Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/vNPYsy1q7wssJsZuS_MA_Sjsq1w.roa
File: vNPYsy1q7wssJsZuS_MA_Sjsq1w.roa (raw, json)
Hash identifier: jHHqzHcwbmytrqnmHc8xWoACCDl6VO1U5HMhANyucX0=
Subject key identifier: BC:D3:D8:B3:2D:6A:EF:0B:2C:26:C6:6E:4B:F3:00:FD:28:EC:AB:5C
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 0194CACD6745FE251AF95712D35E9142930B
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/vNPYsy1q7wssJsZuS_MA_Sjsq1w.roa
Signing time: Mon 03 Feb 2025 07:54:06 +0000
ROA not before: Mon 03 Feb 2025 07:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 12:09:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ca:cd:67:45:fe:25:1a:f9:57:12:d3:5e:91:42:93:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Feb 3 07:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcd3d8b32d6aef0b2c26c66e4bf300fd28ecab5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2f:08:f6:a2:1a:a8:91:7b:4e:76:99:6c:28:
f0:49:b6:17:68:2e:62:d1:bd:da:83:be:a9:f7:4f:
ce:86:52:dc:5e:20:a4:84:c0:b2:49:67:5d:38:32:
b9:55:10:6b:6d:f1:55:3c:df:59:db:b4:ff:9a:3c:
67:26:e1:9d:e2:69:eb:f0:55:19:83:8c:07:0f:58:
d6:b8:a3:8b:0d:c7:3f:33:34:b3:d6:5f:12:ba:c7:
3f:47:e3:c4:c7:07:5b:73:eb:f1:79:51:8e:be:71:
3c:9a:0c:7e:9e:c1:61:be:ac:c6:c0:95:1d:9e:dd:
5b:d8:e7:e5:99:6d:d3:0d:d1:84:99:58:45:98:b0:
df:b2:ae:33:62:da:4f:bf:3c:44:d4:63:44:35:bd:
1c:da:2c:7b:a0:fc:eb:a9:98:4a:7b:c8:d5:a2:59:
59:58:84:85:0f:b1:b9:b4:d0:0a:8f:ce:ea:47:af:
b3:26:59:dc:39:6f:b9:36:ef:a4:e1:96:62:10:6f:
4b:f4:56:df:8e:5e:9d:95:a9:38:fd:8b:ee:09:59:
90:bc:83:17:70:4c:88:ec:d3:6d:f6:a2:5d:f5:9c:
51:45:4a:82:72:70:7c:f8:f5:90:a8:47:b6:0e:40:
e2:7e:73:24:f3:d0:6b:5f:bb:c0:31:0c:09:9d:e5:
67:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D3:D8:B3:2D:6A:EF:0B:2C:26:C6:6E:4B:F3:00:FD:28:EC:AB:5C
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/vNPYsy1q7wssJsZuS_MA_Sjsq1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
87:ae:8c:68:0c:b7:54:19:c3:8c:46:65:e6:a1:42:a4:83:fc:
79:12:aa:6c:0a:b2:e1:99:8f:58:36:8e:ce:0f:c7:88:2d:8c:
e7:d0:88:b6:ce:8a:c4:ec:55:f4:90:14:0c:2c:2f:56:5c:51:
cd:d8:c1:e5:5b:fd:a5:8d:97:63:85:8c:df:d7:83:91:e1:ac:
54:23:88:0e:96:4f:f2:1c:29:6c:f4:80:fa:06:86:d8:13:14:
5e:7d:3b:4b:d1:d1:46:57:c5:b0:a8:35:fc:10:8b:60:f7:73:
8a:af:1d:0a:32:15:55:7f:d0:cc:28:06:08:3f:70:8d:8f:40:
ec:22:03:e3:53:a5:61:f5:1e:8f:8d:a1:91:03:93:83:f6:d8:
0c:49:98:41:c1:b9:ef:5a:b5:38:76:c6:8c:19:5a:64:23:fb:
b2:67:5a:71:df:83:ee:85:19:2d:72:0b:dc:9b:6c:a7:4a:24:
3b:70:1c:2a:23:d2:35:de:85:1f:f7:1d:4b:ae:e4:0f:b7:2a:
0b:85:07:c6:7a:0a:5e:3a:21:61:17:99:c2:3c:94:f7:8e:18:
32:8c:c1:ce:0c:b6:9a:68:94:dc:c2:9a:d6:d3:81:e1:0d:14:
70:c6:64:a7:30:03:5a:40:33:0b:de:4d:1d:0f:56:c7:65:f0:
b6:fc:ee:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTKzWdF/iUa+VcS016RQpMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwMjAzMDc1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2QzZDhiMzJkNmFlZjBiMmMyNmM2NmU0YmYzMDBmZDI4ZWNhYjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAty8I9qIaqJF7TnaZbCjwSbYXaC5i
0b3ag76p90/OhlLcXiCkhMCySWddODK5VRBrbfFVPN9Z27T/mjxnJuGd4mnr8FUZ
g4wHD1jWuKOLDcc/MzSz1l8Susc/R+PExwdbc+vxeVGOvnE8mgx+nsFhvqzGwJUd
nt1b2OflmW3TDdGEmVhFmLDfsq4zYtpPvzxE1GNENb0c2ix7oPzrqZhKe8jVollZ
WISFD7G5tNAKj87qR6+zJlncOW+5Nu+k4ZZiEG9L9Fbfjl6dlak4/YvuCVmQvIMX
cEyI7NNt9qJd9ZxRRUqCcnB8+PWQqEe2DkDifnMk89BrX7vAMQwJneVn7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzT2LMtau8LLCbGbkvzAP0o7KtcMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvdk5QWXN5MXE3d3NzSnNadVNfTUFfU2pzcTF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQCHroxoDLdUGcOMRmXmoUKkg/x5EqpsCrLhmY9YNo7O
D8eILYzn0Ii2zorE7FX0kBQMLC9WXFHN2MHlW/2ljZdjhYzf14OR4axUI4gOlk/y
HCls9ID6BobYExRefTtL0dFGV8WwqDX8EItg93OKrx0KMhVVf9DMKAYIP3CNj0Ds
IgPjU6Vh9R6PjaGRA5OD9tgMSZhBwbnvWrU4dsaMGVpkI/uyZ1px34PuhRktcgvc
m2ynSiQ7cBwqI9I13oUf9x1LruQPtyoLhQfGegpeOiFhF5nCPJT3jhgyjMHODLaa
aJTcwprW04HhDRRwxmSnMANaQDML3k0dD1bHZfC2/O79
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:28:39 2025 by rpki-client