Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wUX75Xt4QsGfAdYKx0QTIoZf02c.roa
File: wUX75Xt4QsGfAdYKx0QTIoZf02c.roa (raw, json)
Hash identifier: RKHA1FtSssBA1dmKA1/0bAKoFXzRiOWJsRIlzQyWJyE=
Subject key identifier: C1:45:FB:E5:7B:78:42:C1:9F:01:D6:0A:C7:44:13:22:86:5F:D3:67
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D56022D6754F43EC7C18C9A7C7EE0A91F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wUX75Xt4QsGfAdYKx0QTIoZf02c.roa
Signing time: Mon 29 Jan 2024 16:16:39 +0000
ROA not before: Mon 29 Jan 2024 16:16:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 82.153.225.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.131.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Mar 2024 07:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:02:2d:67:54:f4:3e:c7:c1:8c:9a:7c:7e:e0:a9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 29 16:16:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c145fbe57b7842c19f01d60ac7441322865fd367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:28:e1:34:b2:6d:a8:e9:6e:43:25:0e:ff:cf:
f3:8b:7e:f2:11:07:bd:63:55:b1:64:bf:69:77:1a:
0f:21:5e:78:2a:24:26:5d:0b:4b:7d:48:53:05:5b:
73:56:8c:7e:29:0a:50:a8:fa:ec:40:bc:cf:1b:b8:
53:1a:89:e8:26:b1:bb:29:5d:70:f7:20:e6:5e:33:
00:ce:21:cb:26:bc:5c:e3:f5:11:fb:23:c1:f3:27:
12:5f:86:df:8e:df:a7:1f:e6:83:a1:18:69:f0:66:
6b:e2:32:92:72:90:b4:0a:96:35:2b:8e:9c:d6:15:
b8:1f:44:47:00:a9:82:67:4e:eb:ba:55:eb:f2:8f:
c7:39:93:c9:10:12:79:d3:e0:fa:ec:45:70:5f:17:
bd:74:25:fe:94:f3:7a:73:40:93:c8:75:b4:00:14:
91:5e:62:94:22:2c:d2:27:85:da:7a:1c:2d:b0:5f:
67:7a:33:cd:c5:2b:ba:f9:6e:2e:15:f6:5b:38:ca:
0a:bb:29:6a:f8:2f:0d:9d:7d:a7:71:db:cb:ed:db:
11:ab:7d:9a:54:a4:33:40:d8:33:af:30:b1:59:74:
e7:b8:a9:d4:1a:84:38:e5:c8:a6:f2:d6:05:02:fd:
62:05:74:14:dc:61:a5:7d:7e:74:90:07:78:9c:0e:
80:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:45:FB:E5:7B:78:42:C1:9F:01:D6:0A:C7:44:13:22:86:5F:D3:67
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wUX75Xt4QsGfAdYKx0QTIoZf02c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.225.0/24
89.213.43.0/24
89.213.131.0/24
89.213.145.0-89.213.146.255
109.176.208.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:40:6f:f6:56:58:98:e6:e7:3a:ff:08:7f:4f:17:79:6c:84:
0e:e2:eb:53:93:d0:ef:41:94:74:68:7b:e2:53:c5:32:1e:74:
86:3b:5d:67:1e:95:54:f6:41:56:dd:18:10:47:6a:d2:6e:ba:
91:cb:7b:38:31:d0:ce:47:90:00:20:03:6f:d9:f2:66:d8:a4:
1f:b4:94:61:d3:f5:29:d9:7a:59:bc:85:f0:33:7f:f8:aa:cd:
2d:4f:f7:44:c3:d7:21:44:4e:af:b3:c7:29:6b:3a:ea:96:c1:
eb:3f:df:c9:f5:51:48:dd:47:8c:92:0c:47:f0:01:85:8c:93:
6b:59:e8:32:ca:86:cb:df:9c:2e:bf:2b:b2:fb:02:d2:41:99:
dd:87:fd:27:ed:81:46:c3:33:cb:03:fe:dc:a2:0c:b3:b3:66:
73:15:c1:9e:bc:30:ce:17:03:b6:68:74:ec:35:f0:b1:ea:11:
fc:63:ca:54:ab:e1:c0:a0:8b:b2:3a:64:68:a2:05:6a:f0:82:
d8:d2:82:f5:8f:82:d7:0e:f8:18:fb:6c:b3:8b:94:65:eb:fa:
2b:bb:85:de:ae:87:08:ef:a4:ec:0f:9f:80:b1:5d:84:17:3a:
c1:90:cd:cc:2c:72:48:a8:11:b2:0d:f6:6a:d0:6f:b8:f7:df:
84:76:9d:c5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY1WAi1nVPQ+x8GMmnx+4KkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTI5MTYxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTQ1ZmJlNTdiNzg0MmMxOWYwMWQ2MGFjNzQ0MTMyMjg2NWZkMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCjhNLJtqOluQyUO/8/zi37yEQe9
Y1WxZL9pdxoPIV54KiQmXQtLfUhTBVtzVox+KQpQqPrsQLzPG7hTGonoJrG7KV1w
9yDmXjMAziHLJrxc4/UR+yPB8ycSX4bfjt+nH+aDoRhp8GZr4jKScpC0CpY1K46c
1hW4H0RHAKmCZ07rulXr8o/HOZPJEBJ50+D67EVwXxe9dCX+lPN6c0CTyHW0ABSR
XmKUIizSJ4XaehwtsF9nejPNxSu6+W4uFfZbOMoKuylq+C8NnX2ncdvL7dsRq32a
VKQzQNgzrzCxWXTnuKnUGoQ45cim8tYFAv1iBXQU3GGlfX50kAd4nA6AaQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMFF++V7eELBnwHWCsdEEyKGX9NnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd1VYNzVYdDRRc0dmQWRZS3gwUVRJb1pmMDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAUpnhAwQA
WdUrAwQAWdWDMAwDBABZ1ZEDBABZ1ZIDBABtsNAwDQYJKoZIhvcNAQELBQADggEB
AKRAb/ZWWJjm5zr/CH9PF3lshA7i61OT0O9BlHRoe+JTxTIedIY7XWcelVT2QVbd
GBBHatJuupHLezgx0M5HkAAgA2/Z8mbYpB+0lGHT9SnZelm8hfAzf/iqzS1P90TD
1yFETq+zxylrOuqWwes/38n1UUjdR4ySDEfwAYWMk2tZ6DLKhsvfnC6/K7L7AtJB
md2H/SftgUbDM8sD/tyiDLOzZnMVwZ68MM4XA7ZodOw18LHqEfxjylSr4cCgi7I6
ZGiiBWrwgtjSgvWPgtcO+Bj7bLOLlGXr+iu7hd6uhwjvpOwPn4CxXYQXOsGQzcws
ckioEbIN9mrQb7j334R2ncU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:57 2025 by rpki-client