c1:2c:37:26:50:3c:c5:1e:91:0b:64:83:
d1:a5:ff:d0:26:34:09:5e:c9:8f:1a:40:b3:15:2e:0e:0a:91:
95:0d:11:a1:ee:e9:e7:dd:74:e1:ca:3e:17:8d:7e:f4:ca:3f:
95:1b:34:62:57:b3:e3:dc:27:38:94:9c:eb:23:51:5c:96:58:
13:b7:4b:43:a9:4d:f2:d4:1f:bf:4d:d1:96:b7:a4:32:8b:60:
75:f5:79:f3:49:4b:d9:be:bf:49:0a:a0:f3:54:e3:47:cb:d1:
4c:65:a5:c1:80:65:b4:bb:ab:f9:f7:ab:0b:05:cf:d0:f2:5d:
cd:87:d9:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZASPXFr6Z0X12VM9SvkbXVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjEzMTUzNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJhZWVlNTA3Nzg4MmUxZTZlYzhjOGZjNTU3ZjE1M2M0NzU3Yzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkZYiqPkwfH3xKhD5CF/N1KI0RzW
d49a5J1c0puko92fSF5OAVmfsnpaoVafZfJBunuPeUEzM4x3deITSdb61z/atV/U
QtbOUCyHeOJn4T3+LOj9oDFXNJqhtkqSDkjA6tiYjGEZ3E1sO/oRNzmeN1gc/Ud4
l+8AeXoz01oIcODJjK1SyemF2csdB/HbWrYYBk1WgXJnGWWqJXxfq2ehQV6Kxy9W
L8r1SqJUQFC4FuA/jdz+pjWjaqLDnJjStvMV03uaqNVUNWTSKzvg2VSVLnuFjFkP
REUVX54emaDv4BD78YJgFZvKhYqFyiLn/TxZTb3hmjo4VvMUk4fY9gELSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBoq7uUHeILh5uyMj8VX8VPEdXyGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR2lydTVRZDRndUhtN0l5UHhWZnhVOFIxZklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpiMAwQA
WdXuAwQAuTF/MA0GCSqGSIb3DQEBCwUAA4IBAQBU2x2B+44CDVQVM+OuX00Vfgek
+fnTHFyx8Ql6dVHNa/6/w9hJraMgCNkFZu2EOUkB6aZGXv5GyzS3/VjnyiWa2A2H
k4BMPN3Keuk4RA4pYPgrEqCvzHcFSqlmLn8CXproJM6MZAFOq7yrkAOzkaoY2YAP
+zaQ1Cvx8EZ374FbnfBi5ozBLDcmUDzFHpELZIPRpf/QJjQJXsmPGkCzFS4OCpGV
DRGh7unn3XThyj4XjX70yj+VGzRiV7Pj3Cc4lJzrI1FcllgTt0tDqU3y1B+/TdGW
t6Qyi2B19XnzSUvZvr9JCqDzVONHy9FMZaXBgGW0u6v596sLBc/Q8l3Nh9la
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:44 2025 by rpki-client