Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XzbxVtMGOnd4rgiv3cmTLrH4RKI.roa
File: XzbxVtMGOnd4rgiv3cmTLrH4RKI.roa (raw, json)
Hash identifier: et+XO1+YKX9NtrtLusFQqsGZkXgRHr69fRdNU4LOyE8=
Subject key identifier: 5F:36:F1:56:D3:06:3A:77:78:AE:08:AF:DD:C9:93:2E:B1:F8:44:A2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143FA9D218094390BEA47E82A5A9903
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XzbxVtMGOnd4rgiv3cmTLrH4RKI.roa
Signing time: Wed 01 Jan 2025 09:48:10 +0000
ROA not before: Wed 01 Jan 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152179
IP address blocks: 82.153.228.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 15:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:fa:9d:21:80:94:39:0b:ea:47:e8:2a:5a:99:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f36f156d3063a7778ae08afddc9932eb1f844a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:41:3e:74:62:1f:ca:64:e1:e4:5f:77:e4:00:
17:8d:62:ee:44:ec:4f:17:d2:47:15:86:22:d9:66:
74:04:13:5f:fe:9d:e0:94:15:50:27:29:97:17:9e:
cb:bf:35:60:31:59:39:fc:b5:02:20:a5:73:ce:d1:
eb:81:94:86:21:28:d1:41:72:3e:5f:ae:2e:70:2d:
ea:f9:ae:ef:28:53:3f:ce:52:c4:3c:80:d5:a6:88:
d4:3e:bd:63:d5:01:0e:36:b0:a9:0f:74:e1:6b:86:
14:e9:d6:8b:5d:8d:f4:6d:f4:50:46:46:6f:ed:e4:
25:e6:29:96:57:2d:62:ed:ce:ce:0f:35:f5:16:21:
2c:dd:73:4c:7a:b5:8e:c0:25:0a:2d:e2:e2:26:96:
7b:a1:39:4a:dc:81:9d:e0:17:b3:40:ee:9a:cf:19:
c7:2a:f8:b7:d0:f7:00:4a:c3:49:33:df:54:58:a3:
e7:04:f2:cb:bd:42:b3:9f:f5:43:05:b7:59:db:91:
0f:86:b4:e3:5a:c9:38:57:b2:be:b6:bd:71:55:7f:
af:7b:e8:37:71:ca:e2:c4:e2:f1:ac:5c:f0:ca:b2:
be:92:36:54:35:af:95:39:22:14:59:eb:0d:76:6a:
44:78:a1:13:28:4a:f0:96:53:94:b7:20:ac:0b:ea:
cf:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:36:F1:56:D3:06:3A:77:78:AE:08:AF:DD:C9:93:2E:B1:F8:44:A2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XzbxVtMGOnd4rgiv3cmTLrH4RKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.228.0/23
Signature Algorithm: sha256WithRSAEncryption
97:7a:01:79:4c:e0:cb:09:62:41:6c:ff:d7:ed:81:4c:58:31:
9a:0f:a6:77:df:61:2c:ea:7e:4d:4d:6c:72:e0:f8:1c:be:4b:
a8:3d:39:39:93:9f:8c:c0:10:c1:b6:1d:44:72:2e:2e:73:da:
6d:0e:8c:27:35:65:3d:8b:e0:dd:01:bf:17:77:a6:44:47:ef:
bb:7f:f0:37:12:4b:ec:35:b0:2b:99:58:29:43:f5:d1:d9:25:
b0:15:8b:1d:3a:ee:f1:7a:78:df:b1:d5:fc:15:f8:f0:64:85:
84:61:cf:0c:2e:fc:2b:24:6e:61:85:1b:08:87:34:10:e3:03:
ae:d9:bd:8c:85:7d:39:9b:b7:37:f8:30:ac:0c:01:94:05:ca:
9f:09:df:6e:eb:2f:6a:63:dd:47:07:a3:18:cd:a8:1c:3c:84:
d1:6a:c9:7d:e6:21:59:b1:6b:94:88:c1:62:b9:e1:12:a2:b1:
3a:a5:88:1a:d3:17:fe:d2:36:73:47:1e:64:f0:ef:7d:40:c3:
08:d6:df:66:5d:2c:21:c0:52:05:10:58:f3:f0:13:2b:9f:24:
e6:ec:8e:a6:5b:6f:b1:be:06:f1:4c:f5:68:a7:2c:84:51:23:
34:13:f5:6d:89:1f:6f:8b:af:f1:6e:f4:7f:bc:5b:72:31:1e:
75:ee:65:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/qdIYCUOQvqR+gqWpkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjM2ZjE1NmQzMDYzYTc3NzhhZTA4YWZkZGM5OTMyZWIxZjg0NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kE+dGIfymTh5F935AAXjWLuROxP
F9JHFYYi2WZ0BBNf/p3glBVQJymXF57LvzVgMVk5/LUCIKVzztHrgZSGISjRQXI+
X64ucC3q+a7vKFM/zlLEPIDVpojUPr1j1QEONrCpD3Tha4YU6daLXY30bfRQRkZv
7eQl5imWVy1i7c7ODzX1FiEs3XNMerWOwCUKLeLiJpZ7oTlK3IGd4BezQO6azxnH
Kvi30PcASsNJM99UWKPnBPLLvUKzn/VDBbdZ25EPhrTjWsk4V7K+tr1xVX+ve+g3
ccrixOLxrFzwyrK+kjZUNa+VOSIUWesNdmpEeKETKErwllOUtyCsC+rPtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF828VbTBjp3eK4Ir93Jky6x+ESiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWHpieFZ0TUdPbmQ0cmdpdjNjbVRMckg0UktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUpnkMA0G
CSqGSIb3DQEBCwUAA4IBAQCXegF5TODLCWJBbP/X7YFMWDGaD6Z332Es6n5NTWxy
4PgcvkuoPTk5k5+MwBDBth1Eci4uc9ptDownNWU9i+DdAb8Xd6ZER++7f/A3Ekvs
NbArmVgpQ/XR2SWwFYsdOu7xenjfsdX8FfjwZIWEYc8MLvwrJG5hhRsIhzQQ4wOu
2b2MhX05m7c3+DCsDAGUBcqfCd9u6y9qY91HB6MYzagcPITRasl95iFZsWuUiMFi
ueESorE6pYga0xf+0jZzRx5k8O99QMMI1t9mXSwhwFIFEFjz8BMrnyTm7I6mW2+x
vgbxTPVopyyEUSM0E/VtiR9vi6/xbvR/vFtyMR517mXR
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:51:58 2025 by rpki-client