Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cbkj0bYB8ilDXomRTKuBvZCkudA.roa
File: cbkj0bYB8ilDXomRTKuBvZCkudA.roa (raw, json)
Hash identifier: MTr5+9X4tn+YmAzarqaUFbK6FplBlDCcNUf93/fEJd8=
Subject key identifier: 71:B9:23:D1:B6:01:F2:29:43:5E:89:91:4C:AB:81:BD:90:A4:B9:D0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01948D973F4002C6EEAEEB12E62D146CD57E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cbkj0bYB8ilDXomRTKuBvZCkudA.roa
Signing time: Wed 22 Jan 2025 10:38:07 +0000
ROA not before: Wed 22 Jan 2025 10:38:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398395
IP address blocks: 82.152.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 12:35:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8d:97:3f:40:02:c6:ee:ae:eb:12:e6:2d:14:6c:d5:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 22 10:38:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71b923d1b601f229435e89914cab81bd90a4b9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:1d:86:df:e3:8c:b5:c7:5c:e9:44:49:7e:
55:e6:a7:5f:77:1b:f7:ce:bb:11:b2:11:9a:5b:ce:
ba:25:4d:cb:c3:4a:f0:df:56:b1:89:af:bd:cd:ce:
23:0a:e1:cc:7d:2d:46:f7:b0:36:10:b7:3a:3e:fe:
39:45:b6:c8:57:74:39:a8:cb:48:a2:71:8b:d8:7b:
0b:54:8d:74:66:a6:8a:fc:9f:90:61:32:4f:df:d3:
f4:31:a5:ac:66:72:82:d5:9a:30:72:2d:de:ce:d9:
dc:db:4a:7a:c7:24:2e:35:2d:26:e2:6a:ab:27:03:
20:7c:a4:29:7c:18:65:22:d9:bf:66:f5:04:08:bf:
57:38:ca:e6:dc:05:3d:ce:51:8f:a6:c9:fc:90:c6:
a3:34:28:6a:1e:d4:2c:ad:92:17:d1:ff:04:a6:67:
7b:9a:33:f8:b7:30:17:86:91:59:0d:c1:15:cd:05:
9f:40:eb:77:3f:7f:d8:72:bd:8b:dd:97:94:28:2a:
4f:63:c3:2e:ce:8f:de:02:48:cf:8f:ec:07:76:c2:
19:81:61:3e:2c:8c:33:d8:bf:49:7c:46:4c:3c:a2:
ae:36:2c:c4:c2:3b:df:8d:cd:89:5d:f7:2c:f8:33:
e0:79:1e:0a:55:43:72:89:89:0e:89:57:8c:31:fe:
53:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B9:23:D1:B6:01:F2:29:43:5E:89:91:4C:AB:81:BD:90:A4:B9:D0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cbkj0bYB8ilDXomRTKuBvZCkudA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.131.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:02:d0:01:80:5b:7a:87:8d:f8:9b:d0:17:06:4e:a9:d3:45:
8f:ca:6d:2f:08:da:a4:39:25:74:bd:95:09:c7:72:c2:77:ad:
5b:dd:45:8c:11:85:bc:e0:d3:69:c8:29:29:2b:79:8b:46:75:
5e:b5:74:c2:46:54:30:a5:b2:3d:79:43:4a:2e:e4:58:4a:ad:
b0:e2:c5:30:1e:52:34:a5:4c:3c:d7:99:b1:ff:42:1d:98:c3:
1d:43:60:24:ea:5c:71:80:52:44:00:c1:46:e2:88:df:dc:cd:
d0:f0:ec:34:57:b3:80:2d:89:f0:4f:26:96:65:b8:3e:f6:2f:
9c:7e:fc:fe:ad:31:1c:d8:42:88:2c:ef:85:32:6c:19:8b:bc:
e5:1a:16:e1:8a:b8:54:88:e7:81:25:a9:0e:aa:f3:c0:3a:82:
d8:20:1a:49:6f:56:b2:8b:72:f2:b4:ee:d9:70:32:39:f5:6e:
50:61:25:e1:96:e4:9c:bf:f9:28:9b:37:44:ec:c6:f1:8f:d6:
a1:a7:73:bf:07:e6:1b:51:58:9f:94:14:ef:12:4d:2a:ab:d9:
1f:48:44:ec:6d:1f:39:cf:04:20:05:16:eb:ac:39:b7:16:34:
34:82:87:aa:41:f9:78:3f:60:2c:69:7f:9c:4b:99:d5:27:b3:
e7:73:e5:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSNlz9AAsburusS5i0UbNV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTIyMTAzODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWI5MjNkMWI2MDFmMjI5NDM1ZTg5OTE0Y2FiODFiZDkwYTRiOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV8dht/jjLXHXOlESX5V5qdfdxv3
zrsRshGaW866JU3Lw0rw31axia+9zc4jCuHMfS1G97A2ELc6Pv45RbbIV3Q5qMtI
onGL2HsLVI10ZqaK/J+QYTJP39P0MaWsZnKC1Zowci3eztnc20p6xyQuNS0m4mqr
JwMgfKQpfBhlItm/ZvUECL9XOMrm3AU9zlGPpsn8kMajNChqHtQsrZIX0f8Epmd7
mjP4tzAXhpFZDcEVzQWfQOt3P3/Ycr2L3ZeUKCpPY8Muzo/eAkjPj+wHdsIZgWE+
LIwz2L9JfEZMPKKuNizEwjvfjc2JXfcs+DPgeR4KVUNyiYkOiVeMMf5TTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHG5I9G2AfIpQ16JkUyrgb2QpLnQMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY2JrajBiWUI4aWxEWG9tUlRLdUJ2WkNrdWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpiDMA0G
CSqGSIb3DQEBCwUAA4IBAQBuAtABgFt6h434m9AXBk6p00WPym0vCNqkOSV0vZUJ
x3LCd61b3UWMEYW84NNpyCkpK3mLRnVetXTCRlQwpbI9eUNKLuRYSq2w4sUwHlI0
pUw815mx/0IdmMMdQ2Ak6lxxgFJEAMFG4ojf3M3Q8Ow0V7OALYnwTyaWZbg+9i+c
fvz+rTEc2EKILO+FMmwZi7zlGhbhirhUiOeBJakOqvPAOoLYIBpJb1ayi3LytO7Z
cDI59W5QYSXhluScv/komzdE7Mbxj9ahp3O/B+YbUViflBTvEk0qq9kfSETsbR85
zwQgBRbrrDm3FjQ0goeqQfl4P2AsaX+cS5nVJ7Pnc+VT
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:27:52 2025 by rpki-client