Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/flcLYNF4EyP2PnJiIp45cFrOwV4.roa
File: flcLYNF4EyP2PnJiIp45cFrOwV4.roa (raw, json)
Hash identifier: 2LWBrQffhoZkP5iBXIpUMd4oikrYVC1Nb5o4T/Hf3TY=
Subject key identifier: 7E:57:0B:60:D1:78:13:23:F6:3E:72:62:22:9E:39:70:5A:CE:C1:5E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143D908502CC803F6027F1E2C2631FB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/flcLYNF4EyP2PnJiIp45cFrOwV4.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23470
IP address blocks: 82.153.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 11:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d9:08:50:2c:c8:03:f6:02:7f:1e:2c:26:31:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e570b60d1781323f63e7262229e39705acec15e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:49:5f:17:73:25:a6:79:80:42:4a:2a:c7:b1:
0a:9b:a8:4e:0f:ab:26:ad:bb:9a:99:2d:45:6b:3f:
5a:e2:2a:ff:ce:a8:47:5f:67:31:2d:97:46:25:ab:
d7:0e:77:ec:d6:ca:c0:96:eb:ff:3e:2a:da:b8:3a:
c3:33:c5:3d:7b:14:31:05:d4:f6:d5:bf:5d:fb:77:
ec:6f:41:78:c8:a4:05:dc:d6:c9:6c:0a:d5:47:af:
83:93:ce:7c:b7:18:63:d0:05:f5:c2:c3:af:d0:c9:
82:ff:ab:f6:47:95:14:a0:93:e7:57:f8:58:02:17:
5c:20:82:d6:0b:76:6c:54:86:53:cc:a3:92:5b:53:
91:51:b0:a5:a5:e5:e0:a2:34:88:46:6b:51:1a:b2:
3b:ec:41:6a:39:ed:fd:ed:cb:ae:75:a3:85:95:7c:
cd:2a:73:4a:08:36:85:bb:51:11:40:05:31:4c:2a:
60:67:bb:aa:1c:66:22:f7:5e:19:51:96:22:2a:31:
c8:c8:67:51:78:f7:e3:5d:95:f4:9d:cb:2c:61:5e:
46:54:66:68:f7:94:31:ee:1e:9f:38:a0:ba:84:c4:
7d:05:1c:26:1d:21:64:39:bb:30:81:f1:15:b7:97:
1a:ec:18:10:4e:01:9f:85:fc:8d:63:55:f0:1e:61:
0b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:57:0B:60:D1:78:13:23:F6:3E:72:62:22:9E:39:70:5A:CE:C1:5E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/flcLYNF4EyP2PnJiIp45cFrOwV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.0.0/24
Signature Algorithm: sha256WithRSAEncryption
26:99:2f:eb:66:f1:de:10:31:52:6d:67:0e:9a:40:5b:5c:af:
2d:06:5e:66:ec:15:c0:11:f4:7b:c9:f1:9b:cb:72:f1:9e:0a:
8b:04:b5:39:6a:44:3e:7f:dc:9a:ea:97:ba:14:57:14:9c:56:
ca:37:b8:6f:b2:45:2c:1a:34:58:3e:08:36:3b:56:61:a9:2c:
fb:9f:fc:79:c6:6e:c2:ed:bd:1e:bb:a6:26:ac:60:ef:5f:ed:
dd:97:9a:00:78:3a:4e:50:e1:15:81:5c:d8:12:dd:81:03:f6:
40:90:47:6c:48:ca:cb:ed:11:25:9f:e9:1c:f2:52:ff:3a:96:
3d:b0:44:b6:8a:9d:31:7a:df:78:1c:d5:2d:15:d1:8d:7f:e2:
2f:bb:1b:8d:a6:fe:eb:eb:ef:4f:75:0d:67:18:a2:c4:9a:ca:
72:40:d6:88:dc:93:8b:15:8a:78:e7:13:54:34:c2:b3:56:5a:
56:0d:b5:bf:3f:30:52:19:3d:b9:63:1e:b2:5e:53:95:f2:97:
bf:bd:4d:6c:50:c2:0c:41:c6:59:32:2b:56:46:05:8b:49:09:
40:ad:37:15:86:2e:c4:e5:27:fc:62:72:00:65:24:2d:51:86:
c0:f2:70:70:33:fd:7a:fc:e6:6a:a7:88:97:b5:70:65:8c:e3:
54:62:20:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ9kIUCzIA/YCfx4sJjH7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTU3MGI2MGQxNzgxMzIzZjYzZTcyNjIyMjllMzk3MDVhY2VjMTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUlfF3MlpnmAQkoqx7EKm6hOD6sm
rbuamS1Faz9a4ir/zqhHX2cxLZdGJavXDnfs1srAluv/PirauDrDM8U9exQxBdT2
1b9d+3fsb0F4yKQF3NbJbArVR6+Dk858txhj0AX1wsOv0MmC/6v2R5UUoJPnV/hY
AhdcIILWC3ZsVIZTzKOSW1ORUbClpeXgojSIRmtRGrI77EFqOe397cuudaOFlXzN
KnNKCDaFu1ERQAUxTCpgZ7uqHGYi914ZUZYiKjHIyGdRePfjXZX0ncssYV5GVGZo
95Qx7h6fOKC6hMR9BRwmHSFkObswgfEVt5ca7BgQTgGfhfyNY1XwHmELAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH5XC2DReBMj9j5yYiKeOXBazsFeMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZmxjTFlORjRFeVAyUG5KaUlwNDVjRnJPd1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkAMA0G
CSqGSIb3DQEBCwUAA4IBAQAmmS/rZvHeEDFSbWcOmkBbXK8tBl5m7BXAEfR7yfGb
y3LxngqLBLU5akQ+f9ya6pe6FFcUnFbKN7hvskUsGjRYPgg2O1ZhqSz7n/x5xm7C
7b0eu6YmrGDvX+3dl5oAeDpOUOEVgVzYEt2BA/ZAkEdsSMrL7REln+kc8lL/OpY9
sES2ip0xet94HNUtFdGNf+IvuxuNpv7r6+9PdQ1nGKLEmspyQNaI3JOLFYp45xNU
NMKzVlpWDbW/PzBSGT25Yx6yXlOV8pe/vU1sUMIMQcZZMitWRgWLSQlArTcVhi7E
5Sf8YnIAZSQtUYbA8nBwM/16/OZqp4iXtXBljONUYiA0
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:54:08 2025 by rpki-client