Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xk9nBv6IQDOmURi5oA1QZ3viW84.roa
File: Xk9nBv6IQDOmURi5oA1QZ3viW84.roa (raw, json)
Hash identifier: dMTiMhhHGlG48FQciOF6VtWS7VZd+QaEhj7glHsIsp8=
Subject key identifier: 5E:4F:67:06:FE:88:40:33:A6:51:18:B9:A0:0D:50:67:7B:E2:5B:CE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194B288A4B4E9086DEBC6FE0B0F532E9666
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xk9nBv6IQDOmURi5oA1QZ3viW84.roa
Signing time: Wed 29 Jan 2025 14:48:06 +0000
ROA not before: Wed 29 Jan 2025 14:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59432
IP address blocks: 82.153.50.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b2:88:a4:b4:e9:08:6d:eb:c6:fe:0b:0f:53:2e:96:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 29 14:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e4f6706fe884033a65118b9a00d50677be25bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:86:e8:ae:75:e8:79:75:b1:79:47:c0:5d:41:
5e:9d:d6:fa:ba:49:5b:3b:4a:0a:5d:d5:a4:67:16:
e6:f6:db:3e:ab:e9:87:8f:86:9e:c6:36:32:6f:e0:
a0:2c:8a:dc:5f:d1:46:ea:79:08:ca:f4:a1:d0:8a:
71:ca:34:d7:57:6f:70:b7:34:94:ab:ce:3b:56:b9:
8c:56:52:5d:df:41:05:6b:9e:a0:40:8a:c0:e2:b2:
9d:34:a4:99:91:40:5d:18:26:90:d5:83:34:a3:e8:
aa:fd:7b:4c:ce:b6:dc:de:b6:7f:73:ed:b2:89:83:
9d:e0:07:97:e2:f4:a8:a3:aa:22:9d:8f:ba:42:2a:
b4:6c:85:38:1a:1f:99:2a:d4:ba:dd:78:76:cc:17:
cd:69:eb:8c:36:67:67:83:1c:6e:5f:2f:16:4b:8a:
10:81:f9:84:87:3f:14:fe:82:6d:0b:1f:78:5c:17:
67:38:c9:a8:e2:74:91:49:12:97:ab:cb:98:4b:b8:
3f:2c:d4:ef:08:cd:a4:4b:28:e5:f1:e9:28:09:a7:
5b:9f:19:68:ca:16:2d:82:2a:38:31:76:a0:73:f3:
f6:60:a9:3e:76:0a:82:60:ed:9f:3c:18:08:c1:00:
c4:19:91:ba:6f:a8:da:a8:96:a6:e5:98:ea:eb:9b:
02:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4F:67:06:FE:88:40:33:A6:51:18:B9:A0:0D:50:67:7B:E2:5B:CE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xk9nBv6IQDOmURi5oA1QZ3viW84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.50.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:45:a3:fe:7f:bb:04:29:dd:06:36:3e:30:9b:94:4f:ae:64:
3c:fe:63:24:2b:40:48:85:b9:7f:0e:d0:7d:93:06:41:03:58:
b6:bc:50:11:24:a1:d2:37:a8:aa:50:4f:55:e3:a9:c2:7f:fc:
ad:e9:01:40:2d:ad:f3:09:17:bb:fe:11:ed:20:12:51:92:bf:
e4:a2:86:77:6b:c3:97:b3:c0:30:90:d6:08:da:06:a4:7a:95:
4d:17:c6:3f:ba:77:15:80:3f:a0:ba:52:bb:05:fa:53:b4:65:
70:31:a9:69:22:73:76:13:57:dd:d7:f3:9a:5d:31:a7:25:8d:
87:3f:f8:30:58:98:73:13:3e:56:d6:44:df:f4:4d:d7:68:78:
27:6f:58:e1:f3:77:a0:d1:37:49:b3:9b:57:57:95:b6:e0:1b:
de:c0:97:ee:97:b8:67:b0:4b:50:35:0e:f1:03:f9:99:80:37:
f9:10:fa:c7:19:b4:0e:3a:40:3d:3f:13:af:f3:a5:2f:64:0f:
6d:d7:15:47:29:86:04:22:7f:cd:be:fc:13:33:2a:93:72:49:
d9:5b:e0:a7:37:6f:60:b1:f7:89:81:ae:3d:74:29:74:20:8a:
06:8f:41:3d:8b:b0:cc:8d:68:c4:6e:c5:b4:e2:c5:82:6b:e6:
88:b0:14:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSyiKS06Qht68b+Cw9TLpZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTI5MTQ0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRmNjcwNmZlODg0MDMzYTY1MTE4YjlhMDBkNTA2NzdiZTI1YmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IbornXoeXWxeUfAXUFendb6uklb
O0oKXdWkZxbm9ts+q+mHj4aexjYyb+CgLIrcX9FG6nkIyvSh0IpxyjTXV29wtzSU
q847VrmMVlJd30EFa56gQIrA4rKdNKSZkUBdGCaQ1YM0o+iq/XtMzrbc3rZ/c+2y
iYOd4AeX4vSoo6oinY+6Qiq0bIU4Gh+ZKtS63Xh2zBfNaeuMNmdngxxuXy8WS4oQ
gfmEhz8U/oJtCx94XBdnOMmo4nSRSRKXq8uYS7g/LNTvCM2kSyjl8ekoCadbnxlo
yhYtgio4MXagc/P2YKk+dgqCYO2fPBgIwQDEGZG6b6jaqJam5Zjq65sCNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5PZwb+iEAzplEYuaANUGd74lvOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWGs5bkJ2NklRRE9tVVJpNW9BMVFaM3ZpVzg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkyMA0G
CSqGSIb3DQEBCwUAA4IBAQBeRaP+f7sEKd0GNj4wm5RPrmQ8/mMkK0BIhbl/DtB9
kwZBA1i2vFARJKHSN6iqUE9V46nCf/yt6QFALa3zCRe7/hHtIBJRkr/kooZ3a8OX
s8AwkNYI2gakepVNF8Y/uncVgD+gulK7BfpTtGVwMalpInN2E1fd1/OaXTGnJY2H
P/gwWJhzEz5W1kTf9E3XaHgnb1jh83eg0TdJs5tXV5W24BvewJful7hnsEtQNQ7x
A/mZgDf5EPrHGbQOOkA9PxOv86UvZA9t1xVHKYYEIn/NvvwTMyqTcknZW+CnN29g
sfeJga49dCl0IIoGj0E9i7DMjWjEbsW04sWCa+aIsBSc
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:29 2025 by rpki-client