Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_N--zqNoC9GTJUYoRLxM-IE2fdQ.roa
File: _N--zqNoC9GTJUYoRLxM-IE2fdQ.roa (raw, json)
Hash identifier: GGAum8aUAj6CGcyHsxmJJVbKl2wfXuKMX1MBVnnfBbw=
Subject key identifier: FC:DF:BE:CE:A3:68:0B:D1:93:25:46:28:44:BC:4C:F8:81:36:7D:D4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E9DD23E32F8A23F3A077FB936F25E3ADE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_N--zqNoC9GTJUYoRLxM-IE2fdQ.roa
Signing time: Tue 02 Apr 2024 07:59:45 +0000
ROA not before: Tue 02 Apr 2024 07:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150698
IP address blocks: 82.153.241.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 May 2024 17:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:d2:3e:32:f8:a2:3f:3a:07:7f:b9:36:f2:5e:3a:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 2 07:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcdfbecea3680bd19325462844bc4cf881367dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:65:78:0c:e7:aa:f8:4e:f0:b9:1b:8a:0a:cb:
7e:54:54:d8:15:68:79:84:aa:39:56:14:fa:b4:5b:
1c:74:03:b8:bc:91:9b:5c:00:fe:eb:51:55:ca:01:
e6:e9:a2:22:0a:18:58:eb:7f:fd:f4:24:00:26:f7:
4c:83:20:ec:55:5c:27:11:77:e3:e1:dd:ac:78:21:
46:f7:7d:a2:cf:a5:70:a5:34:5d:59:b9:22:72:dd:
d0:00:db:05:3f:aa:01:33:72:e6:b3:05:1a:46:d5:
30:cf:43:27:7e:59:44:9d:45:80:32:fd:7b:21:6b:
89:52:c2:6c:e2:62:5c:27:13:ae:d1:79:a8:05:bb:
40:71:bb:a1:89:16:65:8f:c6:23:f3:4f:58:1a:23:
a9:4b:41:13:93:e7:33:9b:6f:7a:2d:a9:28:11:ff:
b6:d4:73:16:51:b8:b1:f2:77:2b:8f:80:cc:b0:f7:
b9:e3:40:21:e6:ce:c1:1f:33:75:2b:63:e1:06:90:
d9:28:20:90:16:33:d8:77:6c:a7:11:5c:64:b5:d6:
34:6f:b6:e0:ea:87:df:45:13:a4:32:40:b1:ba:b1:
9c:f9:32:ac:da:76:41:9f:e1:13:ae:f7:b3:73:f9:
d8:7e:92:c6:3b:04:d9:57:57:f7:a7:21:7d:a2:81:
a3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DF:BE:CE:A3:68:0B:D1:93:25:46:28:44:BC:4C:F8:81:36:7D:D4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_N--zqNoC9GTJUYoRLxM-IE2fdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.241.0/24
213.218.238.0/23
Signature Algorithm: sha256WithRSAEncryption
74:ce:3d:62:39:6e:31:a9:7d:2a:68:f6:89:a9:5e:09:fe:50:
ab:19:88:2b:2e:22:95:41:1b:0e:98:b6:7b:ea:6e:4f:94:6a:
31:6f:71:b8:21:fe:c9:d4:21:c6:04:88:36:62:5d:64:58:ab:
6d:14:5c:4a:30:dd:f0:7f:c9:4f:60:59:5a:ca:53:68:ef:8f:
d9:a5:1a:90:87:af:69:50:6d:e3:62:24:57:5a:03:1a:59:04:
14:eb:ea:43:82:b8:76:1c:38:37:13:b2:c1:33:61:95:16:e2:
4f:96:dd:e5:51:60:f9:27:97:cb:d4:c9:eb:e5:e4:8a:94:98:
3e:a7:e9:4b:47:bf:7a:89:72:b4:af:ee:6e:89:cf:c9:ec:c8:
f3:a5:9a:39:17:56:43:06:ba:92:b7:4a:b0:9b:1c:bc:f5:2f:
e4:4d:4e:14:fe:2a:48:eb:48:b3:48:7f:17:83:01:5e:4b:04:
16:1f:22:d9:29:60:8c:78:c5:8e:a9:92:4c:93:bd:e2:7f:7f:
7b:38:c7:b8:ff:f4:55:65:d9:a7:7e:f8:c5:c5:02:b5:ac:92:
59:58:06:0a:3e:d9:88:63:a7:36:68:6a:7f:d9:c3:46:ba:14:
b6:bb:a8:9e:d5:6c:c1:8d:ba:98:fc:6d:61:f1:7f:0e:6b:6c:
71:3e:73:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6d0j4y+KI/Ogd/uTbyXjreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDAyMDc1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2RmYmVjZWEzNjgwYmQxOTMyNTQ2Mjg0NGJjNGNmODgxMzY3ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GV4DOeq+E7wuRuKCst+VFTYFWh5
hKo5VhT6tFscdAO4vJGbXAD+61FVygHm6aIiChhY63/99CQAJvdMgyDsVVwnEXfj
4d2seCFG932iz6VwpTRdWbkict3QANsFP6oBM3LmswUaRtUwz0MnfllEnUWAMv17
IWuJUsJs4mJcJxOu0XmoBbtAcbuhiRZlj8Yj809YGiOpS0ETk+czm296LakoEf+2
1HMWUbix8ncrj4DMsPe540Ah5s7BHzN1K2PhBpDZKCCQFjPYd2ynEVxktdY0b7bg
6offRROkMkCxurGc+TKs2nZBn+ETrvezc/nYfpLGOwTZV1f3pyF9ooGjFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPzfvs6jaAvRkyVGKES8TPiBNn3UMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvX04tLXpxTm9DOUdUSlVZb1JMeE0tSUUyZmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpnxAwQB
1druMA0GCSqGSIb3DQEBCwUAA4IBAQB0zj1iOW4xqX0qaPaJqV4J/lCrGYgrLiKV
QRsOmLZ76m5PlGoxb3G4If7J1CHGBIg2Yl1kWKttFFxKMN3wf8lPYFlaylNo74/Z
pRqQh69pUG3jYiRXWgMaWQQU6+pDgrh2HDg3E7LBM2GVFuJPlt3lUWD5J5fL1Mnr
5eSKlJg+p+lLR796iXK0r+5uic/J7MjzpZo5F1ZDBrqSt0qwmxy89S/kTU4U/ipI
60izSH8XgwFeSwQWHyLZKWCMeMWOqZJMk73if397OMe4//RVZdmnfvjFxQK1rJJZ
WAYKPtmIY6c2aGp/2cNGuhS2u6ie1WzBjbqY/G1h8X8Oa2xxPnPl
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:45 2025 by rpki-client