Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SVbW3xgxWxep0qNl9F3u8tqhZPo.roa
File: SVbW3xgxWxep0qNl9F3u8tqhZPo.roa (raw, json)
Hash identifier: 3XWu+RgnpxsimW0eHVb0Y9+6YDRrWbXfIXuEuUoBoVQ=
Subject key identifier: 49:56:D6:DF:18:31:5B:17:A9:D2:A3:65:F4:5D:EE:F2:DA:A1:64:FA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143FCEB7EBD21B96C27CC932B07ADE1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SVbW3xgxWxep0qNl9F3u8tqhZPo.roa
Signing time: Wed 01 Jan 2025 09:48:11 +0000
ROA not before: Wed 01 Jan 2025 09:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198584
IP address blocks: 82.153.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 11:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:fc:eb:7e:bd:21:b9:6c:27:cc:93:2b:07:ad:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4956d6df18315b17a9d2a365f45deef2daa164fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:66:df:10:73:24:02:c5:a2:bd:56:9b:1e:2d:
bc:d9:06:a0:44:7e:18:e2:a6:8e:f6:fa:a4:7b:e8:
90:5b:48:2d:8a:eb:95:7d:80:4f:dc:24:97:2f:7c:
8a:c2:ac:94:9c:68:4a:a2:23:a9:32:c6:2d:4c:32:
3f:52:3c:b0:d9:85:79:f9:4d:36:fb:f7:b8:4d:f6:
a1:f8:fe:ac:7e:d8:41:27:4f:20:97:5d:e9:83:8c:
5f:cb:bf:15:2a:f9:7a:21:33:4f:42:63:d9:ba:17:
b5:34:35:2e:4e:70:bd:73:9b:bc:f7:ba:7e:09:4b:
f2:e7:7d:df:08:53:20:26:48:63:75:80:fe:1e:1a:
b3:b5:5b:e8:be:42:ca:d7:7e:b3:fa:13:55:1e:b1:
04:48:58:35:07:0b:97:54:7c:f7:2e:76:8e:d3:ef:
3b:ff:25:f4:85:57:10:cb:f4:c9:f9:51:46:8d:31:
5b:c3:9f:0b:83:f1:de:b5:dc:4a:21:fb:99:95:ba:
61:1b:b9:f4:67:33:46:6a:70:20:05:88:00:99:24:
e9:78:54:87:80:17:42:68:5c:1d:79:d5:5f:59:98:
96:f5:0f:54:7d:ad:90:ab:e7:a4:f0:af:c8:87:ef:
45:bd:8a:3a:13:aa:f7:4d:90:32:b1:21:d2:b5:7c:
9a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:56:D6:DF:18:31:5B:17:A9:D2:A3:65:F4:5D:EE:F2:DA:A1:64:FA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/SVbW3xgxWxep0qNl9F3u8tqhZPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.35.0/24
Signature Algorithm: sha256WithRSAEncryption
77:a4:73:05:c6:5c:8c:4c:5f:d0:fc:db:77:fd:33:2d:4e:8f:
d1:50:42:f5:72:98:11:d0:2c:48:ca:dd:45:16:81:a7:3b:31:
1c:7b:03:77:c2:fa:52:0b:21:ac:1b:c4:58:7f:fe:94:b7:e7:
17:6d:0a:27:c6:90:32:3e:cf:7d:a2:34:1b:b7:32:18:3d:c1:
dc:48:77:5f:75:70:be:c2:26:4a:a7:3a:57:ab:fe:23:1c:6d:
ff:18:da:5b:bb:06:e1:3c:33:2d:18:11:dd:7b:ef:53:49:45:
e9:d7:30:2e:78:5a:40:9c:98:bb:01:06:d8:09:b4:e8:08:4c:
ef:11:df:a6:ce:7e:d8:f3:9c:4b:5e:a1:7d:68:a0:73:1e:d1:
c9:c6:02:55:20:cf:6d:f7:83:1a:fc:40:e4:af:07:a6:33:96:
0e:e1:05:34:ec:89:0d:d0:b1:cb:ed:0f:7d:f5:53:e0:61:a2:
b2:e2:99:64:ff:4c:d7:d9:12:4b:bf:f0:e5:fc:58:c8:2e:22:
75:ec:94:1f:a8:4c:21:bc:d2:ee:5e:e1:1e:fd:52:4f:3d:cb:
54:cb:ff:0c:1c:a0:fb:be:e0:45:7e:0f:b7:2d:d8:7b:e0:8a:
ea:d1:a9:92:c7:a8:14:77:9c:00:5a:b0:22:eb:08:41:21:5f:
88:92:36:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/zrfr0huWwnzJMrB63hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTU2ZDZkZjE4MzE1YjE3YTlkMmEzNjVmNDVkZWVmMmRhYTE2NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WbfEHMkAsWivVabHi282QagRH4Y
4qaO9vqke+iQW0gtiuuVfYBP3CSXL3yKwqyUnGhKoiOpMsYtTDI/Ujyw2YV5+U02
+/e4Tfah+P6sfthBJ08gl13pg4xfy78VKvl6ITNPQmPZuhe1NDUuTnC9c5u897p+
CUvy533fCFMgJkhjdYD+HhqztVvovkLK136z+hNVHrEESFg1BwuXVHz3LnaO0+87
/yX0hVcQy/TJ+VFGjTFbw58Lg/HetdxKIfuZlbphG7n0ZzNGanAgBYgAmSTpeFSH
gBdCaFwdedVfWZiW9Q9Ufa2Qq+ek8K/Ih+9FvYo6E6r3TZAysSHStXyaXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFElW1t8YMVsXqdKjZfRd7vLaoWT6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvU1ZiVzN4Z3hXeGVwMHFObDlGM3U4dHFoWlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkjMA0G
CSqGSIb3DQEBCwUAA4IBAQB3pHMFxlyMTF/Q/Nt3/TMtTo/RUEL1cpgR0CxIyt1F
FoGnOzEcewN3wvpSCyGsG8RYf/6Ut+cXbQonxpAyPs99ojQbtzIYPcHcSHdfdXC+
wiZKpzpXq/4jHG3/GNpbuwbhPDMtGBHde+9TSUXp1zAueFpAnJi7AQbYCbToCEzv
Ed+mzn7Y85xLXqF9aKBzHtHJxgJVIM9t94Ma/EDkrwemM5YO4QU07IkN0LHL7Q99
9VPgYaKy4plk/0zX2RJLv/Dl/FjILiJ17JQfqEwhvNLuXuEe/VJPPctUy/8MHKD7
vuBFfg+3Ldh74Irq0amSx6gUd5wAWrAi6whBIV+IkjY0
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:32 2025 by rpki-client