Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xIF-K1hEbdbTLlIKEnOFVMBMvkA.roa
File: xIF-K1hEbdbTLlIKEnOFVMBMvkA.roa (raw, json)
Hash identifier: CnPHyXcC2b1yOeblgb56JTnKN5vCvLFEY7V/eInqW3Q=
Subject key identifier: C4:81:7E:2B:58:44:6D:D6:D3:2E:52:0A:12:73:85:54:C0:4C:BE:40
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193D9130B67F9D55D8D2EB7176FDFA1FA1D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xIF-K1hEbdbTLlIKEnOFVMBMvkA.roa
Signing time: Wed 18 Dec 2024 09:22:04 +0000
ROA not before: Wed 18 Dec 2024 09:22:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 82.153.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d9:13:0b:67:f9:d5:5d:8d:2e:b7:17:6f:df:a1:fa:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 18 09:22:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4817e2b58446dd6d32e520a12738554c04cbe40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:01:f5:94:b4:4f:e1:47:81:5c:ca:7d:3f:d9:
4a:4e:9a:59:a5:6e:63:d7:12:e8:69:83:5b:1b:8c:
21:b5:55:31:fd:ec:08:50:b6:5d:9f:1f:be:c4:c0:
f8:c7:e5:88:e3:27:76:48:d5:e6:8e:e4:42:b4:4a:
1b:90:f7:a3:34:a2:0e:6b:c7:46:69:87:bf:b9:1c:
df:da:a4:50:d9:0d:23:2a:9b:28:96:f9:e2:f5:a9:
73:22:17:8a:df:58:0a:a6:19:4d:7c:15:d3:d5:86:
81:57:04:f7:db:38:87:22:e1:45:e8:c1:b7:9b:20:
ff:82:10:71:5a:ec:10:dd:91:d3:a8:2d:62:0a:cb:
43:40:40:ea:aa:fc:aa:30:af:c8:03:8e:5a:3b:1c:
ef:49:72:ed:eb:6f:a7:8a:e4:dd:51:4d:eb:1d:ee:
24:84:b0:82:c2:c2:b8:61:f2:4d:7d:3c:49:15:1c:
3b:7f:ff:5d:a9:01:be:d9:3c:b7:6c:16:3b:89:89:
01:39:06:3d:88:5b:7b:e1:cb:08:da:54:e1:ef:c2:
d3:c0:f2:b2:f6:89:c7:c4:de:02:18:85:8f:e0:ba:
2b:52:f9:7e:23:ad:80:7d:fc:eb:a9:0a:03:bf:05:
b5:2b:67:8a:09:ee:4c:87:9a:96:35:5e:75:46:34:
ed:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:81:7E:2B:58:44:6D:D6:D3:2E:52:0A:12:73:85:54:C0:4C:BE:40
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xIF-K1hEbdbTLlIKEnOFVMBMvkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.0.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:7a:02:0b:92:ee:28:18:65:20:a1:0a:42:a9:1e:94:30:3f:
73:b3:95:3d:ee:9f:37:d7:d8:ac:8d:1e:cc:75:38:30:35:6f:
7b:11:1b:45:8c:9b:ac:77:dd:9c:45:19:c7:f0:6d:25:0b:bc:
46:00:13:2c:0c:1e:d2:01:01:1e:c0:8e:d9:32:19:5f:94:0f:
2e:7b:13:2e:f7:52:be:f5:81:73:71:ab:4f:c7:e5:7e:fb:b7:
eb:30:c4:48:98:2a:26:71:b4:ff:d0:5f:a3:0b:d8:d5:50:d6:
e2:fd:98:51:d2:94:dd:05:08:bd:f1:6f:79:77:9a:9a:4d:a0:
93:2b:f4:c4:a2:3b:27:c3:45:1b:1e:d7:f2:54:6f:6a:33:38:
2c:d3:9d:c8:eb:8c:cc:5c:5e:15:3b:46:e0:c8:53:17:dc:77:
0f:76:90:c4:15:5b:99:06:b7:31:3a:ba:da:e9:c7:af:b6:d0:
03:dc:a9:4c:21:2b:bb:be:0a:87:ea:83:38:de:7c:9e:91:69:
2f:e6:05:6b:77:f7:e9:04:dd:5b:95:98:e1:81:5d:67:a5:2f:
a3:71:11:a0:4c:e7:48:2f:46:f0:ce:86:b9:38:ac:c0:3f:20:
45:d0:b6:4c:41:05:f8:ae:24:89:33:4d:3b:90:8a:cd:3a:13:
96:76:81:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPZEwtn+dVdjS63F2/fofodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjE4MDkyMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDgxN2UyYjU4NDQ2ZGQ2ZDMyZTUyMGExMjczODU1NGMwNGNiZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgH1lLRP4UeBXMp9P9lKTppZpW5j
1xLoaYNbG4whtVUx/ewIULZdnx++xMD4x+WI4yd2SNXmjuRCtEobkPejNKIOa8dG
aYe/uRzf2qRQ2Q0jKpsolvni9alzIheK31gKphlNfBXT1YaBVwT32ziHIuFF6MG3
myD/ghBxWuwQ3ZHTqC1iCstDQEDqqvyqMK/IA45aOxzvSXLt62+niuTdUU3rHe4k
hLCCwsK4YfJNfTxJFRw7f/9dqQG+2Ty3bBY7iYkBOQY9iFt74csI2lTh78LTwPKy
9onHxN4CGIWP4LorUvl+I62AffzrqQoDvwW1K2eKCe5Mh5qWNV51RjTtlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSBfitYRG3W0y5SChJzhVTATL5AMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveElGLUsxaEViZGJUTGxJS0VuT0ZWTUJNdmtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkAMA0G
CSqGSIb3DQEBCwUAA4IBAQCqegILku4oGGUgoQpCqR6UMD9zs5U97p8319isjR7M
dTgwNW97ERtFjJusd92cRRnH8G0lC7xGABMsDB7SAQEewI7ZMhlflA8uexMu91K+
9YFzcatPx+V++7frMMRImComcbT/0F+jC9jVUNbi/ZhR0pTdBQi98W95d5qaTaCT
K/TEojsnw0UbHtfyVG9qMzgs053I64zMXF4VO0bgyFMX3HcPdpDEFVuZBrcxOrra
6cevttAD3KlMISu7vgqH6oM43nyekWkv5gVrd/fpBN1blZjhgV1npS+jcRGgTOdI
L0bwzoa5OKzAPyBF0LZMQQX4riSJM007kIrNOhOWdoEW
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:02 2025 by rpki-client