Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/n03h8sMDo43n81vaFLA1Flb6pvo.roa
File: n03h8sMDo43n81vaFLA1Flb6pvo.roa (raw, json)
Hash identifier: 1jYuVTTwwEM5gnuAE/eazy2dl8Rp9Sa/oSSEbshx/b8=
Subject key identifier: 9F:4D:E1:F2:C3:03:A3:8D:E7:F3:5B:DA:14:B0:35:16:56:FA:A6:FA
Certificate issuer: /CN=d2581479dee3b5994f11c9d9564631bf5a404c07
Certificate serial: 018CC870A80F11256DDA818032873B505E4E
Authority key identifier: D2:58:14:79:DE:E3:B5:99:4F:11:C9:D9:56:46:31:BF:5A:40:4C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0lgUed7jtZlPEcnZVkYxv1pATAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/n03h8sMDo43n81vaFLA1Flb6pvo.roa
Signing time: Tue 02 Jan 2024 04:31:15 +0000
ROA not before: Tue 02 Jan 2024 04:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2200
IP address blocks: 134.59.0.0/16 maxlen: 16
157.169.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:a8:0f:11:25:6d:da:81:80:32:87:3b:50:5e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2581479dee3b5994f11c9d9564631bf5a404c07
Validity
Not Before: Jan 2 04:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f4de1f2c303a38de7f35bda14b0351656faa6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:33:cb:bb:8e:48:16:6f:7a:6b:6c:fc:2e:91:
2a:c8:21:39:99:58:75:f6:20:51:4f:5e:98:67:d3:
22:51:d4:ff:2d:36:14:b5:d0:d1:d0:6d:16:ce:08:
d1:11:2c:97:63:2a:e7:a7:ad:08:76:fd:08:be:df:
e8:3f:d2:4b:3b:c8:c4:41:d5:5b:ca:9f:3d:aa:38:
52:b2:c2:20:a4:ae:19:93:25:c7:50:22:6a:3d:ee:
89:9e:f1:60:31:79:09:b8:3c:43:aa:47:67:85:e4:
e9:3b:96:91:91:d0:a2:53:33:41:7d:e0:fb:91:47:
7b:16:32:d2:a9:aa:a4:7c:86:51:8a:19:38:bd:89:
c0:f5:36:15:92:4c:cf:f3:42:ff:c8:3a:62:68:90:
a8:1b:05:5e:89:8a:9f:eb:0c:d9:83:40:ab:40:78:
38:57:dd:02:d9:0b:b7:18:45:2d:c8:86:c7:d3:04:
1f:b4:7e:90:3a:e2:9e:b4:33:8a:79:c3:93:d7:bc:
3f:e4:ce:83:cb:9c:93:96:e9:01:67:dc:73:33:d7:
00:2d:37:34:77:f6:b7:37:a7:70:f9:d9:fb:c1:32:
2e:4d:0e:9f:5f:bd:d5:8d:0c:1a:3b:a0:30:7c:93:
bc:d3:26:4e:bd:0a:cd:de:6b:a3:53:6a:d2:fb:21:
0c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:4D:E1:F2:C3:03:A3:8D:E7:F3:5B:DA:14:B0:35:16:56:FA:A6:FA
X509v3 Authority Key Identifier:
keyid:D2:58:14:79:DE:E3:B5:99:4F:11:C9:D9:56:46:31:BF:5A:40:4C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lgUed7jtZlPEcnZVkYxv1pATAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/n03h8sMDo43n81vaFLA1Flb6pvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/336db3-71a8-43ef-9b9f-6a6c6e096071/1/0lgUed7jtZlPEcnZVkYxv1pATAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.59.0.0/16
157.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:15:82:b2:a0:80:22:f0:0a:a4:2b:4c:33:f4:f3:84:e9:49:
d4:23:84:f7:0c:f4:e9:7f:80:d1:7a:c4:e6:bb:d5:51:54:07:
80:d5:a8:87:ea:f8:ba:f7:82:0f:c0:c9:ab:7d:2b:e9:ea:36:
13:48:87:c6:18:3c:f0:04:6e:b1:33:be:f1:53:45:41:a9:c9:
17:7f:ec:cc:d0:c9:92:5a:76:72:c6:65:5c:3e:6e:95:38:86:
20:69:83:ba:e6:85:e3:f6:5e:d7:2f:15:80:f9:92:b4:cd:54:
25:e2:b6:f1:22:0e:1a:a7:dd:ad:0c:1b:4c:19:cc:47:5b:43:
d9:32:b6:9a:03:a8:93:0d:54:d0:9b:cd:ff:07:73:1f:c0:a4:
0b:19:d5:91:95:42:a9:12:cb:02:83:60:65:6c:32:c4:2f:06:
9e:73:35:81:9e:db:fa:8c:d4:6c:8e:75:10:23:48:fb:a6:53:
6c:bc:b0:d0:ee:69:f6:ee:48:22:bb:b5:a1:84:bf:36:df:c2:
27:a0:df:e0:d4:c1:34:62:50:8d:0f:aa:ae:f8:68:26:8d:9c:
ee:58:cc:b8:82:29:6f:41:e2:29:82:41:dc:68:5f:80:0b:82:
5d:3f:23:0c:7b:65:63:e7:60:b1:36:81:6e:4e:2c:46:39:35:
5f:9a:b8:47
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYzIcKgPESVt2oGAMoc7UF5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNTgxNDc5ZGVlM2I1OTk0ZjExYzlkOTU2NDYzMWJmNWE0
MDRjMDcwHhcNMjQwMTAyMDQzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjRkZTFmMmMzMDNhMzhkZTdmMzViZGExNGIwMzUxNjU2ZmFhNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjPLu45IFm96a2z8LpEqyCE5mVh1
9iBRT16YZ9MiUdT/LTYUtdDR0G0WzgjRESyXYyrnp60Idv0Ivt/oP9JLO8jEQdVb
yp89qjhSssIgpK4ZkyXHUCJqPe6JnvFgMXkJuDxDqkdnheTpO5aRkdCiUzNBfeD7
kUd7FjLSqaqkfIZRihk4vYnA9TYVkkzP80L/yDpiaJCoGwVeiYqf6wzZg0CrQHg4
V90C2Qu3GEUtyIbH0wQftH6QOuKetDOKecOT17w/5M6Dy5yTlukBZ9xzM9cALTc0
d/a3N6dw+dn7wTIuTQ6fX73VjQwaO6AwfJO80yZOvQrN3mujU2rS+yEMZwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFJ9N4fLDA6ON5/Nb2hSwNRZW+qb6MB8GA1UdIwQY
MBaAFNJYFHne47WZTxHJ2VZGMb9aQEwHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGxnVWVkN2p0WmxQRWNuWlZrWXh2MXBBVEFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zMzZkYjMtNzFhOC00M2VmLTliOWYt
NmE2YzZlMDk2MDcxLzEvbjAzaDhzTURvNDNuODF2YUZMQTFGbGI2cHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zMzZkYjMtNzFhOC00M2VmLTliOWYtNmE2YzZlMDk2MDcx
LzEvMGxnVWVkN2p0WmxQRWNuWlZrWXh2MXBBVEFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAhjsDAwCd
qTANBgkqhkiG9w0BAQsFAAOCAQEAlxWCsqCAIvAKpCtMM/TzhOlJ1COE9wz06X+A
0XrE5rvVUVQHgNWoh+r4uveCD8DJq30r6eo2E0iHxhg88ARusTO+8VNFQanJF3/s
zNDJklp2csZlXD5ulTiGIGmDuuaF4/Ze1y8VgPmStM1UJeK28SIOGqfdrQwbTBnM
R1tD2TK2mgOokw1U0JvN/wdzH8CkCxnVkZVCqRLLAoNgZWwyxC8GnnM1gZ7b+ozU
bI51ECNI+6ZTbLyw0O5p9u5IIru1oYS/Nt/CJ6Df4NTBNGJQjQ+qrvhoJo2c7ljM
uIIpb0HiKYJB3GhfgAuCXT8jDHtlY+dgsTaBbk4sRjk1X5q4Rw==
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:15 2025 by rpki-client