Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OKqfCuMNoKvXwP2VP1PMwQ9dJAA.roa
File: OKqfCuMNoKvXwP2VP1PMwQ9dJAA.roa (raw, json)
Hash identifier: CkyaBzqabvZ3haUOxsXWHRaGHO5xmyFZgnKQNGxEgT0=
Subject key identifier: 38:AA:9F:0A:E3:0D:A0:AB:D7:C0:FD:95:3F:53:CC:C1:0F:5D:24:00
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F2FACDC3C0A989737EFFB955664FC6F4E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OKqfCuMNoKvXwP2VP1PMwQ9dJAA.roa
Signing time: Tue 30 Apr 2024 15:43:28 +0000
ROA not before: Tue 30 Apr 2024 15:43:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 82.153.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 11:58:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:ac:dc:3c:0a:98:97:37:ef:fb:95:56:64:fc:6f:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 30 15:43:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38aa9f0ae30da0abd7c0fd953f53ccc10f5d2400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f2:78:9f:38:71:27:eb:71:36:e2:81:1d:e4:
f6:e1:4e:4a:80:ff:78:a7:30:a0:d3:59:5a:14:b1:
69:01:50:d9:7f:12:29:ad:fe:a1:d8:f5:c3:cc:ba:
da:e2:8d:cc:4f:59:58:5d:d2:7c:97:9c:ba:e8:81:
fd:8a:9f:2e:6b:a8:b7:ce:ea:45:e6:ba:c1:9a:a1:
24:30:e4:f3:88:de:65:b0:5b:1a:be:96:ce:75:87:
66:41:bd:54:51:5d:11:be:b3:30:ff:f7:b6:d3:81:
79:b9:1a:13:eb:8e:48:07:40:99:c6:c4:e4:6d:35:
d8:42:99:e2:21:55:0b:fe:c6:4c:3d:a3:cb:b3:76:
86:8b:e7:20:9f:f6:17:f7:f0:85:97:f4:6a:c9:ab:
27:56:b9:5b:33:3a:38:48:e5:84:74:fb:42:cc:e8:
55:70:19:de:b4:70:75:d9:aa:72:22:fa:05:df:62:
6c:06:d6:99:84:7a:e4:28:87:2f:83:7d:18:d6:18:
c0:80:e6:7d:3f:d3:8c:92:12:a1:6d:6d:69:7a:d4:
83:41:bb:98:22:21:ed:8d:75:a4:de:4c:0f:9b:29:
43:cd:79:3f:c0:bb:b6:1f:8f:fa:e6:65:60:bc:2f:
13:78:fc:18:4c:8c:92:af:eb:11:aa:58:21:cd:5d:
39:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AA:9F:0A:E3:0D:A0:AB:D7:C0:FD:95:3F:53:CC:C1:0F:5D:24:00
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/OKqfCuMNoKvXwP2VP1PMwQ9dJAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.220.0/24
Signature Algorithm: sha256WithRSAEncryption
12:5e:3e:3b:76:24:ef:64:ed:4f:ef:0c:c5:8d:61:77:f5:a8:
55:a1:40:44:fe:9b:67:37:18:cf:95:42:bf:18:4f:ce:50:90:
a0:a7:10:f1:ca:de:06:a0:8f:05:8c:64:a7:a4:bf:e3:ca:88:
55:07:8c:93:a6:8e:ca:95:d3:e2:b8:2e:d8:42:ea:dd:b0:82:
1c:24:29:a1:68:aa:cf:29:ae:12:04:39:62:4f:f5:fe:92:b5:
ba:2b:be:ca:8c:32:82:7d:06:28:d3:61:02:92:95:ec:9f:80:
6d:3c:60:f6:49:ce:56:9c:63:cb:63:5b:10:75:fb:80:ba:3e:
24:fe:1a:bc:c5:68:3d:41:5c:29:47:0c:26:f8:05:f8:88:82:
14:a6:e8:96:54:39:4e:b0:f0:de:eb:e0:d1:07:30:92:68:4e:
bb:23:d6:59:73:4a:d6:9c:ff:3f:90:c7:c2:67:14:a2:d4:50:
8f:e5:44:2e:8e:ba:0e:66:ac:cc:f2:6a:7a:09:b9:65:c7:7d:
7c:87:ee:b2:db:96:df:51:51:d7:5b:2c:f3:1b:28:de:15:c7:
bc:de:3c:49:22:16:88:ff:93:d5:9c:23:58:02:c9:e8:bf:b4:
1d:c9:3d:d2:8e:32:ae:3a:39:40:f6:a6:7c:6f:10:fc:f9:eb:
2d:09:a1:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8vrNw8CpiXN+/7lVZk/G9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMTU0MzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFhOWYwYWUzMGRhMGFiZDdjMGZkOTUzZjUzY2NjMTBmNWQyNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPJ4nzhxJ+txNuKBHeT24U5KgP94
pzCg01laFLFpAVDZfxIprf6h2PXDzLra4o3MT1lYXdJ8l5y66IH9ip8ua6i3zupF
5rrBmqEkMOTziN5lsFsavpbOdYdmQb1UUV0RvrMw//e204F5uRoT645IB0CZxsTk
bTXYQpniIVUL/sZMPaPLs3aGi+cgn/YX9/CFl/RqyasnVrlbMzo4SOWEdPtCzOhV
cBnetHB12apyIvoF32JsBtaZhHrkKIcvg30Y1hjAgOZ9P9OMkhKhbW1petSDQbuY
IiHtjXWk3kwPmylDzXk/wLu2H4/65mVgvC8TePwYTIySr+sRqlghzV058QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDiqnwrjDaCr18D9lT9TzMEPXSQAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvT0txZkN1TU5vS3ZYd1AyVlAxUE13UTlkSkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpncMA0G
CSqGSIb3DQEBCwUAA4IBAQASXj47diTvZO1P7wzFjWF39ahVoUBE/ptnNxjPlUK/
GE/OUJCgpxDxyt4GoI8FjGSnpL/jyohVB4yTpo7KldPiuC7YQurdsIIcJCmhaKrP
Ka4SBDliT/X+krW6K77KjDKCfQYo02ECkpXsn4BtPGD2Sc5WnGPLY1sQdfuAuj4k
/hq8xWg9QVwpRwwm+AX4iIIUpuiWVDlOsPDe6+DRBzCSaE67I9ZZc0rWnP8/kMfC
ZxSi1FCP5UQujroOZqzM8mp6Cbllx318h+6y25bfUVHXWyzzGyjeFce83jxJIhaI
/5PVnCNYAsnov7QdyT3SjjKuOjlA9qZ8bxD8+estCaGJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:21 2025 by rpki-client