Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RCMacx0_msztvDZNxJNNqGN4kjg.roa
File: RCMacx0_msztvDZNxJNNqGN4kjg.roa (raw, json)
Hash identifier: 140qhpi3y+EAYqVEbhNXylDNjWqu1dn8n45lZD7S/OM=
Subject key identifier: 44:23:1A:73:1D:3F:9A:CC:ED:BC:36:4D:C4:93:4D:A8:63:78:92:38
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018EE0A4495D33ECFB24146D41551B3AC8C9
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RCMacx0_msztvDZNxJNNqGN4kjg.roa
Signing time: Mon 15 Apr 2024 07:24:06 +0000
ROA not before: Mon 15 Apr 2024 07:24:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43754
IP address blocks: 178.239.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e0:a4:49:5d:33:ec:fb:24:14:6d:41:55:1b:3a:c8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Apr 15 07:24:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44231a731d3f9accedbc364dc4934da863789238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a0:d7:01:42:19:8b:ae:72:ec:d9:0d:23:4d:
9c:c5:d4:43:44:87:ac:d8:11:f9:a8:8d:39:4a:c9:
2b:a8:ee:b3:15:70:69:c5:e8:45:b9:a4:19:8a:c0:
2f:b6:08:37:18:e0:22:7d:f7:ed:bd:fe:dd:01:f0:
3e:8e:b3:cb:8f:c6:b8:72:cc:a9:64:34:55:84:04:
40:89:75:94:a1:fd:76:8f:ce:63:c8:5a:4b:c4:00:
5d:8a:c2:18:43:63:29:fb:2c:18:a2:a7:d2:cc:75:
8d:d1:64:cf:51:a8:ab:6f:1c:73:03:56:48:03:28:
2e:c9:7a:cc:72:54:57:ac:ad:ec:1f:b5:98:ad:fa:
45:64:a7:64:a2:e5:cb:85:4b:31:1c:ff:bb:6a:44:
60:51:16:65:9c:2d:58:f7:df:67:39:6e:ee:7a:12:
0d:e1:f7:9e:98:71:0b:10:1d:f6:6d:0f:f2:9f:54:
fd:a0:d6:58:f3:5d:dc:19:71:31:1d:91:5f:f6:8d:
59:1c:47:a3:5a:74:02:6c:c7:2f:f3:f3:4f:75:80:
f9:8f:a4:d3:de:ed:3c:fe:a7:8c:08:d7:ff:cf:16:
b7:d8:97:0f:ad:4d:a5:8d:e5:40:0f:ad:ca:07:c1:
4d:7a:98:39:6a:c0:8b:25:9b:0b:d9:07:fa:6d:a8:
64:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:23:1A:73:1D:3F:9A:CC:ED:BC:36:4D:C4:93:4D:A8:63:78:92:38
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RCMacx0_msztvDZNxJNNqGN4kjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.155.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:a6:0e:d6:a2:41:b4:6d:26:9f:8b:92:9a:2a:c1:1e:77:e9:
ef:fd:76:f2:d2:28:35:78:47:0d:cb:5f:22:4f:2a:fa:05:fd:
f6:c2:19:2e:8b:df:fd:69:bb:2e:24:78:13:e3:db:c2:7c:c3:
a3:d7:c0:d4:04:75:3b:3e:90:c0:05:f7:a4:03:12:c6:39:71:
28:a1:69:d8:27:a7:e4:10:7e:2f:2d:9c:c0:3c:9a:86:fe:7f:
37:03:43:66:02:77:e5:cc:64:a2:79:42:cd:c7:5c:bc:15:f7:
03:23:be:31:b1:78:40:61:a9:57:b2:4d:27:84:1d:29:e0:c6:
af:38:18:b0:3e:f2:7e:6f:54:67:42:f7:77:03:29:b1:7a:d2:
6d:e6:42:8a:2c:e6:a5:71:cf:00:0b:0f:00:b0:46:d7:2f:6a:
a4:bf:95:7f:6d:80:d2:00:50:f1:09:b8:f1:40:cc:9f:61:ab:
76:ea:78:20:65:b1:9c:c6:c3:e1:28:d9:79:79:66:49:71:71:
32:9f:0b:e1:d1:77:99:c7:e1:89:84:41:89:41:a0:8a:ed:ec:
cb:31:58:6b:8e:9f:79:64:cf:b1:91:6b:bc:48:b8:06:64:9a:
a4:b5:52:22:5b:4f:64:cc:54:13:58:d8:ce:8f:aa:ce:f7:59:
25:d6:6a:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7gpEldM+z7JBRtQVUbOsjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwNDE1MDcyNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDIzMWE3MzFkM2Y5YWNjZWRiYzM2NGRjNDkzNGRhODYzNzg5MjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraDXAUIZi65y7NkNI02cxdRDRIes
2BH5qI05SskrqO6zFXBpxehFuaQZisAvtgg3GOAiffftvf7dAfA+jrPLj8a4csyp
ZDRVhARAiXWUof12j85jyFpLxABdisIYQ2Mp+ywYoqfSzHWN0WTPUairbxxzA1ZI
AyguyXrMclRXrK3sH7WYrfpFZKdkouXLhUsxHP+7akRgURZlnC1Y999nOW7uehIN
4feemHELEB32bQ/yn1T9oNZY813cGXExHZFf9o1ZHEejWnQCbMcv8/NPdYD5j6TT
3u08/qeMCNf/zxa32JcPrU2ljeVAD63KB8FNepg5asCLJZsL2Qf6bahkeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQjGnMdP5rM7bw2TcSTTahjeJI4MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvUkNNYWN4MF9tc3p0dkRaTnhKTk5xR040a2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsu+bMA0G
CSqGSIb3DQEBCwUAA4IBAQC/pg7WokG0bSafi5KaKsEed+nv/Xby0ig1eEcNy18i
Tyr6Bf32whkui9/9absuJHgT49vCfMOj18DUBHU7PpDABfekAxLGOXEooWnYJ6fk
EH4vLZzAPJqG/n83A0NmAnflzGSieULNx1y8FfcDI74xsXhAYalXsk0nhB0p4Mav
OBiwPvJ+b1RnQvd3AymxetJt5kKKLOalcc8ACw8AsEbXL2qkv5V/bYDSAFDxCbjx
QMyfYat26nggZbGcxsPhKNl5eWZJcXEynwvh0XeZx+GJhEGJQaCK7ezLMVhrjp95
ZM+xkWu8SLgGZJqktVIiW09kzFQTWNjOj6rO91kl1mrn
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:17:18 2025 by rpki-client