Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/3D8fymb9u1XyrhppyLptDVgwn1g.roa
File: 3D8fymb9u1XyrhppyLptDVgwn1g.roa (raw, json)
Hash identifier: KCerwCgfMM6xBkK8pricRRp6Fj/22AjGKHI306H6Aic=
Subject key identifier: DC:3F:1F:CA:66:FD:BB:55:F2:AE:1A:69:C8:BA:6D:0D:58:30:9F:58
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 01958A0750F1F0B14DEDFF8C7C22FDAB3F44
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/3D8fymb9u1XyrhppyLptDVgwn1g.roa
Signing time: Wed 12 Mar 2025 11:04:49 +0000
ROA not before: Wed 12 Mar 2025 11:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34346
IP address blocks: 152.89.194.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 13 Mar 2025 11:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:07:50:f1:f0:b1:4d:ed:ff:8c:7c:22:fd:ab:3f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Mar 12 11:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc3f1fca66fdbb55f2ae1a69c8ba6d0d58309f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3b:26:cc:bb:57:af:f6:8e:e1:5a:4f:35:19:
18:a4:41:ce:ca:cb:9b:10:35:05:9b:06:8b:98:8d:
ca:c2:7d:e5:63:59:b8:93:8d:07:ba:44:96:f6:86:
57:01:86:64:13:8a:7c:0e:c8:f4:b0:6d:8f:81:6d:
6d:5f:48:31:fb:f3:f4:ff:cc:d5:b1:f2:4e:f0:66:
d0:ba:3c:e8:32:a8:37:85:69:1b:5c:56:e5:73:8d:
25:12:e7:2a:dd:67:f4:e8:1c:83:09:2d:27:1d:35:
ed:20:77:56:5a:14:0b:89:70:09:c4:05:cd:43:ae:
61:5a:55:d6:20:1d:e9:b0:3a:89:06:2a:8e:7c:b9:
99:fa:82:34:40:9a:62:64:e2:16:a5:99:43:3a:75:
6b:c4:f1:36:33:8a:ca:cb:5b:15:db:36:fc:b8:49:
62:98:04:17:ce:db:72:20:7f:d4:d0:c0:91:11:52:
c8:b6:db:21:c4:8d:b1:62:39:e0:46:15:54:ea:19:
b9:87:be:a6:5b:3f:f4:bb:26:68:23:4d:ad:07:db:
6d:56:9f:37:d0:3d:5a:51:71:79:f9:7e:90:b4:93:
f6:d7:0e:59:25:4c:25:bb:9d:89:89:e4:7a:d1:85:
be:8e:d0:36:e8:34:01:0b:2e:31:58:9a:11:f8:b0:
ca:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:3F:1F:CA:66:FD:BB:55:F2:AE:1A:69:C8:BA:6D:0D:58:30:9F:58
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/3D8fymb9u1XyrhppyLptDVgwn1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.194.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:89:86:61:e8:e1:e0:e2:98:15:1a:86:f2:89:d9:f5:29:53:
c4:82:ac:ff:cf:1c:03:91:10:26:14:58:a8:7e:b7:82:19:cd:
2f:77:f3:67:ac:ed:7a:b4:20:24:7f:a5:e0:bd:e8:8f:f6:ab:
1e:44:01:89:f0:9e:44:9e:d3:09:a1:bb:88:c5:e1:18:06:86:
8d:e9:9e:32:a1:3f:8d:43:bf:33:ce:d7:7d:5c:fd:39:cc:f7:
ad:f0:a9:2a:de:dd:72:dd:1b:45:c1:c6:cb:23:d3:88:37:ce:
d1:a7:af:af:f4:9a:3e:8a:7b:ef:da:10:67:71:d0:18:5f:b9:
2f:ed:b2:32:8b:84:76:10:88:2b:a0:ab:44:a8:52:1c:af:05:
ca:9f:40:e1:6f:50:93:82:d1:cb:95:eb:1f:4b:a7:a2:c7:4c:
9b:eb:7f:46:0a:01:bd:35:42:2a:ca:a2:2d:d4:37:95:67:cb:
c7:4f:87:06:f5:fe:cb:fa:cb:66:22:0c:55:2c:8f:7a:91:d8:
14:2b:31:98:e5:f6:4b:2d:64:93:01:95:a7:52:68:b3:cd:df:
a5:21:18:cf:c0:de:1f:0e:c3:92:07:73:33:9f:90:fb:a0:db:
66:2e:9d:2c:5e:ab:a9:0d:d2:68:7c:9a:03:66:46:78:93:ef:
1a:4f:4b:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWKB1Dx8LFN7f+MfCL9qz9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwMzEyMTEwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzNmMWZjYTY2ZmRiYjU1ZjJhZTFhNjljOGJhNmQwZDU4MzA5ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TsmzLtXr/aO4VpPNRkYpEHOysub
EDUFmwaLmI3Kwn3lY1m4k40HukSW9oZXAYZkE4p8Dsj0sG2PgW1tX0gx+/P0/8zV
sfJO8GbQujzoMqg3hWkbXFblc40lEucq3Wf06ByDCS0nHTXtIHdWWhQLiXAJxAXN
Q65hWlXWIB3psDqJBiqOfLmZ+oI0QJpiZOIWpZlDOnVrxPE2M4rKy1sV2zb8uEli
mAQXzttyIH/U0MCREVLIttshxI2xYjngRhVU6hm5h76mWz/0uyZoI02tB9ttVp83
0D1aUXF5+X6QtJP21w5ZJUwlu52JieR60YW+jtA26DQBCy4xWJoR+LDKQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNw/H8pm/btV8q4aaci6bQ1YMJ9YMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvM0Q4ZnltYjl1MVh5cmhwcHlMcHREVmd3bjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFnCMA0G
CSqGSIb3DQEBCwUAA4IBAQAMiYZh6OHg4pgVGobyidn1KVPEgqz/zxwDkRAmFFio
freCGc0vd/NnrO16tCAkf6XgveiP9qseRAGJ8J5EntMJobuIxeEYBoaN6Z4yoT+N
Q78zztd9XP05zPet8Kkq3t1y3RtFwcbLI9OIN87Rp6+v9Jo+invv2hBncdAYX7kv
7bIyi4R2EIgroKtEqFIcrwXKn0Dhb1CTgtHLlesfS6eix0yb639GCgG9NUIqyqIt
1DeVZ8vHT4cG9f7L+stmIgxVLI96kdgUKzGY5fZLLWSTAZWnUmizzd+lIRjPwN4f
DsOSB3Mzn5D7oNtmLp0sXqupDdJofJoDZkZ4k+8aT0vB
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:43:03 2025 by rpki-client