Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bO_J9eDgFhPe9yFU31TAVr8BxvE.roa
File: bO_J9eDgFhPe9yFU31TAVr8BxvE.roa (raw, json)
Hash identifier: 4QVHTWpWPY1PouZUD3Fk4/L3d1dkKhyS+CLvWyj45Xc=
Subject key identifier: 6C:EF:C9:F5:E0:E0:16:13:DE:F7:21:54:DF:54:C0:56:BF:01:C6:F1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FDDFBA6FF4DAF2A212BB36F21CDEC4715
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bO_J9eDgFhPe9yFU31TAVr8BxvE.roa
Signing time: Mon 03 Jun 2024 12:03:27 +0000
ROA not before: Mon 03 Jun 2024 12:03:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400909
IP address blocks: 82.153.32.0/24 maxlen: 24
89.213.124.0/23 maxlen: 23
89.213.224.0/23 maxlen: 23
194.105.90.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 04 Jun 2024 10:26:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:fb:a6:ff:4d:af:2a:21:2b:b3:6f:21:cd:ec:47:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 3 12:03:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cefc9f5e0e01613def72154df54c056bf01c6f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:32:3b:4b:d6:ae:ea:0c:54:35:91:74:02:3f:
46:03:2f:0a:6b:7f:22:75:dc:5f:41:41:5b:0f:e0:
c0:8b:f2:bb:71:25:aa:ef:5c:5d:a4:82:1d:aa:ad:
44:d1:eb:ca:39:d0:9e:b6:bf:59:a0:5c:69:5a:e1:
12:c7:ac:ae:a6:4c:a9:1b:fa:99:ad:55:4a:b4:7b:
bb:0d:3d:c8:9b:6e:0f:11:98:9e:78:9f:f5:56:d6:
74:13:ec:df:03:e8:b3:0b:57:61:08:fc:8d:4b:ca:
65:fb:ff:34:81:5d:93:8d:f5:6e:e0:e0:b0:d3:dd:
a7:bc:48:c0:e3:d5:53:0e:b4:66:f3:97:c8:c5:b5:
c6:8d:89:24:1d:b2:1d:a6:c9:20:a0:50:c2:41:13:
7e:11:d7:e9:89:35:ba:47:c8:bf:97:64:d7:6c:9f:
70:1e:e2:c2:c8:7f:d5:81:ff:82:f3:ff:bd:e3:9b:
94:2c:bf:61:16:2f:d7:81:b2:65:fc:52:9e:7a:fe:
8b:6c:5a:e2:c8:71:79:1e:5c:a2:79:d5:96:34:e9:
31:77:1e:61:37:d5:9a:49:72:cc:bc:2e:c0:8a:c9:
18:7a:0d:c9:a3:6b:68:4b:de:4d:24:ad:d8:6f:b2:
30:af:27:dc:8a:4a:cf:8e:84:65:56:75:49:b4:54:
2e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:EF:C9:F5:E0:E0:16:13:DE:F7:21:54:DF:54:C0:56:BF:01:C6:F1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bO_J9eDgFhPe9yFU31TAVr8BxvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.32.0/24
89.213.124.0/23
89.213.224.0/23
194.105.90.0/23
Signature Algorithm: sha256WithRSAEncryption
68:75:82:03:63:47:bf:e8:23:02:a8:53:e6:5c:86:71:95:c3:
5d:b6:a8:e4:0f:95:f6:2f:7e:7e:c5:ef:78:61:5f:d1:34:62:
a4:be:f4:ce:44:2e:dd:ed:e8:ca:f8:fe:d0:a4:87:c8:2d:fa:
62:57:00:12:c3:39:35:f5:ff:fa:aa:dc:40:b2:29:5c:74:63:
ef:61:46:c6:1e:f6:d0:59:c3:34:e2:ce:26:cd:ab:68:f6:ac:
9b:29:5c:79:af:03:95:b0:13:96:3c:c5:1b:94:ca:64:b1:bf:
7a:be:cb:02:40:a1:ee:8a:f9:15:0c:ab:8d:2a:b2:95:4d:3f:
e3:7a:1f:34:e0:5e:a0:6e:32:14:f0:bc:8d:41:9e:a3:af:ba:
90:cf:d5:a7:08:bd:b7:df:3a:bf:ef:c0:33:1d:df:f0:5f:d1:
9a:37:87:86:ff:51:ca:08:23:64:e8:af:f4:5c:11:f2:4d:73:
82:0c:29:f6:d6:4d:76:0a:37:b4:a6:c7:5f:a1:f9:a1:3f:46:
7b:b3:37:06:55:27:a2:76:24:6c:0f:9c:81:a3:3e:f7:57:0f:
40:ae:8e:a8:a2:c4:eb:7b:c3:d1:89:90:23:94:ce:51:2b:c9:
d6:03:f2:d2:c7:f2:d2:96:2c:4b:9b:4b:86:ab:5b:d6:8c:1d:
c2:cb:bd:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/d+6b/Ta8qISuzbyHN7EcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjAzMTIwMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2VmYzlmNWUwZTAxNjEzZGVmNzIxNTRkZjU0YzA1NmJmMDFjNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjI7S9au6gxUNZF0Aj9GAy8Ka38i
ddxfQUFbD+DAi/K7cSWq71xdpIIdqq1E0evKOdCetr9ZoFxpWuESx6yupkypG/qZ
rVVKtHu7DT3Im24PEZieeJ/1VtZ0E+zfA+izC1dhCPyNS8pl+/80gV2TjfVu4OCw
092nvEjA49VTDrRm85fIxbXGjYkkHbIdpskgoFDCQRN+EdfpiTW6R8i/l2TXbJ9w
HuLCyH/Vgf+C8/+945uULL9hFi/XgbJl/FKeev6LbFriyHF5HlyiedWWNOkxdx5h
N9WaSXLMvC7AiskYeg3Jo2toS95NJK3Yb7IwryfcikrPjoRlVnVJtFQuGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGzvyfXg4BYT3vchVN9UwFa/AcbxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYk9fSjllRGdGaFBlOXlGVTMxVEFWcjhCeHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpkgAwQB
WdV8AwQBWdXgAwQBwmlaMA0GCSqGSIb3DQEBCwUAA4IBAQBodYIDY0e/6CMCqFPm
XIZxlcNdtqjkD5X2L35+xe94YV/RNGKkvvTORC7d7ejK+P7QpIfILfpiVwASwzk1
9f/6qtxAsilcdGPvYUbGHvbQWcM04s4mzato9qybKVx5rwOVsBOWPMUblMpksb96
vssCQKHuivkVDKuNKrKVTT/jeh804F6gbjIU8LyNQZ6jr7qQz9WnCL233zq/78Az
Hd/wX9GaN4eG/1HKCCNk6K/0XBHyTXOCDCn21k12Cje0psdfofmhP0Z7szcGVSei
diRsD5yBoz73Vw9Aro6oosTre8PRiZAjlM5RK8nWA/LSx/LSlixLm0uGq1vWjB3C
y73g
-----END CERTIFICATE-----
Generated at Thu Mar 27 19:36:56 2025 by rpki-client