Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/9oOumUuaf6-F57PXvdoGZ24T_qg.roa
File: 9oOumUuaf6-F57PXvdoGZ24T_qg.roa (raw, json)
Hash identifier: PPrs6OlViwsTi45pQaa6eSitNKsb7PcX+fAwKXYSUh0=
Subject key identifier: F6:83:AE:99:4B:9A:7F:AF:85:E7:B3:D7:BD:DA:06:67:6E:13:FE:A8
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0193B6DC7979ED4470A546341B74C1356123
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/9oOumUuaf6-F57PXvdoGZ24T_qg.roa
Signing time: Wed 11 Dec 2024 17:55:22 +0000
ROA not before: Wed 11 Dec 2024 17:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215590
IP address blocks: 150.241.106.0/23 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Dec 2024 02:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b6:dc:79:79:ed:44:70:a5:46:34:1b:74:c1:35:61:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Dec 11 17:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f683ae994b9a7faf85e7b3d7bdda06676e13fea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c4:74:e8:24:cd:0a:4f:c6:a6:ab:db:49:e4:
74:bf:22:33:f6:4d:d9:07:ba:c9:ce:47:6a:0a:29:
c0:f2:8b:0d:bf:3c:5c:b5:75:a6:40:91:1d:61:65:
a6:5f:e8:c4:29:27:28:66:b9:ad:0f:d8:51:de:ae:
a0:40:87:2a:d8:c3:53:67:90:c9:04:0a:d4:a6:7c:
9c:9b:fa:f8:1e:0f:23:af:0d:03:ff:3b:a3:02:6c:
b0:39:cc:05:87:a3:66:5d:55:6b:b6:d7:85:64:5c:
77:e5:66:3a:05:3e:45:8d:a3:3b:0e:e8:84:ac:b6:
f9:c8:b8:4d:fb:a7:ac:11:6c:f9:76:e1:ad:f4:e2:
6c:b0:b9:7b:55:42:5d:34:6e:eb:40:7c:a4:5d:d2:
c1:d9:32:45:f0:ff:1a:59:5a:d8:db:62:47:e3:0e:
d4:12:cd:78:a7:bb:90:1d:90:a7:8d:9f:d3:79:b1:
14:d9:7a:c5:8f:6c:08:06:84:e0:68:f7:90:17:f1:
5f:6c:c4:ec:be:d2:b2:ef:d2:17:28:2e:30:ff:3f:
bf:20:c3:ab:a9:54:82:77:92:74:81:80:f3:09:cb:
74:42:3b:9d:dc:b8:21:9d:f2:6f:04:aa:21:71:48:
8d:9a:e3:e2:18:c1:c7:69:c7:87:73:fd:9e:17:c9:
75:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:83:AE:99:4B:9A:7F:AF:85:E7:B3:D7:BD:DA:06:67:6E:13:FE:A8
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/9oOumUuaf6-F57PXvdoGZ24T_qg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.106.0/23
150.241.115.0-150.241.116.255
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
37:1a:7b:ab:59:fb:a7:d0:8c:3a:d5:ed:30:b2:41:71:d5:46:
04:3f:07:65:32:f0:5b:fe:6b:2a:07:b7:f0:43:44:79:34:8a:
c3:22:c9:f0:a9:dc:7a:0a:c0:b3:9d:3e:68:78:48:0b:ba:60:
19:65:7c:89:4f:8d:f6:f5:80:d9:ce:64:d0:47:c9:67:24:b6:
95:44:99:b8:76:01:dc:8b:31:fa:29:59:ba:6c:4b:b8:1b:0b:
8b:0f:83:a7:c9:9f:58:75:e2:e6:1a:6e:d1:98:e6:ae:60:44:
8f:31:62:7c:7f:81:18:58:52:d2:b5:4f:0f:ab:4a:c5:56:07:
a4:6e:48:a7:88:a6:8d:06:d4:4d:93:17:ae:67:ed:cb:b2:cf:
84:f7:65:c1:2e:32:7b:a2:a5:2f:e7:57:ed:b5:4c:9a:5d:6f:
93:ec:2d:52:24:56:0b:27:3d:6c:1d:2c:58:23:1b:a4:c2:ab:
d7:2c:3f:83:f1:1d:bf:17:1c:1a:06:ad:42:e5:33:5d:90:55:
c6:ba:f5:c7:42:1e:5f:bf:0e:c8:82:96:32:aa:79:1b:b9:91:
b3:30:df:73:4e:59:be:1a:0a:04:6b:e7:0d:4e:8c:c1:f2:d5:
e2:c9:30:c7:97:f6:b5:93:bd:34:2e:da:51:3f:ea:01:a6:37:
9a:18:90:e1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZO23Hl57URwpUY0G3TBNWEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQxMjExMTc1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjgzYWU5OTRiOWE3ZmFmODVlN2IzZDdiZGRhMDY2NzZlMTNmZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMR06CTNCk/GpqvbSeR0vyIz9k3Z
B7rJzkdqCinA8osNvzxctXWmQJEdYWWmX+jEKScoZrmtD9hR3q6gQIcq2MNTZ5DJ
BArUpnycm/r4Hg8jrw0D/zujAmywOcwFh6NmXVVrtteFZFx35WY6BT5FjaM7DuiE
rLb5yLhN+6esEWz5duGt9OJssLl7VUJdNG7rQHykXdLB2TJF8P8aWVrY22JH4w7U
Es14p7uQHZCnjZ/TebEU2XrFj2wIBoTgaPeQF/FfbMTsvtKy79IXKC4w/z+/IMOr
qVSCd5J0gYDzCct0Qjud3LghnfJvBKohcUiNmuPiGMHHaceHc/2eF8l1EwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPaDrplLmn+vheez173aBmduE/6oMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvOW9PdW1VdWFmNi1GNTdQWHZkb0daMjRUX3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBlvFqMAwD
BACW8XMDBACW8XQDBACW8XswDQYJKoZIhvcNAQELBQADggEBADcae6tZ+6fQjDrV
7TCyQXHVRgQ/B2Uy8Fv+ayoHt/BDRHk0isMiyfCp3HoKwLOdPmh4SAu6YBllfIlP
jfb1gNnOZNBHyWcktpVEmbh2AdyLMfopWbpsS7gbC4sPg6fJn1h14uYabtGY5q5g
RI8xYnx/gRhYUtK1Tw+rSsVWB6RuSKeIpo0G1E2TF65n7cuyz4T3ZcEuMnuipS/n
V+21TJpdb5PsLVIkVgsnPWwdLFgjG6TCq9csP4PxHb8XHBoGrULlM12QVca69cdC
Hl+/DsiCljKqeRu5kbMw33NOWb4aCgRr5w1OjMHy1eLJMMeX9rWTvTQu2lE/6gGm
N5oYkOE=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:44 2025 by rpki-client