Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lNixjp9UJYcmORUUVFx6fC6wi5s.roa
File: lNixjp9UJYcmORUUVFx6fC6wi5s.roa (raw, json)
Hash identifier: W59Vqm7J9a0nLW8QpdIXp1X/LTty6Hz9OkRVSP62R10=
Subject key identifier: 94:D8:B1:8E:9F:54:25:87:26:39:15:14:54:5C:7A:7C:2E:B0:8B:9B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190B575309CD50BB8E0CBFE405C5678266C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lNixjp9UJYcmORUUVFx6fC6wi5s.roa
Signing time: Mon 15 Jul 2024 08:14:34 +0000
ROA not before: Mon 15 Jul 2024 08:14:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215304
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 15:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b5:75:30:9c:d5:0b:b8:e0:cb:fe:40:5c:56:78:26:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 15 08:14:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94d8b18e9f54258726391514545c7a7c2eb08b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ef:d7:fe:4f:24:36:0e:ca:6e:e1:29:13:0c:
72:28:59:90:7c:0f:98:9b:8f:f6:c1:c0:45:d2:8b:
b0:57:2a:03:d7:94:03:6a:bd:7e:76:a4:35:ee:ca:
b6:ff:7f:18:ba:f4:2e:9d:53:b8:fa:cb:22:36:56:
09:80:6d:16:bc:20:13:3b:2d:3a:d4:77:13:33:88:
04:3c:fa:87:2d:d2:f3:f5:e6:b5:4c:e2:3c:43:3f:
ee:1b:8b:73:e6:fd:76:dd:cc:b7:20:76:2f:ed:1f:
1d:dd:03:dc:ca:3b:6d:09:04:dd:54:29:90:5d:c8:
cb:14:03:b8:b7:5f:89:06:41:3d:0d:30:5a:e7:1f:
d8:b5:0d:df:52:2d:45:1f:51:24:52:5e:f6:6e:b5:
dd:3d:70:2d:df:78:28:71:72:07:6b:8d:a3:cb:bb:
35:e3:e7:a2:e3:90:f7:34:de:d8:9d:89:e4:79:d5:
6e:18:f2:ff:77:76:c8:0b:81:04:f9:f6:a2:13:4e:
0f:33:5d:d0:b9:e8:fd:ad:a9:ab:46:f8:a1:99:2e:
66:b7:7d:b2:fa:0a:ed:38:6f:bf:74:23:bc:69:f9:
af:fa:22:15:9d:71:ec:82:45:b4:e9:75:d0:31:8e:
9e:cb:2a:e4:6b:11:eb:4f:61:6f:1a:2f:e5:6f:c7:
e1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D8:B1:8E:9F:54:25:87:26:39:15:14:54:5C:7A:7C:2E:B0:8B:9B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lNixjp9UJYcmORUUVFx6fC6wi5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.123.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
18:38:2a:e2:02:29:15:e2:87:2a:4e:ec:4a:eb:30:d6:18:7c:
96:08:80:ea:79:4f:26:63:aa:06:3d:51:bd:e4:e1:23:3b:66:
b8:a7:db:2f:e2:1d:0e:69:bb:d9:95:5c:51:82:5b:1c:43:8f:
f5:6f:73:98:38:e3:dd:67:50:91:30:55:d6:c7:b5:cf:63:44:
ca:28:88:f9:5d:22:23:17:29:3c:d4:17:31:0e:3a:6e:3e:8e:
3b:02:70:f7:e1:33:35:0f:8e:a9:9e:4a:0d:5e:bf:71:ab:14:
df:77:70:6f:51:a3:42:ca:54:e5:1e:74:e6:77:b6:2c:cc:d8:
a4:7a:3c:59:00:04:a2:00:81:aa:f3:fe:d6:98:20:0c:77:4e:
6a:87:40:82:15:5f:07:6d:01:8c:ac:87:ca:cf:c5:8d:81:c7:
71:f5:19:a9:8f:4f:7a:3a:e7:03:7c:b8:6b:d6:7a:92:7a:fe:
80:f2:b5:9f:a1:28:62:86:f8:bb:4e:76:3a:98:6c:44:0d:6b:
76:8e:47:63:70:6f:6d:0c:bc:ad:85:71:83:41:fe:df:1f:8a:
6a:3e:f3:71:44:5c:9d:1f:23:db:e1:da:79:65:83:2a:2b:ef:
13:94:05:8e:9c:bc:1f:fd:ba:85:f0:d2:71:f4:67:ad:70:ce:
e2:c8:dd:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZC1dTCc1Qu44Mv+QFxWeCZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzE1MDgxNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGQ4YjE4ZTlmNTQyNTg3MjYzOTE1MTQ1NDVjN2E3YzJlYjA4YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte/X/k8kNg7KbuEpEwxyKFmQfA+Y
m4/2wcBF0ouwVyoD15QDar1+dqQ17sq2/38YuvQunVO4+ssiNlYJgG0WvCATOy06
1HcTM4gEPPqHLdLz9ea1TOI8Qz/uG4tz5v123cy3IHYv7R8d3QPcyjttCQTdVCmQ
XcjLFAO4t1+JBkE9DTBa5x/YtQ3fUi1FH1EkUl72brXdPXAt33gocXIHa42jy7s1
4+ei45D3NN7YnYnkedVuGPL/d3bIC4EE+faiE04PM13Quej9ramrRvihmS5mt32y
+grtOG+/dCO8afmv+iIVnXHsgkW06XXQMY6eyyrkaxHrT2FvGi/lb8fhywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJTYsY6fVCWHJjkVFFRcenwusIubMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbE5peGpwOVVKWWNtT1JVVVZGeDZmQzZ3aTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpiOAwQA
WdV7AwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQAYOCriAikV4ocqTuxK6zDWGHyW
CIDqeU8mY6oGPVG95OEjO2a4p9sv4h0OabvZlVxRglscQ4/1b3OYOOPdZ1CRMFXW
x7XPY0TKKIj5XSIjFyk81BcxDjpuPo47AnD34TM1D46pnkoNXr9xqxTfd3BvUaNC
ylTlHnTmd7YszNikejxZAASiAIGq8/7WmCAMd05qh0CCFV8HbQGMrIfKz8WNgcdx
9Rmpj096OucDfLhr1nqSev6A8rWfoShihvi7TnY6mGxEDWt2jkdjcG9tDLythXGD
Qf7fH4pqPvNxRFydHyPb4dp5ZYMqK+8TlAWOnLwf/bqF8NJx9GetcM7iyN27
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:24 2025 by rpki-client