Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/RBOOkFxFc0p9LWV_CjFPX94hluM.roa
File: RBOOkFxFc0p9LWV_CjFPX94hluM.roa (raw, json)
Hash identifier: S0lnIUS3asa7DwZ0nnu/fNJ4FByWqbYsam7arcnp6os=
Subject key identifier: 44:13:8E:90:5C:45:73:4A:7D:2D:65:7F:0A:31:4F:5F:DE:21:96:E3
Certificate issuer: /CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Certificate serial: 018CC7955F1583A067E0FF9F99A037D4EC5E
Authority key identifier: 4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/RBOOkFxFc0p9LWV_CjFPX94hluM.roa
Signing time: Tue 02 Jan 2024 00:31:44 +0000
ROA not before: Tue 02 Jan 2024 00:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51970
IP address blocks: 84.247.22.0/24 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:5f:15:83:a0:67:e0:ff:9f:99:a0:37:d4:ec:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Validity
Not Before: Jan 2 00:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44138e905c45734a7d2d657f0a314f5fde2196e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b5:7e:29:18:60:8c:42:ab:05:76:e2:53:46:
bd:ec:a1:dd:38:8e:96:c4:e8:3f:8f:c2:df:82:80:
5a:9b:c4:1d:28:21:4b:2d:6b:61:f5:e8:41:2f:b1:
6d:89:12:61:e9:f9:37:38:31:4a:a2:d4:61:3d:81:
43:97:e6:e3:3c:92:96:9a:59:a3:56:b6:e0:03:5f:
85:25:c4:a0:b5:8c:b0:19:46:86:8b:51:6d:f1:60:
21:8f:85:24:9d:2e:94:81:ba:1b:a8:96:d2:27:72:
a8:f8:ac:b6:5f:cf:8d:0b:b3:aa:d8:3c:28:e8:b4:
d6:2d:77:fd:1e:c5:a7:90:62:7b:c7:a2:09:c3:45:
5e:d4:00:0f:60:47:c1:4d:32:20:a6:01:a4:48:5e:
63:ac:60:57:57:a2:35:76:68:e8:24:2a:e4:67:2c:
1c:30:97:16:33:b8:30:fc:ad:36:89:bd:e2:9e:9a:
4f:c1:5d:62:53:71:a8:2f:2a:ef:33:46:6a:e3:cc:
a6:25:d7:5f:e5:05:c5:9d:d6:ed:f9:dd:f3:0c:14:
f6:c3:40:c3:fe:22:57:b5:b2:b3:87:82:aa:f7:58:
7d:67:65:1a:89:22:e4:a6:c3:e8:9a:f0:a3:10:15:
6c:7a:36:93:41:c7:52:0d:2c:4a:00:63:f2:9c:05:
07:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:13:8E:90:5C:45:73:4A:7D:2D:65:7F:0A:31:4F:5F:DE:21:96:E3
X509v3 Authority Key Identifier:
keyid:4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/RBOOkFxFc0p9LWV_CjFPX94hluM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.22.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:93:79:61:63:4a:fb:c5:a4:c6:5d:bd:9d:1a:c1:f4:d4:0f:
94:0d:a3:a8:7c:a6:df:aa:f5:72:d1:a8:c4:84:30:b2:d2:f5:
e7:fa:ba:d0:17:8b:ad:01:ae:26:7a:6a:c7:e9:76:cc:fd:4f:
d8:93:79:ac:5e:eb:ef:97:30:28:f0:1a:d9:0b:0a:66:c1:94:
43:c0:ce:30:f6:33:34:c8:47:bd:1e:e5:69:98:c1:7b:4c:19:
42:f7:24:9e:ec:33:28:52:3b:ee:97:11:85:3a:c6:81:21:ac:
93:b2:ac:19:46:80:51:c0:37:62:e0:a7:07:06:70:04:10:95:
ac:87:b1:4f:1b:ac:c4:78:55:49:f3:83:e7:e9:c9:f9:a1:2f:
13:22:e8:75:c7:41:41:0d:e7:c7:63:ea:48:fd:b3:f5:0b:48:
b8:d7:01:e3:b5:0c:a5:c8:a7:a6:53:ef:19:ce:57:56:19:09:
a5:af:08:ac:ac:db:48:af:1b:29:3f:2b:88:c9:bc:bb:3d:66:
46:4d:3b:6e:5a:1b:d2:96:9d:20:77:9b:96:0c:6c:47:9b:8c:
76:5d:8f:25:3b:21:de:a5:63:f7:ee:28:29:a7:86:8e:05:e0:
41:58:8a:30:bd:98:65:eb:e2:8e:e9:03:89:74:ab:79:18:43:
90:0b:db:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlV8Vg6Bn4P+fmaA31OxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzBhZjFhOTk4ODZjOTEwMWQxMzVmNTRiZDJiZGVmMzU4
YjI2NmUwHhcNMjQwMTAyMDAzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDEzOGU5MDVjNDU3MzRhN2QyZDY1N2YwYTMxNGY1ZmRlMjE5NmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrV+KRhgjEKrBXbiU0a97KHdOI6W
xOg/j8LfgoBam8QdKCFLLWth9ehBL7FtiRJh6fk3ODFKotRhPYFDl+bjPJKWmlmj
VrbgA1+FJcSgtYywGUaGi1Ft8WAhj4UknS6UgbobqJbSJ3Ko+Ky2X8+NC7Oq2Dwo
6LTWLXf9HsWnkGJ7x6IJw0Ve1AAPYEfBTTIgpgGkSF5jrGBXV6I1dmjoJCrkZywc
MJcWM7gw/K02ib3inppPwV1iU3GoLyrvM0Zq48ymJddf5QXFndbt+d3zDBT2w0DD
/iJXtbKzh4Kq91h9Z2UaiSLkpsPomvCjEBVsejaTQcdSDSxKAGPynAUHawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEQTjpBcRXNKfS1lfwoxT1/eIZbjMB8GA1UdIwQY
MBaAFE1wrxqZiGyRAdE19UvSve81iyZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEt
NDYxYWIwZWNlZTAxLzEvUkJPT2tGeEZjMHA5TFdWX0NqRlBYOTRobHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAx
LzEvVFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPcWMA0G
CSqGSIb3DQEBCwUAA4IBAQCLk3lhY0r7xaTGXb2dGsH01A+UDaOofKbfqvVy0ajE
hDCy0vXn+rrQF4utAa4memrH6XbM/U/Yk3msXuvvlzAo8BrZCwpmwZRDwM4w9jM0
yEe9HuVpmMF7TBlC9ySe7DMoUjvulxGFOsaBIayTsqwZRoBRwDdi4KcHBnAEEJWs
h7FPG6zEeFVJ84Pn6cn5oS8TIuh1x0FBDefHY+pI/bP1C0i41wHjtQylyKemU+8Z
zldWGQmlrwisrNtIrxspPyuIyby7PWZGTTtuWhvSlp0gd5uWDGxHm4x2XY8lOyHe
pWP37igpp4aOBeBBWIowvZhl6+KO6QOJdKt5GEOQC9sS
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:47:29 2025 by rpki-client