Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/9zpHB2T8Po66Zpqntk1oP2gfJuA.roa
File: 9zpHB2T8Po66Zpqntk1oP2gfJuA.roa (raw, json)
Hash identifier: 1slANMozWWbTS0/e1xNuKvqS8NBJ30zeoShJwMyPWX4=
Subject key identifier: F7:3A:47:07:64:FC:3E:8E:BA:66:9A:A7:B6:4D:68:3F:68:1F:26:E0
Certificate issuer: /CN=becec531e5c37756b828663f9cc20ad6217713ac
Certificate serial: 018CC56DE4FCE6F04DA58A8F5961C5255B60
Authority key identifier: BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/9zpHB2T8Po66Zpqntk1oP2gfJuA.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213283
IP address blocks: 164.133.24.0/24 maxlen: 24
164.133.22.0/24 maxlen: 24
164.133.23.0/24 maxlen: 24
164.133.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e4:fc:e6:f0:4d:a5:8a:8f:59:61:c5:25:5b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=becec531e5c37756b828663f9cc20ad6217713ac
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f73a470764fc3e8eba669aa7b64d683f681f26e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:48:95:18:83:fd:cd:fe:59:0d:4f:97:9c:68:
44:b7:15:5b:30:96:da:ac:15:1d:97:ec:5f:75:dd:
3e:2e:7a:2c:3a:93:8a:0a:8a:96:6a:25:4b:8b:fe:
fa:ba:d4:5f:7b:1f:05:11:06:db:e2:13:66:f3:e2:
c1:ec:37:e8:e4:d3:65:97:21:78:7b:07:bf:c1:53:
98:f5:de:62:3f:45:3b:29:f7:a6:f3:af:26:c0:2e:
fc:e7:d6:00:c5:9b:d5:61:5e:ae:e6:11:0e:9d:80:
59:c5:e3:da:06:67:0c:03:5e:a6:45:17:6b:c5:e7:
ae:7f:a3:1f:32:39:7b:cc:2b:ae:53:f6:51:91:79:
bc:a6:1e:71:92:73:ae:d9:43:60:69:36:da:91:7e:
4e:e8:72:0d:98:6a:de:f9:5b:04:33:ab:a0:12:00:
19:0b:22:d9:be:89:4d:42:4c:59:26:0f:e9:c0:fe:
bb:c5:07:de:05:05:ed:af:7e:10:7e:e1:ba:d2:3a:
18:33:f0:e4:81:92:30:bf:9b:c2:c3:ae:6c:54:58:
c7:ce:b3:03:a7:1c:3d:7b:0b:fe:78:0f:71:82:2d:
24:8e:14:9e:68:ae:73:df:e5:59:82:72:52:82:5f:
dd:e5:57:d4:11:49:6f:5a:b5:05:b4:5b:d9:34:fe:
7b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3A:47:07:64:FC:3E:8E:BA:66:9A:A7:B6:4D:68:3F:68:1F:26:E0
X509v3 Authority Key Identifier:
keyid:BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/9zpHB2T8Po66Zpqntk1oP2gfJuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/vs7FMeXDd1a4KGY_nMIK1iF3E6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.133.22.0-164.133.25.255
Signature Algorithm: sha256WithRSAEncryption
6e:12:d9:8d:d3:f1:3c:75:30:db:74:71:1e:97:15:58:da:57:
b8:56:dc:d3:16:16:c8:37:9a:09:70:fb:07:23:6f:cf:74:e3:
8c:f4:c2:91:4a:ef:44:e0:76:89:6e:56:a2:88:4b:ac:23:40:
f8:01:44:b3:e1:b9:77:9c:4a:6a:21:43:83:f0:b2:c8:2d:6f:
89:d3:35:5c:6b:a3:ad:c0:e1:77:be:35:8f:e5:3a:10:41:d1:
5c:e5:29:a7:8f:a5:1a:fd:de:13:2c:ba:a9:14:de:dc:22:15:
25:d3:eb:83:de:5a:b2:d9:5e:87:26:58:ab:0f:b2:c8:a6:b0:
d1:2f:37:57:af:c3:8d:97:ef:8b:12:03:21:9b:b5:a2:1e:02:
67:91:d1:ab:f3:2b:ba:65:24:9f:3b:4e:70:0a:26:9e:5b:26:
a0:92:58:5b:ab:8c:04:25:fc:29:91:96:e0:de:18:80:eb:3d:
49:7a:83:bb:3a:58:1d:38:d1:a7:eb:bb:9f:07:20:50:4f:a9:
55:f2:a1:f1:c4:5e:31:2b:3e:41:0c:91:89:1a:a5:0c:fa:9d:
4a:2c:35:c4:8c:fa:88:6e:9d:42:a5:84:16:4c:eb:86:01:8b:
99:78:d6:32:f8:2a:b0:ab:65:e6:67:1c:bf:d3:22:ee:91:35:
6f:93:bb:fe
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFbeT85vBNpYqPWWHFJVtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlY2VjNTMxZTVjMzc3NTZiODI4NjYzZjljYzIwYWQ2MjE3
NzEzYWMwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzNhNDcwNzY0ZmMzZThlYmE2NjlhYTdiNjRkNjgzZjY4MWYyNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkiVGIP9zf5ZDU+XnGhEtxVbMJba
rBUdl+xfdd0+LnosOpOKCoqWaiVLi/76utRfex8FEQbb4hNm8+LB7Dfo5NNllyF4
ewe/wVOY9d5iP0U7Kfem868mwC7859YAxZvVYV6u5hEOnYBZxePaBmcMA16mRRdr
xeeuf6MfMjl7zCuuU/ZRkXm8ph5xknOu2UNgaTbakX5O6HINmGre+VsEM6ugEgAZ
CyLZvolNQkxZJg/pwP67xQfeBQXtr34QfuG60joYM/DkgZIwv5vCw65sVFjHzrMD
pxw9ewv+eA9xgi0kjhSeaK5z3+VZgnJSgl/d5VfUEUlvWrUFtFvZNP57QwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPc6Rwdk/D6Oumaap7ZNaD9oHybgMB8GA1UdIwQY
MBaAFL7OxTHlw3dWuChmP5zCCtYhdxOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnM3Rk1lWERkMWE0S0dZX25NSUsxaUYzRTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYmNiOGItYTNmOC00OGNjLThkYjkt
M2RmOWUyMWY0YmNjLzEvOXpwSEIyVDhQbzY2WnBxbnRrMW9QMmdmSnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYmNiOGItYTNmOC00OGNjLThkYjktM2RmOWUyMWY0YmNj
LzEvdnM3Rk1lWERkMWE0S0dZX25NSUsxaUYzRTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGkhRYD
BAGkhRgwDQYJKoZIhvcNAQELBQADggEBAG4S2Y3T8Tx1MNt0cR6XFVjaV7hW3NMW
Fsg3mglw+wcjb89044z0wpFK70TgdoluVqKIS6wjQPgBRLPhuXecSmohQ4Pwssgt
b4nTNVxro63A4Xe+NY/lOhBB0VzlKaePpRr93hMsuqkU3twiFSXT64PeWrLZXocm
WKsPssimsNEvN1evw42X74sSAyGbtaIeAmeR0avzK7plJJ87TnAKJp5bJqCSWFur
jAQl/CmRluDeGIDrPUl6g7s6WB040afru58HIFBPqVXyofHEXjErPkEMkYkapQz6
nUosNcSM+ohunUKlhBZM64YBi5l41jL4KrCrZeZnHL/TIu6RNW+Tu/4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:32 2025 by rpki-client