Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dAgbV9Z2ZpC1Rmrka3rz871e0pY.roa
File: dAgbV9Z2ZpC1Rmrka3rz871e0pY.roa (raw, json)
Hash identifier: FQw11EkcmAw6KIa28qW4RTcJ8B56RrS6xTmopfVDj90=
Subject key identifier: 74:08:1B:57:D6:76:66:90:B5:46:6A:E4:6B:7A:F3:F3:BD:5E:D2:96
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CD45E24CE839C79D2D7B81AED865A23B8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dAgbV9Z2ZpC1Rmrka3rz871e0pY.roa
Signing time: Thu 04 Jan 2024 12:06:28 +0000
ROA not before: Thu 04 Jan 2024 12:06:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150698
IP address blocks: 82.153.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 07:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d4:5e:24:ce:83:9c:79:d2:d7:b8:1a:ed:86:5a:23:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 4 12:06:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74081b57d6766690b5466ae46b7af3f3bd5ed296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f4:8c:89:f0:73:62:09:43:a3:d7:9d:23:4f:
ec:ed:bb:70:be:0d:90:21:01:e0:cb:02:27:46:ef:
5f:50:18:68:ba:ea:c0:b3:32:8f:df:a9:bf:18:3c:
0a:34:cf:6d:99:3a:82:37:b8:92:ad:cd:5e:0d:e0:
38:84:4f:df:1c:fc:ee:17:f5:4c:01:4b:5f:65:d3:
06:b4:97:c2:99:ef:c2:ea:e6:27:83:bc:b8:47:da:
e5:71:f0:53:80:3e:b4:e7:73:42:a2:24:ea:8a:a9:
86:99:8a:3c:08:2b:4b:6e:f6:32:f4:c0:b5:23:08:
b3:72:5c:d2:c8:f8:70:a4:4e:b1:cb:bd:fd:de:c9:
71:e2:f6:9c:63:e9:83:77:fe:91:fc:41:f7:07:1f:
63:4c:a3:82:87:09:d4:a2:2c:ed:69:4c:51:f0:1d:
79:1d:55:72:f3:76:6a:a8:c2:5f:1c:85:c0:7b:d3:
24:09:04:6c:16:94:6e:35:f7:2b:77:b2:7d:ec:30:
ad:3f:8c:30:53:5c:30:9d:45:5e:3b:de:2a:c4:e1:
b6:39:50:32:d7:62:9b:64:e7:03:a8:bb:38:be:27:
67:b9:37:e6:93:85:1c:54:d9:50:03:fd:1b:95:29:
6a:53:66:4a:57:5d:89:24:53:84:c5:b2:3d:dc:4e:
68:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:08:1B:57:D6:76:66:90:B5:46:6A:E4:6B:7A:F3:F3:BD:5E:D2:96
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dAgbV9Z2ZpC1Rmrka3rz871e0pY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.241.0/24
Signature Algorithm: sha256WithRSAEncryption
97:6d:ad:33:56:49:97:5a:36:6e:5d:66:69:83:1c:8b:ca:5b:
b9:55:d0:25:1e:90:8d:93:d9:a2:b6:01:97:76:09:67:de:25:
70:fd:81:80:8f:46:3b:7f:ef:90:e1:c2:b7:67:67:d8:1a:26:
88:88:8e:88:3b:11:bd:14:9c:b5:95:40:fe:34:55:c2:e3:9a:
d5:45:8f:49:38:7f:cb:fc:ec:6e:16:68:e4:d0:68:ed:dc:fa:
ba:8f:8b:9b:1b:79:c8:12:7a:b6:d7:ea:49:5f:46:44:1c:e9:
29:44:eb:d4:4a:45:ea:6f:e3:fc:42:2e:33:55:aa:5c:0b:98:
bd:92:3b:a3:33:f4:0a:61:40:21:81:43:d9:7d:4b:95:6e:4f:
a9:57:b2:76:aa:bd:ad:fb:4e:b8:5e:63:9a:e5:2f:b4:4c:4d:
4a:3f:41:dc:08:87:6a:51:d9:44:a0:12:88:f9:8a:c1:68:e1:
46:78:f7:8a:fe:13:ce:4c:42:e1:dd:48:39:37:3e:4e:21:d5:
27:8d:34:55:25:65:5c:1e:aa:2f:d1:bd:b7:a4:86:a6:35:8a:
c5:04:aa:87:94:93:4f:6b:01:57:21:0f:6c:be:a9:3e:5a:4a:
38:90:f0:18:81:bc:8f:fd:96:ac:c1:7b:08:fd:ad:ef:49:30:
c3:9c:e4:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzUXiTOg5x50te4Gu2GWiO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTA0MTIwNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDA4MWI1N2Q2NzY2NjkwYjU0NjZhZTQ2YjdhZjNmM2JkNWVkMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/SMifBzYglDo9edI0/s7btwvg2Q
IQHgywInRu9fUBhouurAszKP36m/GDwKNM9tmTqCN7iSrc1eDeA4hE/fHPzuF/VM
AUtfZdMGtJfCme/C6uYng7y4R9rlcfBTgD6053NCoiTqiqmGmYo8CCtLbvYy9MC1
IwizclzSyPhwpE6xy7393slx4vacY+mDd/6R/EH3Bx9jTKOChwnUoiztaUxR8B15
HVVy83ZqqMJfHIXAe9MkCQRsFpRuNfcrd7J97DCtP4wwU1wwnUVeO94qxOG2OVAy
12KbZOcDqLs4vidnuTfmk4UcVNlQA/0blSlqU2ZKV12JJFOExbI93E5okwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQIG1fWdmaQtUZq5Gt68/O9XtKWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZEFnYlY5WjJacEMxUm1ya2Ezcno4NzFlMHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnxMA0G
CSqGSIb3DQEBCwUAA4IBAQCXba0zVkmXWjZuXWZpgxyLylu5VdAlHpCNk9mitgGX
dgln3iVw/YGAj0Y7f++Q4cK3Z2fYGiaIiI6IOxG9FJy1lUD+NFXC45rVRY9JOH/L
/OxuFmjk0Gjt3Pq6j4ubG3nIEnq21+pJX0ZEHOkpROvUSkXqb+P8Qi4zVapcC5i9
kjujM/QKYUAhgUPZfUuVbk+pV7J2qr2t+064XmOa5S+0TE1KP0HcCIdqUdlEoBKI
+YrBaOFGePeK/hPOTELh3Ug5Nz5OIdUnjTRVJWVcHqov0b23pIamNYrFBKqHlJNP
awFXIQ9svqk+Wko4kPAYgbyP/ZaswXsI/a3vSTDDnOQ0
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:13 2025 by rpki-client