Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/hD-fJ8JqVcbjgy4SgCjpolMgXpQ.roa
File: hD-fJ8JqVcbjgy4SgCjpolMgXpQ.roa (raw, json)
Hash identifier: 5YzFcEBwiv8W88fxs4QZ8ESxkhIL/21OXwklAJLnCtc=
Subject key identifier: 84:3F:9F:27:C2:6A:55:C6:E3:83:2E:12:80:28:E9:A2:53:20:5E:94
Certificate issuer: /CN=d58214cfa326611e9d494135a12ce8276f0f1784
Certificate serial: 0194228AF2BAA11787923CED352431987300
Authority key identifier: D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/hD-fJ8JqVcbjgy4SgCjpolMgXpQ.roa
Signing time: Wed 01 Jan 2025 15:45:18 +0000
ROA not before: Wed 01 Jan 2025 15:45:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208780
IP address blocks: 178.219.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8a:f2:ba:a1:17:87:92:3c:ed:35:24:31:98:73:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58214cfa326611e9d494135a12ce8276f0f1784
Validity
Not Before: Jan 1 15:45:18 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=843f9f27c26a55c6e3832e128028e9a253205e94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3e:38:ac:54:48:38:00:f4:53:60:e3:df:85:
d0:d5:f3:f9:ff:35:1a:84:ae:c9:15:d1:6a:cf:ef:
e2:06:52:9b:cb:ab:fb:fc:44:1c:01:4a:dd:0c:4a:
96:12:7e:66:51:14:17:64:51:1d:94:c6:d9:ca:94:
ad:c3:ae:b9:b3:ea:ad:fc:bc:79:1b:53:7d:09:a3:
3e:ab:d7:a7:81:3a:e5:0d:c5:ea:88:fa:87:d7:af:
66:ab:2a:c3:4b:2f:22:a9:09:6e:a8:7c:96:61:15:
5a:0f:cb:96:e4:a3:27:20:f3:be:70:2e:18:52:10:
f7:95:1f:a2:22:53:05:a9:a0:79:b1:70:84:aa:ce:
e2:ec:34:62:13:04:c4:02:0f:a3:40:a1:93:11:55:
69:e5:b2:1d:32:02:86:a2:05:d3:d7:8d:ed:51:26:
78:2a:41:9a:a7:49:a4:72:f4:3e:5b:1f:73:69:40:
64:6a:ff:d1:da:ab:70:b9:a1:a9:b5:5a:14:ad:d6:
88:1b:e2:5b:1e:92:96:41:5f:d5:ab:d8:6f:fb:64:
35:86:2e:70:4e:06:8d:5b:ac:34:71:d5:a2:cf:96:
d4:fe:6a:16:f4:fa:ac:cd:ff:c0:d6:fc:3b:c8:0f:
33:b3:6f:5b:06:db:28:34:15:31:f9:fd:a9:b7:5d:
b7:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3F:9F:27:C2:6A:55:C6:E3:83:2E:12:80:28:E9:A2:53:20:5E:94
X509v3 Authority Key Identifier:
keyid:D5:82:14:CF:A3:26:61:1E:9D:49:41:35:A1:2C:E8:27:6F:0F:17:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/hD-fJ8JqVcbjgy4SgCjpolMgXpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/777eef-4d02-4d39-b1e4-1079d55aee91/1/1YIUz6MmYR6dSUE1oSzoJ28PF4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.219.153.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c3:4d:0d:f0:53:da:54:6f:e2:50:fd:ab:b6:ea:04:18:93:
49:b6:46:6b:77:9d:3c:4f:0c:3b:16:99:1e:2c:0e:31:86:84:
87:fd:ca:58:92:20:6d:d9:84:39:ea:82:ec:02:ca:90:42:16:
d7:95:c8:53:25:6a:2c:8f:b4:97:54:4c:10:1d:38:05:d7:f5:
04:f1:e8:80:5d:c6:94:53:a1:73:25:4f:4a:3c:ce:e6:f9:02:
82:d1:f5:48:1c:1a:39:d5:18:bf:46:9c:08:0d:b9:40:82:7b:
63:11:0f:f9:de:e5:4d:40:f0:50:4f:f3:c3:95:b9:05:57:ba:
20:b1:b2:58:2d:9a:57:43:bb:08:c7:94:70:83:57:ec:f5:f8:
65:29:32:7d:af:8b:96:0b:77:b5:50:29:2d:7c:1c:55:4f:47:
cd:0b:e6:ac:b8:78:f2:ff:8e:33:03:c9:d7:7a:01:1f:22:90:
f9:1e:d3:9d:dc:fa:e4:de:8b:0f:75:27:51:7a:6c:20:eb:e6:
76:6a:29:7f:23:cc:86:3a:ec:8f:12:49:f4:4f:9e:ce:f7:2d:
93:50:9c:6e:a4:fc:80:7b:65:27:4f:ea:c3:a3:fd:eb:9f:b3:
75:c6:c3:b8:af:26:ab:c6:fa:30:28:f5:73:95:ff:b2:68:bd:
40:63:6e:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiivK6oReHkjztNSQxmHMAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ODIxNGNmYTMyNjYxMWU5ZDQ5NDEzNWExMmNlODI3NmYw
ZjE3ODQwHhcNMjUwMTAxMTU0NTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDNmOWYyN2MyNmE1NWM2ZTM4MzJlMTI4MDI4ZTlhMjUzMjA1ZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT44rFRIOAD0U2Dj34XQ1fP5/zUa
hK7JFdFqz+/iBlKby6v7/EQcAUrdDEqWEn5mURQXZFEdlMbZypStw665s+qt/Lx5
G1N9CaM+q9engTrlDcXqiPqH169mqyrDSy8iqQluqHyWYRVaD8uW5KMnIPO+cC4Y
UhD3lR+iIlMFqaB5sXCEqs7i7DRiEwTEAg+jQKGTEVVp5bIdMgKGogXT143tUSZ4
KkGap0mkcvQ+Wx9zaUBkav/R2qtwuaGptVoUrdaIG+JbHpKWQV/Vq9hv+2Q1hi5w
TgaNW6w0cdWiz5bU/moW9Pqszf/A1vw7yA8zs29bBtsoNBUx+f2pt123TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQ/nyfCalXG44MuEoAo6aJTIF6UMB8GA1UdIwQY
MBaAFNWCFM+jJmEenUlBNaEs6CdvDxeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQt
MTA3OWQ1NWFlZTkxLzEvaEQtZko4SnFWY2JqZ3k0U2dDanBvbE1nWHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83NzdlZWYtNGQwMi00ZDM5LWIxZTQtMTA3OWQ1NWFlZTkx
LzEvMVlJVXo2TW1ZUjZkU1VFMW9Tem9KMjhQRjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAstuZMA0G
CSqGSIb3DQEBCwUAA4IBAQCDw00N8FPaVG/iUP2rtuoEGJNJtkZrd508Tww7Fpke
LA4xhoSH/cpYkiBt2YQ56oLsAsqQQhbXlchTJWosj7SXVEwQHTgF1/UE8eiAXcaU
U6FzJU9KPM7m+QKC0fVIHBo51Ri/RpwIDblAgntjEQ/53uVNQPBQT/PDlbkFV7og
sbJYLZpXQ7sIx5Rwg1fs9fhlKTJ9r4uWC3e1UCktfBxVT0fNC+asuHjy/44zA8nX
egEfIpD5HtOd3Prk3osPdSdRemwg6+Z2ail/I8yGOuyPEkn0T57O9y2TUJxupPyA
e2UnT+rDo/3rn7N1xsO4ryarxvowKPVzlf+yaL1AY24i
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:21:27 2025 by rpki-client