Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/s8SaQXyhUxvWXDItM6AHkUcBRhk.roa
File: s8SaQXyhUxvWXDItM6AHkUcBRhk.roa (raw, json)
Hash identifier: FLRNgGBuPELkrqMNTeIqpkeFXUupNLUAlnlDv2UWaOo=
Subject key identifier: B3:C4:9A:41:7C:A1:53:1B:D6:5C:32:2D:33:A0:07:91:47:01:46:19
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 018CC8713BA592F653557265B35B8B10D688
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/s8SaQXyhUxvWXDItM6AHkUcBRhk.roa
Signing time: Tue 02 Jan 2024 04:31:53 +0000
ROA not before: Tue 02 Jan 2024 04:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207240
IP address blocks: 171.25.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:3b:a5:92:f6:53:55:72:65:b3:5b:8b:10:d6:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 2 04:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3c49a417ca1531bd65c322d33a0079147014619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c7:4b:92:cb:a6:ca:ff:2a:d8:0f:59:76:fe:
40:1c:da:23:c8:21:23:64:9a:30:08:30:fa:0d:06:
ed:24:c4:4f:ce:66:52:37:e1:b4:61:1b:46:23:a5:
9b:16:1f:76:12:f8:e5:0a:86:df:7b:27:f0:d3:4f:
ee:20:74:f4:93:99:3a:54:74:19:6f:11:6c:df:19:
66:6b:b5:f1:8f:82:48:b4:01:b5:e7:22:e2:5e:86:
49:ea:3c:f0:3b:18:8f:4b:19:2b:ac:1d:c9:ce:d3:
03:d5:0e:9e:24:e5:fe:4f:bc:57:ff:ac:f2:d7:a1:
7c:d7:77:4f:93:58:9f:9a:25:68:c4:fc:0a:60:07:
04:1d:f7:fc:77:a9:95:49:cc:60:d7:42:e4:b4:09:
a1:5c:51:c8:83:2f:9e:bb:07:ef:d0:d9:57:93:37:
3c:d5:92:9f:40:42:49:9b:7c:be:fd:03:a2:35:46:
85:a6:3f:97:5c:e3:64:e5:ce:c6:70:17:58:6e:33:
ca:c5:2c:f5:ac:c7:de:6c:6e:9b:d0:7d:58:38:07:
a7:f5:b4:e5:94:1c:be:2a:66:fc:50:29:0d:6f:c2:
2c:69:2d:bb:26:f6:4c:c5:96:1c:de:88:6a:35:f0:
2d:de:0e:f7:40:cd:27:32:9f:a2:dd:77:73:c7:92:
d0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C4:9A:41:7C:A1:53:1B:D6:5C:32:2D:33:A0:07:91:47:01:46:19
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/s8SaQXyhUxvWXDItM6AHkUcBRhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.177.0/24
Signature Algorithm: sha256WithRSAEncryption
02:48:05:13:18:f2:5c:72:ee:2b:58:1a:8b:90:48:45:f5:b8:
46:0e:54:62:8a:36:ff:73:6c:42:2b:ae:ae:ec:15:de:02:c9:
71:98:80:2a:3f:2b:ab:57:6b:1c:b2:72:ac:21:37:d0:9e:e4:
08:90:ac:32:8e:28:b4:f0:89:28:e3:af:16:78:23:38:d2:86:
c2:19:41:c5:2a:d4:67:7d:e3:95:5b:5a:aa:8e:69:c6:96:7d:
62:f5:35:67:38:c3:94:1e:1c:16:89:44:b2:eb:77:28:39:cf:
cc:8c:ff:fc:47:d0:56:0e:d2:0e:55:38:e4:3d:58:5c:c8:da:
51:e8:e4:98:93:c0:20:3b:1b:cf:8a:f1:d8:64:98:4d:b7:07:
df:1c:de:0e:e9:71:69:d3:20:33:67:46:d5:16:e4:60:01:bc:
74:b8:77:63:65:e5:b1:ce:95:e2:23:1b:4f:e7:a7:fe:3d:47:
b3:5c:80:32:1e:e0:29:96:7c:13:2c:a6:79:44:61:30:9e:03:
e8:40:1d:86:2d:66:5f:7a:f7:16:d3:7a:5a:fb:75:93:ad:a7:
92:ba:c5:38:28:3b:2b:4c:52:10:50:05:f7:38:12:3d:09:0d:
3d:0a:64:5c:72:b3:21:f1:f8:56:44:bf:d9:b6:b4:1c:e6:4e:
62:c1:68:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcTulkvZTVXJls1uLENaIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjQwMTAyMDQzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2M0OWE0MTdjYTE1MzFiZDY1YzMyMmQzM2EwMDc5MTQ3MDE0NjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MdLksumyv8q2A9Zdv5AHNojyCEj
ZJowCDD6DQbtJMRPzmZSN+G0YRtGI6WbFh92EvjlCobfeyfw00/uIHT0k5k6VHQZ
bxFs3xlma7Xxj4JItAG15yLiXoZJ6jzwOxiPSxkrrB3JztMD1Q6eJOX+T7xX/6zy
16F813dPk1ifmiVoxPwKYAcEHff8d6mVScxg10LktAmhXFHIgy+euwfv0NlXkzc8
1ZKfQEJJm3y+/QOiNUaFpj+XXONk5c7GcBdYbjPKxSz1rMfebG6b0H1YOAen9bTl
lBy+Kmb8UCkNb8IsaS27JvZMxZYc3ohqNfAt3g73QM0nMp+i3Xdzx5LQnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPEmkF8oVMb1lwyLTOgB5FHAUYZMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvczhTYVFYeWhVeHZXWERJdE02QUhrVWNCUmhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxmxMA0G
CSqGSIb3DQEBCwUAA4IBAQACSAUTGPJccu4rWBqLkEhF9bhGDlRiijb/c2xCK66u
7BXeAslxmIAqPyurV2scsnKsITfQnuQIkKwyjii08Iko468WeCM40obCGUHFKtRn
feOVW1qqjmnGln1i9TVnOMOUHhwWiUSy63coOc/MjP/8R9BWDtIOVTjkPVhcyNpR
6OSYk8AgOxvPivHYZJhNtwffHN4O6XFp0yAzZ0bVFuRgAbx0uHdjZeWxzpXiIxtP
56f+PUezXIAyHuAplnwTLKZ5RGEwngPoQB2GLWZfevcW03pa+3WTraeSusU4KDsr
TFIQUAX3OBI9CQ09CmRccrMh8fhWRL/ZtrQc5k5iwWi+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:06 2025 by rpki-client