Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/30ARQv8o2f2dm5TQKs8SphT9s0w.roa
File: 30ARQv8o2f2dm5TQKs8SphT9s0w.roa (raw, json)
Hash identifier: NN9oUAgukktUVjjU/y667oZkOLnJFUcOyfACsGTqNlQ=
Subject key identifier: DF:40:11:42:FF:28:D9:FD:9D:9B:94:D0:2A:CF:12:A6:14:FD:B3:4C
Certificate issuer: /CN=becec531e5c37756b828663f9cc20ad6217713ac
Certificate serial: 018CC56DE461B78CC76E2119C3A53E39EE4E
Authority key identifier: BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/30ARQv8o2f2dm5TQKs8SphT9s0w.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 164.133.91.0/24 maxlen: 24
164.133.98.0/24 maxlen: 24
164.133.99.0/24 maxlen: 24
164.133.4.0/24 maxlen: 24
164.133.10.0/24 maxlen: 24
164.133.11.0/24 maxlen: 24
164.133.150.0/24 maxlen: 24
164.133.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e4:61:b7:8c:c7:6e:21:19:c3:a5:3e:39:ee:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=becec531e5c37756b828663f9cc20ad6217713ac
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df401142ff28d9fd9d9b94d02acf12a614fdb34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:08:22:43:26:ae:45:ff:29:f0:ee:ab:32:72:
64:da:0e:1a:83:ea:06:28:9f:16:b6:98:93:1c:ab:
60:b3:6a:24:ac:8c:af:b0:90:96:48:d4:94:14:c0:
c6:b7:86:65:ed:34:51:f1:2d:33:51:62:de:aa:27:
96:ca:38:6d:56:e9:09:f0:05:70:8b:5d:12:b1:9c:
3f:b4:f5:9f:5d:ae:c7:b2:2f:cd:b4:49:c7:2e:9c:
5f:bf:85:e9:0f:f0:41:9b:79:6a:38:dc:90:b3:94:
9e:b5:b1:37:be:fe:ce:ea:48:34:a0:38:dc:63:ce:
a3:8d:3c:1f:aa:9a:77:61:71:7e:21:d0:88:6f:93:
cc:ff:eb:c8:ae:41:ac:5f:03:c4:ac:34:6b:57:1b:
80:ad:16:aa:ef:06:e5:79:10:79:8d:d1:4f:18:5d:
be:86:3c:c5:db:44:de:2c:e1:e6:be:9e:80:75:75:
fd:bd:bf:87:63:cc:4f:71:c2:c1:6e:ec:1b:73:a6:
81:8a:fd:b2:b8:b4:5f:d7:d9:2a:1d:1c:30:8d:fe:
7e:18:22:58:02:ea:3f:5a:4d:b9:78:30:ab:2c:5a:
92:26:9a:61:ca:3c:6a:9a:58:b1:a6:f2:a0:a9:41:
21:94:60:54:12:6f:a0:07:74:82:c6:66:d7:1d:99:
27:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:40:11:42:FF:28:D9:FD:9D:9B:94:D0:2A:CF:12:A6:14:FD:B3:4C
X509v3 Authority Key Identifier:
keyid:BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/30ARQv8o2f2dm5TQKs8SphT9s0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/vs7FMeXDd1a4KGY_nMIK1iF3E6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.133.4.0/24
164.133.10.0/23
164.133.91.0/24
164.133.98.0/23
164.133.150.0/24
164.133.154.0/24
Signature Algorithm: sha256WithRSAEncryption
69:72:85:f7:c4:d9:e1:a2:bf:54:c3:0c:83:a3:79:8e:c9:2f:
d1:2e:8e:b2:ab:80:45:85:db:56:bb:3c:f9:e6:c7:44:7d:76:
45:f0:c2:e2:aa:c0:b2:e5:d0:a6:08:53:ef:23:04:32:97:e8:
f4:50:c0:5c:ee:43:e8:5c:ef:fe:fb:e5:7d:c8:66:d4:d9:39:
ff:2e:e2:86:41:8c:cd:bb:d0:67:16:41:65:34:0c:e5:ff:73:
9c:61:5e:5d:33:13:0c:0b:76:06:47:79:ec:de:f2:96:0d:6d:
5e:c5:16:6c:80:87:30:16:01:d7:73:c6:6b:b5:99:32:ff:03:
2a:58:ec:41:df:c9:ad:20:d1:2c:27:89:14:d2:21:59:93:3e:
0e:79:0a:36:f8:d0:9d:09:59:d0:ab:43:e4:b3:1e:2c:87:1e:
33:c8:87:ee:a6:3d:c4:f2:0e:00:93:8a:ea:29:68:c4:21:98:
1b:64:0e:61:a5:d5:45:60:88:bc:2c:93:7d:c5:7f:ca:a8:8d:
64:de:24:a1:d8:6c:8b:b5:68:5d:d2:c2:2a:54:e7:9e:37:b6:
88:3f:a1:01:37:92:9a:b2:e9:13:6b:4b:8b:4a:19:65:74:e0:
b9:5c:60:11:05:f3:f5:95:9a:88:19:2c:ab:56:d9:a1:c8:1c:
5f:f7:08:eb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFbeRht4zHbiEZw6U+Oe5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlY2VjNTMxZTVjMzc3NTZiODI4NjYzZjljYzIwYWQ2MjE3
NzEzYWMwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjQwMTE0MmZmMjhkOWZkOWQ5Yjk0ZDAyYWNmMTJhNjE0ZmRiMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAgiQyauRf8p8O6rMnJk2g4ag+oG
KJ8WtpiTHKtgs2okrIyvsJCWSNSUFMDGt4Zl7TRR8S0zUWLeqieWyjhtVukJ8AVw
i10SsZw/tPWfXa7Hsi/NtEnHLpxfv4XpD/BBm3lqONyQs5SetbE3vv7O6kg0oDjc
Y86jjTwfqpp3YXF+IdCIb5PM/+vIrkGsXwPErDRrVxuArRaq7wbleRB5jdFPGF2+
hjzF20TeLOHmvp6AdXX9vb+HY8xPccLBbuwbc6aBiv2yuLRf19kqHRwwjf5+GCJY
Auo/Wk25eDCrLFqSJpphyjxqmlixpvKgqUEhlGBUEm+gB3SCxmbXHZkn1QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFN9AEUL/KNn9nZuU0CrPEqYU/bNMMB8GA1UdIwQY
MBaAFL7OxTHlw3dWuChmP5zCCtYhdxOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnM3Rk1lWERkMWE0S0dZX25NSUsxaUYzRTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYmNiOGItYTNmOC00OGNjLThkYjkt
M2RmOWUyMWY0YmNjLzEvMzBBUlF2OG8yZjJkbTVUUUtzOFNwaFQ5czB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYmNiOGItYTNmOC00OGNjLThkYjktM2RmOWUyMWY0YmNj
LzEvdnM3Rk1lWERkMWE0S0dZX25NSUsxaUYzRTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQApIUEAwQB
pIUKAwQApIVbAwQBpIViAwQApIWWAwQApIWaMA0GCSqGSIb3DQEBCwUAA4IBAQBp
coX3xNnhor9UwwyDo3mOyS/RLo6yq4BFhdtWuzz55sdEfXZF8MLiqsCy5dCmCFPv
IwQyl+j0UMBc7kPoXO/+++V9yGbU2Tn/LuKGQYzNu9BnFkFlNAzl/3OcYV5dMxMM
C3YGR3ns3vKWDW1exRZsgIcwFgHXc8ZrtZky/wMqWOxB38mtINEsJ4kU0iFZkz4O
eQo2+NCdCVnQq0Pksx4shx4zyIfupj3E8g4Ak4rqKWjEIZgbZA5hpdVFYIi8LJN9
xX/KqI1k3iSh2GyLtWhd0sIqVOeeN7aIP6EBN5KasukTa0uLShlldOC5XGARBfP1
lZqIGSyrVtmhyBxf9wjr
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:11:54 2025 by rpki-client