Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fsOEl3VLS4b63Zq75j47v9U1TW0.roa
File: fsOEl3VLS4b63Zq75j47v9U1TW0.roa (raw, json)
Hash identifier: I1XJ5x3djCGcXgIxIdJDeOA/ltZrLLMXfsODFYDI00Y=
Subject key identifier: 7E:C3:84:97:75:4B:4B:86:FA:DD:9A:BB:E6:3E:3B:BF:D5:35:4D:6D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906B06FE6A8E11C890ED20F7F9E13CDE3B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fsOEl3VLS4b63Zq75j47v9U1TW0.roa
Signing time: Sun 30 Jun 2024 21:22:18 +0000
ROA not before: Sun 30 Jun 2024 21:22:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 82.153.228.0/23 maxlen: 23
217.145.76.0/24 maxlen: 24
217.145.78.0/24 maxlen: 24
217.145.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Jul 2024 16:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6b:06:fe:6a:8e:11:c8:90:ed:20:f7:f9:e1:3c:de:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 21:22:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ec38497754b4b86fadd9abbe63e3bbfd5354d6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f7:7e:a9:f9:89:af:01:e6:6a:06:3f:54:83:
31:1f:4a:b3:0e:eb:ff:b2:a8:f4:67:e3:91:55:40:
35:ec:40:3b:cf:95:fc:92:e0:d5:ff:1c:b6:05:46:
7a:f7:18:38:5b:29:66:15:ca:f3:ed:a4:00:ee:5c:
c2:7d:80:71:e2:55:95:4a:96:e5:ee:3b:6b:1a:e6:
7d:a2:17:48:dc:bc:ad:05:4a:80:79:03:02:40:a5:
66:fb:46:f1:ea:28:6e:84:b1:43:94:03:5e:67:a3:
f3:5c:73:37:d6:9d:c0:e5:31:88:1f:50:3f:76:20:
a5:bd:c6:6d:72:02:70:46:f0:30:87:7d:46:26:5d:
0c:4d:16:2b:35:80:96:b3:f5:a0:77:ff:c8:50:12:
1a:f9:17:14:51:3e:f8:2f:d9:47:ae:35:87:23:4e:
88:f2:06:63:02:e9:21:48:4d:19:94:9e:86:18:07:
71:68:ec:57:cf:9d:d5:41:36:fa:04:95:af:ec:3e:
62:cd:e7:c6:b9:8b:77:bc:9d:cc:41:fc:81:9b:72:
73:c3:e1:31:46:52:13:9b:99:1e:e5:4f:ff:6f:e3:
a2:6b:71:70:c2:22:54:b7:c8:30:4e:de:f5:c1:8c:
d5:ea:e8:34:3d:f2:44:ad:a9:af:63:7a:64:db:fd:
8c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C3:84:97:75:4B:4B:86:FA:DD:9A:BB:E6:3E:3B:BF:D5:35:4D:6D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/fsOEl3VLS4b63Zq75j47v9U1TW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.228.0/23
217.145.76.0/24
217.145.78.0/23
Signature Algorithm: sha256WithRSAEncryption
18:4a:93:90:bc:02:ed:78:64:43:16:34:0a:14:61:42:14:cb:
c5:9b:b1:12:ac:6a:a5:8d:f2:60:13:8e:cc:6c:38:10:fb:ce:
c9:92:d3:b0:37:b6:80:47:81:80:80:03:24:53:6f:f9:40:8c:
e4:c7:7b:20:41:da:a9:d8:74:0e:16:43:6a:0b:53:50:48:54:
bd:49:70:19:39:2f:89:7e:a2:b1:c0:68:21:75:f3:0e:9d:44:
23:34:6f:9f:e9:eb:9f:7f:3c:1f:bb:69:94:1b:77:a4:29:7e:
b0:35:3c:27:4e:ba:b0:e5:05:f1:ea:b1:eb:46:11:8c:b1:c9:
c8:4c:da:6e:45:be:f3:38:73:8b:fa:6b:9f:f1:56:df:76:1f:
11:bf:b3:97:65:4f:10:c3:63:f4:86:71:ca:50:62:1f:18:07:
5e:b6:b2:74:f9:d6:2d:10:05:8d:97:66:77:d6:fb:71:67:d5:
86:1d:3b:f4:a9:34:88:32:18:3c:2b:4c:e2:02:2b:32:06:59:
ef:a3:23:7f:c6:07:61:6d:a7:4d:ad:c3:ea:a8:09:20:b6:5f:
c2:35:a2:5c:cb:e9:1c:06:93:61:e6:f2:35:31:66:3c:0e:c7:
84:c0:dd:f8:8e:ed:b2:74:34:be:e3:0c:9e:9a:12:c1:7c:a1:
c3:a0:c7:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBrBv5qjhHIkO0g9/nhPN47MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjEyMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWMzODQ5Nzc1NGI0Yjg2ZmFkZDlhYmJlNjNlM2JiZmQ1MzU0ZDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPd+qfmJrwHmagY/VIMxH0qzDuv/
sqj0Z+ORVUA17EA7z5X8kuDV/xy2BUZ69xg4WylmFcrz7aQA7lzCfYBx4lWVSpbl
7jtrGuZ9ohdI3LytBUqAeQMCQKVm+0bx6ihuhLFDlANeZ6PzXHM31p3A5TGIH1A/
diClvcZtcgJwRvAwh31GJl0MTRYrNYCWs/Wgd//IUBIa+RcUUT74L9lHrjWHI06I
8gZjAukhSE0ZlJ6GGAdxaOxXz53VQTb6BJWv7D5izefGuYt3vJ3MQfyBm3Jzw+Ex
RlITm5ke5U//b+Oia3FwwiJUt8gwTt71wYzV6ug0PfJEramvY3pk2/2MlwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH7DhJd1S0uG+t2au+Y+O7/VNU1tMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZnNPRWwzVkxTNGI2M1pxNzVqNDd2OVUxVFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUpnkAwQA
2ZFMAwQB2ZFOMA0GCSqGSIb3DQEBCwUAA4IBAQAYSpOQvALteGRDFjQKFGFCFMvF
m7ESrGqljfJgE47MbDgQ+87JktOwN7aAR4GAgAMkU2/5QIzkx3sgQdqp2HQOFkNq
C1NQSFS9SXAZOS+JfqKxwGghdfMOnUQjNG+f6euffzwfu2mUG3ekKX6wNTwnTrqw
5QXx6rHrRhGMscnITNpuRb7zOHOL+muf8Vbfdh8Rv7OXZU8Qw2P0hnHKUGIfGAde
trJ0+dYtEAWNl2Z31vtxZ9WGHTv0qTSIMhg8K0ziAisyBlnvoyN/xgdhbadNrcPq
qAkgtl/CNaJcy+kcBpNh5vI1MWY8DseEwN34ju2ydDS+4wyemhLBfKHDoMds
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:51 2025 by rpki-client