Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7_djqoV4gr1ZbukZq9KliDJxtg.roa
File: _7_djqoV4gr1ZbukZq9KliDJxtg.roa (raw, json)
Hash identifier: A+HHm5bzf4kS6Lo/HP2XL3GIVqvAYWvp5cM33e2VMlw=
Subject key identifier: FF:BF:DD:8E:AA:15:E2:0A:F5:65:BB:A4:66:AF:4A:96:20:C9:C6:D8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D6B20029537C6B7C6605656814B47FA9A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7_djqoV4gr1ZbukZq9KliDJxtg.roa
Signing time: Fri 02 Feb 2024 18:41:16 +0000
ROA not before: Fri 02 Feb 2024 18:41:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398465
IP address blocks: 81.168.119.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Feb 2024 10:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6b:20:02:95:37:c6:b7:c6:60:56:56:81:4b:47:fa:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 2 18:41:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffbfdd8eaa15e20af565bba466af4a9620c9c6d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c2:d1:e1:f4:8d:f6:25:21:0b:12:7f:99:06:
13:a8:76:64:b6:62:93:6d:de:9e:a6:a5:9d:57:61:
bc:75:9b:66:85:3f:fb:82:91:56:83:e3:6d:c1:42:
6e:c2:8a:90:32:c2:96:f7:76:e5:80:db:ad:b3:47:
86:e7:a3:e2:21:4e:96:40:10:5d:ab:0d:af:ff:3c:
c5:59:9a:d0:6c:43:c7:b9:ff:6f:cc:cc:53:83:b7:
84:2f:68:e6:9b:3a:52:10:4b:06:f3:42:ec:72:b1:
f3:8b:99:89:d7:99:45:07:a1:e9:fd:4c:a3:bd:6c:
7a:db:45:ad:6c:3a:07:0f:0c:16:f8:78:6f:25:c7:
9a:b2:95:85:2f:17:fb:29:3d:a8:8b:ae:3b:65:52:
b8:09:64:62:6f:06:24:b1:12:64:d3:6b:e2:6f:2d:
e4:ac:99:8f:49:7f:01:fe:06:4e:2a:41:e9:be:0b:
08:16:17:fc:17:28:c3:7d:cd:72:d6:80:60:0f:13:
cc:fa:c0:44:97:eb:d0:6c:38:f7:73:33:48:55:1e:
3c:76:1f:b8:74:ed:77:8c:ab:bd:5d:da:07:4a:fb:
f6:af:81:b0:fb:21:f6:46:3d:0c:01:31:2d:e2:be:
f4:25:d8:ca:16:97:34:c3:2c:3b:22:7a:9c:63:67:
3f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:BF:DD:8E:AA:15:E2:0A:F5:65:BB:A4:66:AF:4A:96:20:C9:C6:D8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_7_djqoV4gr1ZbukZq9KliDJxtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.119.0/24
82.153.1.0/24
89.213.133.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:03:06:34:33:75:4d:a4:91:53:00:40:b4:91:7b:65:fb:71:
eb:cc:56:03:f0:b5:c5:ff:58:70:8c:f8:6e:13:46:d5:28:35:
94:2e:63:6a:99:5e:52:54:ad:eb:65:ed:78:dd:49:3d:3c:be:
1d:f0:59:f7:40:a5:31:dd:ff:57:3a:7a:69:eb:5f:c3:53:7e:
1c:98:f4:23:c4:cb:7f:1a:c5:47:75:c2:23:c8:07:d6:d5:7f:
71:1d:67:79:61:47:b4:bc:67:12:2b:af:fa:01:81:cb:ee:d4:
b2:47:66:0f:67:29:5c:26:ed:74:97:16:52:b2:19:26:4e:18:
62:df:6f:75:f3:de:a5:cc:d1:72:15:06:77:d2:0c:52:3c:4c:
fd:58:bf:02:31:a2:33:92:8a:ee:ee:44:3c:8c:a4:91:3e:68:
52:7e:81:ad:05:b6:2d:5e:51:7c:58:6f:28:a5:be:4f:4d:bb:
12:82:01:13:e2:f6:40:90:29:4e:8a:70:59:2a:ef:52:78:90:
c7:73:92:a2:5f:e0:33:ba:91:ae:ce:56:11:b3:df:79:b6:43:
a9:d9:e7:6c:8f:63:0f:4d:46:ed:6c:41:0a:39:68:33:3a:eb:
d5:b5:9b:28:ac:2f:ba:fb:8a:37:37:5e:e7:10:66:e8:08:29:
cb:74:40:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1rIAKVN8a3xmBWVoFLR/qaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMjAyMTg0MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmJmZGQ4ZWFhMTVlMjBhZjU2NWJiYTQ2NmFmNGE5NjIwYzljNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMLR4fSN9iUhCxJ/mQYTqHZktmKT
bd6epqWdV2G8dZtmhT/7gpFWg+NtwUJuwoqQMsKW93blgNuts0eG56PiIU6WQBBd
qw2v/zzFWZrQbEPHuf9vzMxTg7eEL2jmmzpSEEsG80LscrHzi5mJ15lFB6Hp/Uyj
vWx620WtbDoHDwwW+HhvJceaspWFLxf7KT2oi647ZVK4CWRibwYksRJk02viby3k
rJmPSX8B/gZOKkHpvgsIFhf8FyjDfc1y1oBgDxPM+sBEl+vQbDj3czNIVR48dh+4
dO13jKu9XdoHSvv2r4Gw+yH2Rj0MATEt4r70JdjKFpc0wyw7InqcY2c/kQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP+/3Y6qFeIK9WW7pGavSpYgycbYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzdfZGpxb1Y0Z3IxWmJ1a1pxOUtsaURKeHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUah3AwQA
UpkBAwQAWdWFMA0GCSqGSIb3DQEBCwUAA4IBAQBKAwY0M3VNpJFTAEC0kXtl+3Hr
zFYD8LXF/1hwjPhuE0bVKDWULmNqmV5SVK3rZe143Uk9PL4d8Fn3QKUx3f9XOnpp
61/DU34cmPQjxMt/GsVHdcIjyAfW1X9xHWd5YUe0vGcSK6/6AYHL7tSyR2YPZylc
Ju10lxZSshkmThhi3291896lzNFyFQZ30gxSPEz9WL8CMaIzkoru7kQ8jKSRPmhS
foGtBbYtXlF8WG8opb5PTbsSggET4vZAkClOinBZKu9SeJDHc5KiX+AzupGuzlYR
s995tkOp2edsj2MPTUbtbEEKOWgzOuvVtZsorC+6+4o3N17nEGboCCnLdECs
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:46 2025 by rpki-client