Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TSd5fkUh5FQIqyh9kprj7-ZqMpE.roa
File: TSd5fkUh5FQIqyh9kprj7-ZqMpE.roa (raw, json)
Hash identifier: jfjmZ3vr+1osAhSXb+ywoqEHQfXnwz2aHnxmL7Yj2l8=
Subject key identifier: 4D:27:79:7E:45:21:E4:54:08:AB:28:7D:92:9A:E3:EF:E6:6A:32:91
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942144380FA2E6A812220DCB4233F5CAAA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TSd5fkUh5FQIqyh9kprj7-ZqMpE.roa
Signing time: Wed 01 Jan 2025 09:48:26 +0000
ROA not before: Wed 01 Jan 2025 09:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216221
IP address blocks: 82.152.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 15:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:38:0f:a2:e6:a8:12:22:0d:cb:42:33:f5:ca:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d27797e4521e45408ab287d929ae3efe66a3291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:ac:9e:4e:bb:bb:55:c3:d4:dd:b4:3b:83:
9f:07:39:a3:bb:35:ad:8a:27:1b:7e:c1:7a:38:6c:
d3:1e:04:a3:88:97:4a:b2:4b:b9:1b:a6:53:28:a5:
21:53:a6:f3:c0:b4:fd:7e:a8:00:4f:01:e2:fd:31:
22:e5:d6:d6:2e:ce:ba:df:e5:0d:f1:7d:17:1d:c1:
fb:2d:2a:f6:be:96:15:be:77:7c:87:2c:2f:b6:48:
49:d8:c4:ea:7c:57:7b:9c:7a:8b:5e:f7:55:5c:2e:
7f:91:5f:4d:6a:3f:c8:f1:a2:72:35:2f:9b:5b:43:
3c:2d:38:5b:d5:a2:67:31:ab:58:61:0f:21:13:a7:
8c:fe:54:87:d7:1c:ac:fa:19:d6:a7:78:88:27:2a:
57:27:11:33:42:00:90:9a:8f:e8:2e:d1:0e:15:6c:
78:e8:c9:04:1c:97:91:1e:1f:98:01:c4:20:14:ce:
f1:a8:15:97:58:94:b0:6b:3f:00:52:50:65:ba:24:
8c:af:b4:4a:01:e9:fc:06:b5:04:b0:ef:a2:ae:fa:
68:28:a4:0c:a1:3f:60:8c:fc:13:d7:4d:1b:88:05:
ba:6e:2e:c4:4a:21:2b:c0:d0:3c:8f:2a:b2:e0:3e:
2f:7b:8a:43:db:e5:e8:3c:ad:fa:9a:e7:94:d5:28:
b9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:27:79:7E:45:21:E4:54:08:AB:28:7D:92:9A:E3:EF:E6:6A:32:91
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TSd5fkUh5FQIqyh9kprj7-ZqMpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.176.0/24
Signature Algorithm: sha256WithRSAEncryption
97:11:18:2a:f7:5e:34:5a:fe:9c:9d:74:da:a5:bb:97:ce:f5:
db:9f:e4:5e:14:b9:a4:b3:21:c0:94:fd:0a:34:50:17:cc:88:
f8:ac:41:a8:ec:c7:73:5f:eb:81:71:fd:b5:a0:98:48:d9:a4:
db:ab:3d:5a:84:c4:4f:f6:df:9c:a6:98:25:65:92:66:12:78:
65:59:62:83:06:7a:c6:2c:f1:a2:fd:d9:d9:92:90:6b:2d:70:
94:a7:18:64:87:75:4c:fd:9d:74:39:83:27:72:62:88:68:a8:
38:37:78:78:c8:37:f2:01:93:d0:87:36:92:55:77:a7:00:67:
e1:f9:b6:62:67:4e:f5:82:32:a9:ba:d3:40:05:99:76:a7:da:
fc:15:e9:af:2a:56:63:e0:29:71:e1:59:39:c2:67:52:4c:35:
44:6b:a0:31:ad:06:da:0f:10:cb:28:13:ab:f8:57:3d:8d:01:
55:6a:a4:e9:eb:f6:d6:9b:68:ea:9f:b1:23:05:52:7e:f9:eb:
de:f9:c0:91:d0:67:9c:0d:00:04:07:6c:ce:41:64:05:ab:1f:
91:f9:ad:ae:98:23:c2:34:44:91:e9:72:0c:b3:49:5c:be:9a:
1e:71:3b:b6:fd:4e:5d:60:14:49:07:78:1e:7b:9d:18:5c:6d:
59:9d:ed:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDgPouaoEiINy0Iz9cqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDI3Nzk3ZTQ1MjFlNDU0MDhhYjI4N2Q5MjlhZTNlZmU2NmEzMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk2snk67u1XD1N20O4OfBzmjuzWt
iicbfsF6OGzTHgSjiJdKsku5G6ZTKKUhU6bzwLT9fqgATwHi/TEi5dbWLs663+UN
8X0XHcH7LSr2vpYVvnd8hywvtkhJ2MTqfFd7nHqLXvdVXC5/kV9Naj/I8aJyNS+b
W0M8LThb1aJnMatYYQ8hE6eM/lSH1xys+hnWp3iIJypXJxEzQgCQmo/oLtEOFWx4
6MkEHJeRHh+YAcQgFM7xqBWXWJSwaz8AUlBluiSMr7RKAen8BrUEsO+irvpoKKQM
oT9gjPwT100biAW6bi7ESiErwNA8jyqy4D4ve4pD2+XoPK36mueU1Si5GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0neX5FIeRUCKsofZKa4+/majKRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVFNkNWZrVWg1RlFJcXloOWtwcmo3LVpxTXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpiwMA0G
CSqGSIb3DQEBCwUAA4IBAQCXERgq9140Wv6cnXTapbuXzvXbn+ReFLmksyHAlP0K
NFAXzIj4rEGo7MdzX+uBcf21oJhI2aTbqz1ahMRP9t+cppglZZJmEnhlWWKDBnrG
LPGi/dnZkpBrLXCUpxhkh3VM/Z10OYMncmKIaKg4N3h4yDfyAZPQhzaSVXenAGfh
+bZiZ071gjKputNABZl2p9r8FemvKlZj4Clx4Vk5wmdSTDVEa6AxrQbaDxDLKBOr
+Fc9jQFVaqTp6/bWm2jqn7EjBVJ++eve+cCR0GecDQAEB2zOQWQFqx+R+a2umCPC
NESR6XIMs0lcvpoecTu2/U5dYBRJB3gee50YXG1Zne1f
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:44:07 2025 by rpki-client