Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Pmu4SIasxUF_D_ZcKJaJnPk7Atc.roa
File: Pmu4SIasxUF_D_ZcKJaJnPk7Atc.roa (raw, json)
Hash identifier: uoOT8/sGpaI/nJiTZJwIkZWj73iY/k58CK/Pv4RtDCA=
Subject key identifier: 3E:6B:B8:48:86:AC:C5:41:7F:0F:F6:5C:28:96:89:9C:F9:3B:02:D7
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019513CC2C8326E1179A43517F2F09288209
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Pmu4SIasxUF_D_ZcKJaJnPk7Atc.roa
Signing time: Mon 17 Feb 2025 12:05:02 +0000
ROA not before: Mon 17 Feb 2025 12:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23352
IP address blocks: 198.38.90.0/24 maxlen: 24
198.38.91.0/24 maxlen: 24
198.38.92.0/24 maxlen: 24
198.38.93.0/24 maxlen: 24
198.38.94.0/24 maxlen: 24
198.38.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 11:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:13:cc:2c:83:26:e1:17:9a:43:51:7f:2f:09:28:82:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Feb 17 12:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e6bb84886acc5417f0ff65c2896899cf93b02d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:42:7d:1b:eb:ee:b0:cb:79:e7:93:b3:df:be:
81:89:b3:7f:82:fc:3a:31:7b:9d:94:00:d9:1b:f4:
65:c5:dc:7e:8d:cb:ca:d4:30:56:0e:aa:65:c8:46:
86:7e:19:8c:74:9b:bb:c1:42:1d:49:dd:fa:09:7f:
be:c4:79:50:15:ed:09:82:73:67:a7:88:28:e5:2e:
40:6a:7b:f5:5f:23:9a:d4:58:0e:cd:a7:19:e2:5f:
48:2d:61:fb:7f:a7:1a:2b:f5:41:06:f6:ff:05:07:
43:23:a4:13:f4:59:87:6c:37:b7:7f:29:24:be:a7:
57:86:ea:76:71:28:a6:aa:ce:e2:3f:48:35:b2:88:
d1:8c:80:f4:00:ac:df:4f:a0:0b:38:af:c3:c2:a0:
1e:1f:d0:01:bc:db:5e:36:3d:5c:d8:1d:26:63:9a:
b1:ff:42:00:0b:7f:26:9d:fe:71:85:1f:19:66:75:
3a:20:be:d3:11:6d:98:f7:d5:4d:93:1c:e8:dc:1c:
b4:de:3f:fd:15:29:7b:c6:1b:7a:bf:b7:c1:dc:3e:
6d:aa:69:54:8f:a9:6d:d7:c8:16:a5:bf:08:b5:b2:
aa:b2:58:a4:32:76:63:84:b4:5d:54:45:16:b0:89:
d3:35:f0:34:c4:c2:88:d2:94:6a:8d:4f:a7:ee:d7:
68:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6B:B8:48:86:AC:C5:41:7F:0F:F6:5C:28:96:89:9C:F9:3B:02:D7
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Pmu4SIasxUF_D_ZcKJaJnPk7Atc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.38.90.0-198.38.95.255
Signature Algorithm: sha256WithRSAEncryption
54:e4:fe:74:bf:30:cd:07:3d:5d:d9:94:44:8b:b7:ec:41:8a:
89:67:37:8b:9a:de:a1:5a:52:50:7c:ba:ff:b1:b7:85:2e:45:
6f:43:cb:af:57:12:72:0c:77:d6:a0:04:3a:2a:32:c4:04:35:
9b:98:81:51:6f:5a:96:c8:08:a4:d6:87:2b:eb:53:3d:2d:a4:
64:5d:56:6f:57:7f:66:89:a1:be:b9:73:72:6a:db:29:2a:c9:
24:f1:45:62:10:6c:c9:fb:5a:9d:29:59:94:71:31:db:16:55:
9b:98:34:bf:d2:72:85:ae:5d:7d:19:57:85:68:ad:bd:44:d5:
47:5c:51:18:54:d7:79:88:61:be:00:5d:a7:df:96:c9:5b:17:
17:48:d7:d2:dc:5e:54:30:af:2c:da:d3:c6:61:48:0d:34:85:
06:97:9e:47:4e:47:64:a7:9e:3f:12:d1:5c:06:08:06:4d:a7:
58:f7:91:1b:66:0c:e0:3e:91:3d:eb:30:33:da:5a:bb:87:4f:
29:e4:ac:c8:46:2b:33:6d:93:25:48:8e:3f:b4:57:b0:08:38:
fb:18:39:10:43:fc:15:f1:6a:1c:ce:1c:da:fa:2a:17:f1:b2:
4c:90:51:4c:bc:9e:e0:cc:31:8c:74:ca:2b:5e:72:a0:fe:9b:
20:75:47:f3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZUTzCyDJuEXmkNRfy8JKIIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMjE3MTIwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTZiYjg0ODg2YWNjNTQxN2YwZmY2NWMyODk2ODk5Y2Y5M2IwMmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUJ9G+vusMt555Oz376BibN/gvw6
MXudlADZG/Rlxdx+jcvK1DBWDqplyEaGfhmMdJu7wUIdSd36CX++xHlQFe0JgnNn
p4go5S5Aanv1XyOa1FgOzacZ4l9ILWH7f6caK/VBBvb/BQdDI6QT9FmHbDe3fykk
vqdXhup2cSimqs7iP0g1sojRjID0AKzfT6ALOK/DwqAeH9ABvNteNj1c2B0mY5qx
/0IAC38mnf5xhR8ZZnU6IL7TEW2Y99VNkxzo3By03j/9FSl7xht6v7fB3D5tqmlU
j6lt18gWpb8ItbKqslikMnZjhLRdVEUWsInTNfA0xMKI0pRqjU+n7tdo7wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFD5ruEiGrMVBfw/2XCiWiZz5OwLXMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvUG11NFNJYXN4VUZfRF9aY0tKYUpuUGs3QXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHGJloD
BAXGJkAwDQYJKoZIhvcNAQELBQADggEBAFTk/nS/MM0HPV3ZlESLt+xBiolnN4ua
3qFaUlB8uv+xt4UuRW9Dy69XEnIMd9agBDoqMsQENZuYgVFvWpbICKTWhyvrUz0t
pGRdVm9Xf2aJob65c3Jq2ykqySTxRWIQbMn7Wp0pWZRxMdsWVZuYNL/ScoWuXX0Z
V4Vorb1E1UdcURhU13mIYb4AXafflslbFxdI19LcXlQwryza08ZhSA00hQaXnkdO
R2Snnj8S0VwGCAZNp1j3kRtmDOA+kT3rMDPaWruHTynkrMhGKzNtkyVIjj+0V7AI
OPsYORBD/BXxahzOHNr6KhfxskyQUUy8nuDMMYx0yitecqD+myB1R/M=
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:04:09 2025 by rpki-client