Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TpvHctCd8HWqsywuWkWWpVb6Bo8.roa
File: TpvHctCd8HWqsywuWkWWpVb6Bo8.roa (raw, json)
Hash identifier: /ke1JtfHa07hh6dzUAjTxx/CnmH6vzir313xvJyvh3s=
Subject key identifier: 4E:9B:C7:72:D0:9D:F0:75:AA:B3:2C:2E:5A:45:96:A5:56:FA:06:8F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC34960703937D4783C447F6738F67A01
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TpvHctCd8HWqsywuWkWWpVb6Bo8.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210907
IP address blocks: 82.153.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:60:70:39:37:d4:78:3c:44:7f:67:38:f6:7a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e9bc772d09df075aab32c2e5a4596a556fa068f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:96:ba:43:ab:1f:36:6f:71:67:fb:c7:24:23:
af:c7:a6:9b:b6:3c:99:6f:f8:00:bb:36:34:0e:1f:
33:9c:90:9b:f0:12:67:f6:f2:f9:df:48:7f:30:d0:
24:fa:3d:bd:8d:29:0a:31:87:72:45:ee:f9:84:30:
b7:60:cd:c9:c4:7f:41:fa:cb:d9:6b:8f:10:01:3a:
3d:7e:68:65:05:d7:2a:28:b3:c0:43:f8:09:3c:81:
b8:30:8a:fc:ac:1c:5d:db:59:28:3a:7d:0b:89:18:
7e:92:f9:c1:51:15:43:37:48:87:a0:f7:6b:13:e0:
5d:45:63:28:df:87:e8:7a:9d:38:8a:28:50:5f:0f:
de:07:2c:88:ad:b6:fb:d3:90:1e:48:1f:bc:e3:2b:
d2:8d:c6:b0:a2:93:9d:48:e9:bf:08:7a:ce:37:4c:
62:f8:f6:e7:e4:ee:66:46:0a:e3:ba:af:88:bf:a9:
d8:2c:d5:58:2c:23:21:ed:0b:6f:e4:5f:04:fb:16:
66:5d:e5:08:2c:62:d9:e5:11:9c:21:82:cb:84:0f:
25:e5:77:d3:15:7e:47:6c:1b:7e:98:00:e2:08:70:
71:08:c3:e5:7c:a6:03:c0:80:53:5b:f2:1f:7d:f2:
c6:88:7d:8d:e1:2e:a2:66:2f:90:de:bf:2d:dd:8b:
d4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9B:C7:72:D0:9D:F0:75:AA:B3:2C:2E:5A:45:96:A5:56:FA:06:8F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TpvHctCd8HWqsywuWkWWpVb6Bo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.64.0/24
Signature Algorithm: sha256WithRSAEncryption
52:b0:ed:1b:79:f0:ff:c2:2d:3c:f5:fc:cd:a5:84:60:d9:c9:
0b:61:16:6a:be:14:21:f6:14:de:2d:96:47:03:6c:5a:df:91:
ba:2f:a5:15:48:fd:06:5a:fc:21:ec:1c:9f:7f:e6:6d:6a:fb:
87:21:3b:92:cc:e1:dc:47:c5:4f:84:73:2c:34:54:9d:df:5f:
9c:d4:5f:09:55:12:7a:d7:26:c1:ca:e2:6d:62:3a:92:0b:8e:
07:c7:3e:dc:c6:c2:ad:df:21:91:f2:9c:15:ea:84:3e:9e:c9:
10:bd:77:bc:3b:61:75:95:f2:27:53:03:5d:15:f3:fb:a2:d2:
12:e8:c2:77:42:3c:17:9e:dc:93:e5:72:08:f6:a4:3e:33:72:
0d:05:e3:0e:e1:09:79:b3:50:8d:d3:bb:dd:f3:5e:35:29:f7:
3e:47:6c:fb:fb:d2:a6:3b:40:09:83:ed:83:41:f0:6c:66:ae:
0f:a2:19:91:66:47:3d:7f:11:da:ca:56:eb:59:9f:ed:c5:3d:
63:60:96:a0:f1:f5:0a:27:85:90:d0:6f:fc:87:84:42:9b:71:
7c:dc:ba:8d:39:2f:5a:12:00:5d:43:19:6a:c3:44:3f:f0:4e:
98:8b:63:64:40:12:03:00:6d:30:ec:8d:f6:7b:42:02:ec:26:
80:5d:6d:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWBwOTfUeDxEf2c49noBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTliYzc3MmQwOWRmMDc1YWFiMzJjMmU1YTQ1OTZhNTU2ZmEwNjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJa6Q6sfNm9xZ/vHJCOvx6abtjyZ
b/gAuzY0Dh8znJCb8BJn9vL530h/MNAk+j29jSkKMYdyRe75hDC3YM3JxH9B+svZ
a48QATo9fmhlBdcqKLPAQ/gJPIG4MIr8rBxd21koOn0LiRh+kvnBURVDN0iHoPdr
E+BdRWMo34foep04iihQXw/eByyIrbb705AeSB+84yvSjcawopOdSOm/CHrON0xi
+Pbn5O5mRgrjuq+Iv6nYLNVYLCMh7Qtv5F8E+xZmXeUILGLZ5RGcIYLLhA8l5XfT
FX5HbBt+mADiCHBxCMPlfKYDwIBTW/IfffLGiH2N4S6iZi+Q3r8t3YvUXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6bx3LQnfB1qrMsLlpFlqVW+gaPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVHB2SGN0Q2Q4SFdxc3l3dVdrV1dwVmI2Qm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUplAMA0G
CSqGSIb3DQEBCwUAA4IBAQBSsO0befD/wi089fzNpYRg2ckLYRZqvhQh9hTeLZZH
A2xa35G6L6UVSP0GWvwh7Byff+ZtavuHITuSzOHcR8VPhHMsNFSd31+c1F8JVRJ6
1ybByuJtYjqSC44Hxz7cxsKt3yGR8pwV6oQ+nskQvXe8O2F1lfInUwNdFfP7otIS
6MJ3QjwXntyT5XII9qQ+M3INBeMO4Ql5s1CN07vd8141Kfc+R2z7+9KmO0AJg+2D
QfBsZq4PohmRZkc9fxHaylbrWZ/txT1jYJag8fUKJ4WQ0G/8h4RCm3F83LqNOS9a
EgBdQxlqw0Q/8E6Yi2NkQBIDAG0w7I32e0IC7CaAXW1d
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:54 2025 by rpki-client