Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/dAIBrmQgAE-USpNcjJx_bokbpiY.roa
File: dAIBrmQgAE-USpNcjJx_bokbpiY.roa (raw, json)
Hash identifier: BPhfImfvoKo2TcciyXhT2/lZIBIwbsR4XoNM4Ea2OpY=
Subject key identifier: 74:02:01:AE:64:20:00:4F:94:4A:93:5C:8C:9C:7F:6E:89:1B:A6:26
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01944311AC959FFAB895225CD74DDC9847DB
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/dAIBrmQgAE-USpNcjJx_bokbpiY.roa
Signing time: Tue 07 Jan 2025 23:20:19 +0000
ROA not before: Tue 07 Jan 2025 23:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213877
IP address blocks: 150.241.105.0/24 maxlen: 24
150.241.108.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
185.184.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 17:27:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:43:11:ac:95:9f:fa:b8:95:22:5c:d7:4d:dc:98:47:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 7 23:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=740201ae6420004f944a935c8c9c7f6e891ba626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9d:7c:bf:ed:e6:07:28:a2:4b:97:d9:b7:e2:
28:19:a0:ec:9b:d5:34:cd:27:80:19:d3:ab:b1:64:
eb:2c:7c:03:2c:40:16:db:a0:86:ec:54:9c:96:77:
0a:d9:18:39:d2:b6:a7:ce:01:74:e3:36:15:81:be:
a6:97:1c:8b:db:67:d3:2d:0f:d8:ef:36:41:77:23:
c4:12:76:0f:81:e2:ff:e5:ad:e8:d7:23:9a:98:c1:
c3:f6:8e:bb:0c:50:48:e1:e9:38:05:aa:01:91:d8:
76:36:69:62:82:a8:6a:b5:a0:2d:2a:87:c1:4a:f3:
97:a5:cb:8b:46:32:10:d4:aa:5a:3b:93:39:b8:00:
f4:03:74:bd:b1:fe:8b:79:d9:7d:ea:80:b9:1b:7d:
39:bd:63:8f:95:07:af:e8:03:ab:00:9e:cf:5f:2b:
50:98:38:c8:3f:c9:a9:41:5a:67:3c:31:ad:ab:58:
48:14:8c:f6:62:c6:cd:c3:43:bc:c5:26:d1:b5:35:
cd:4e:ac:b5:09:84:70:03:6b:02:8f:9a:82:81:7c:
d5:05:f1:8f:de:88:33:cf:74:74:06:78:f4:f1:9b:
30:34:5e:0a:e1:e2:1f:ee:a1:df:8c:e1:65:ab:96:
01:c0:92:e8:50:13:22:29:48:51:67:73:cc:e7:58:
9f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:02:01:AE:64:20:00:4F:94:4A:93:5C:8C:9C:7F:6E:89:1B:A6:26
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/dAIBrmQgAE-USpNcjJx_bokbpiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.105.0/24
150.241.108.0/24
150.241.123.0/24
185.184.122.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:54:e6:80:7d:ae:93:89:35:b7:c6:ae:e1:67:3c:92:71:13:
28:10:e5:d6:2b:07:7c:c8:f1:18:27:bd:e9:c6:95:cf:07:40:
6c:78:13:12:3f:5d:3b:d6:5e:18:b5:c8:41:b8:d9:5f:7d:30:
9f:86:93:c4:3b:a7:b7:72:72:b7:7f:41:58:a4:72:37:0a:05:
d3:e6:66:86:93:28:bc:34:e5:b6:cb:54:90:63:f0:0e:83:65:
ab:89:ed:d4:ee:96:0e:ef:01:e4:1b:e1:af:b8:84:ad:71:0a:
50:03:69:f7:30:09:6b:8d:42:6f:29:ca:be:20:11:7a:ce:4c:
9d:77:3a:89:05:a4:12:2c:2e:62:30:46:ba:22:75:36:5e:2d:
48:e3:1b:3e:13:d3:ba:4c:0b:0a:e0:87:56:92:39:9d:f7:1a:
2b:a9:66:8a:d4:04:02:31:88:e6:65:01:f8:9c:c2:ff:95:6c:
a2:97:43:87:3f:c0:3a:75:14:3e:11:85:16:03:db:c9:2e:8b:
20:75:cf:f2:8b:cb:a5:b6:35:d9:b3:fe:66:30:a8:3f:ab:dd:
84:a0:f2:ba:ed:44:de:3c:fc:c1:54:bb:8e:b4:7b:cc:a9:2e:
6a:88:c6:96:64:3e:b2:07:86:1b:bd:a8:74:48:d2:c4:c6:99:
07:12:a4:0b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRDEayVn/q4lSJc103cmEfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTA3MjMyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDAyMDFhZTY0MjAwMDRmOTQ0YTkzNWM4YzljN2Y2ZTg5MWJhNjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAip18v+3mByiiS5fZt+IoGaDsm9U0
zSeAGdOrsWTrLHwDLEAW26CG7FSclncK2Rg50ranzgF04zYVgb6mlxyL22fTLQ/Y
7zZBdyPEEnYPgeL/5a3o1yOamMHD9o67DFBI4ek4BaoBkdh2NmligqhqtaAtKofB
SvOXpcuLRjIQ1KpaO5M5uAD0A3S9sf6Ledl96oC5G305vWOPlQev6AOrAJ7PXytQ
mDjIP8mpQVpnPDGtq1hIFIz2YsbNw0O8xSbRtTXNTqy1CYRwA2sCj5qCgXzVBfGP
3ogzz3R0Bnj08ZswNF4K4eIf7qHfjOFlq5YBwJLoUBMiKUhRZ3PM51ifZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHQCAa5kIABPlEqTXIycf26JG6YmMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvZEFJQnJtUWdBRS1VU3BOY2pKeF9ib2ticGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAlvFpAwQA
lvFsAwQAlvF7AwQAubh6MA0GCSqGSIb3DQEBCwUAA4IBAQBeVOaAfa6TiTW3xq7h
ZzyScRMoEOXWKwd8yPEYJ73pxpXPB0BseBMSP1071l4YtchBuNlffTCfhpPEO6e3
cnK3f0FYpHI3CgXT5maGkyi8NOW2y1SQY/AOg2Wrie3U7pYO7wHkG+GvuIStcQpQ
A2n3MAlrjUJvKcq+IBF6zkyddzqJBaQSLC5iMEa6InU2Xi1I4xs+E9O6TAsK4IdW
kjmd9xorqWaK1AQCMYjmZQH4nML/lWyil0OHP8A6dRQ+EYUWA9vJLosgdc/yi8ul
tjXZs/5mMKg/q92EoPK67UTePPzBVLuOtHvMqS5qiMaWZD6yB4Ybvah0SNLExpkH
EqQL
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:39 2025 by rpki-client