Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/crHFxKKDWEItZ4Mk3KFnBQgUPdQ.roa
File: crHFxKKDWEItZ4Mk3KFnBQgUPdQ.roa (raw, json)
Hash identifier: YlQqxFzrNSxZVRsftCMftXeYSYCoYVwKqZOipgathvM=
Subject key identifier: 72:B1:C5:C4:A2:83:58:42:2D:67:83:24:DC:A1:67:05:08:14:3D:D4
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018CC6B94182F55AAA355C88AAC40A2591DF
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/crHFxKKDWEItZ4Mk3KFnBQgUPdQ.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202439
IP address blocks: 151.237.138.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:41:82:f5:5a:aa:35:5c:88:aa:c4:0a:25:91:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72b1c5c4a28358422d678324dca1670508143dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:00:34:6b:3c:bd:55:45:1e:a7:ee:ba:ac:95:
cc:d8:ca:b5:4b:8a:6c:92:f7:dc:8f:5e:b6:64:f2:
5a:b0:63:f7:42:a6:7b:24:a9:73:7c:8a:ba:2d:b5:
f9:a7:28:3c:49:10:69:9b:4d:5d:31:89:89:95:b2:
9a:8a:bd:e0:c9:fe:43:66:52:1d:71:2a:c2:da:53:
4c:76:de:34:a4:38:04:86:23:2d:f5:09:31:7a:de:
f6:b3:cc:af:03:51:dc:24:f2:ed:a6:cf:15:1a:80:
a0:37:a6:eb:8e:9d:18:ad:2f:db:b5:d7:82:a8:63:
02:c1:b0:c4:d1:45:8e:50:3c:91:ec:15:aa:35:05:
fb:08:42:d6:b7:4a:0c:1d:a4:22:62:18:59:2d:f4:
b1:de:14:d9:38:71:be:d1:a8:37:e4:9b:e8:5f:ce:
2f:c8:82:57:ad:f5:eb:b7:96:0b:e5:90:3a:c0:6b:
b1:d8:32:a3:c5:f7:d9:dd:71:0e:88:ff:a7:27:21:
29:a1:e2:6d:da:e0:7a:60:22:6e:a7:7a:f0:f7:b2:
5e:15:80:c3:23:83:6d:5e:d7:15:a4:f3:5e:1a:65:
26:c9:64:5c:c3:e4:44:9a:af:14:6d:67:18:1a:c3:
13:e5:f5:0f:24:34:a3:d9:c8:0b:6c:45:b1:56:83:
a9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B1:C5:C4:A2:83:58:42:2D:67:83:24:DC:A1:67:05:08:14:3D:D4
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/crHFxKKDWEItZ4Mk3KFnBQgUPdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.138.0/23
Signature Algorithm: sha256WithRSAEncryption
76:8e:f7:eb:a0:4f:06:f5:7b:26:0e:08:2f:97:3a:aa:ef:30:
56:13:0d:bc:0c:d4:69:3d:6f:af:8f:17:22:61:77:de:51:66:
ca:3c:26:e3:ae:bd:0b:cb:fc:d5:46:76:49:f9:ca:ad:07:0b:
84:0c:2b:28:15:f5:c5:3a:ae:c8:4f:79:f2:de:97:b3:12:db:
b1:d5:38:a0:f9:27:ce:33:1c:8a:e1:91:4a:98:62:61:70:fb:
99:98:41:39:a0:5b:ce:0d:2b:78:12:b0:1c:ad:24:a3:7f:86:
3b:52:ab:15:78:d4:78:71:c4:70:8f:c5:5e:df:b8:5a:32:4c:
28:4c:c8:32:61:54:c7:e1:d2:e6:b4:c5:ee:36:d2:c2:3a:b9:
f2:d1:7f:c3:af:f0:ed:5a:50:5e:0b:8e:6a:dd:71:7d:d7:87:
60:26:75:59:a9:8d:16:a6:81:ba:a8:a6:23:8c:98:f1:1f:1e:
f3:2d:16:ce:39:eb:f2:a8:e2:d3:4e:09:44:5a:77:58:0b:97:
9a:41:56:65:6e:ad:a0:88:07:68:cd:9f:b4:99:ab:1d:da:d1:
58:08:00:0b:4a:51:13:ee:ed:ca:1f:55:24:06:13:19:d4:50:
32:f2:08:bd:b4:94:11:10:de:b0:8d:9a:96:6c:78:09:22:1e:
8a:31:6e:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuUGC9VqqNVyIqsQKJZHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmIxYzVjNGEyODM1ODQyMmQ2NzgzMjRkY2ExNjcwNTA4MTQzZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQA0azy9VUUep+66rJXM2Mq1S4ps
kvfcj162ZPJasGP3QqZ7JKlzfIq6LbX5pyg8SRBpm01dMYmJlbKair3gyf5DZlId
cSrC2lNMdt40pDgEhiMt9Qkxet72s8yvA1HcJPLtps8VGoCgN6brjp0YrS/btdeC
qGMCwbDE0UWOUDyR7BWqNQX7CELWt0oMHaQiYhhZLfSx3hTZOHG+0ag35JvoX84v
yIJXrfXrt5YL5ZA6wGux2DKjxffZ3XEOiP+nJyEpoeJt2uB6YCJup3rw97JeFYDD
I4NtXtcVpPNeGmUmyWRcw+REmq8UbWcYGsMT5fUPJDSj2cgLbEWxVoOpPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKxxcSig1hCLWeDJNyhZwUIFD3UMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvY3JIRnhLS0RXRUl0WjRNazNLRm5CUWdVUGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl+2KMA0G
CSqGSIb3DQEBCwUAA4IBAQB2jvfroE8G9XsmDggvlzqq7zBWEw28DNRpPW+vjxci
YXfeUWbKPCbjrr0Ly/zVRnZJ+cqtBwuEDCsoFfXFOq7IT3ny3pezEtux1Tig+SfO
MxyK4ZFKmGJhcPuZmEE5oFvODSt4ErAcrSSjf4Y7UqsVeNR4ccRwj8Ve37haMkwo
TMgyYVTH4dLmtMXuNtLCOrny0X/Dr/DtWlBeC45q3XF914dgJnVZqY0WpoG6qKYj
jJjxHx7zLRbOOevyqOLTTglEWndYC5eaQVZlbq2giAdozZ+0masd2tFYCAALSlET
7u3KH1UkBhMZ1FAy8gi9tJQREN6wjZqWbHgJIh6KMW4K
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:34:49 2025 by rpki-client