Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/8IPy-th6QBkZVGcJBRGxaY1ixxE.roa
File: 8IPy-th6QBkZVGcJBRGxaY1ixxE.roa (raw, json)
Hash identifier: fD6Nl6TCQyt8AiPaTgCfKVtFsiJXNxpYLFBwwdK0IYw=
Subject key identifier: F0:83:F2:FA:D8:7A:40:19:19:54:67:09:05:11:B1:69:8D:62:C7:11
Certificate issuer: /CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Certificate serial: 0194BC4B1BCD759F9F44F1F3137C128859D0
Authority key identifier: F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/8IPy-th6QBkZVGcJBRGxaY1ixxE.roa
Signing time: Fri 31 Jan 2025 12:17:06 +0000
ROA not before: Fri 31 Jan 2025 12:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202098
IP address blocks: 158.47.10.0/23 maxlen: 24
158.47.200.0/21 maxlen: 21
158.47.208.0/21 maxlen: 24
158.47.216.0/21 maxlen: 24
158.47.224.0/19 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Apr 2025 08:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:4b:1b:cd:75:9f:9f:44:f1:f3:13:7c:12:88:59:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7822d4597e5493d15178bfb10e6841dd17e5897
Validity
Not Before: Jan 31 12:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f083f2fad87a4019195467090511b1698d62c711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:16:65:5d:af:c9:75:95:c4:82:8c:ac:0c:7f:
77:72:a7:a7:21:80:6a:76:94:a7:f8:61:02:23:ff:
06:46:4e:cd:e2:a6:e5:f8:b8:26:af:bb:67:21:7b:
bf:9e:65:68:38:ac:44:68:bf:65:ea:66:9a:4d:53:
8b:62:59:99:1f:83:5b:bd:c9:ba:0f:53:18:ef:59:
cf:58:da:62:18:15:89:2e:51:c3:b9:3b:49:36:c3:
3c:f6:51:da:a8:8f:6d:2b:2d:a0:2d:c5:ac:6d:ab:
c4:14:d1:35:f2:57:bd:bb:19:74:92:0c:07:69:bd:
63:f7:26:b2:ad:92:a1:8d:0e:3d:42:3a:3c:b6:40:
63:6e:05:2e:75:b1:19:7f:8d:70:d0:03:15:49:ad:
d4:a5:cc:c2:e0:e8:c9:7d:eb:74:b9:0e:6a:48:22:
61:d1:57:c9:56:c7:dd:0d:3a:3b:84:da:d4:6c:75:
93:b0:b7:81:bb:1b:d9:6a:b3:e0:23:b5:20:70:9a:
af:cb:91:7b:49:03:d8:04:d6:54:bd:ff:c2:e4:84:
b2:0d:71:ae:cb:c3:28:d3:3f:d4:e0:f5:f1:6d:f9:
ee:04:da:2e:b7:41:a1:ad:02:6a:14:09:c2:b9:6c:
7e:51:53:2b:77:4b:19:4f:c4:c2:90:13:ed:a8:4b:
16:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:83:F2:FA:D8:7A:40:19:19:54:67:09:05:11:B1:69:8D:62:C7:11
X509v3 Authority Key Identifier:
keyid:F7:82:2D:45:97:E5:49:3D:15:17:8B:FB:10:E6:84:1D:D1:7E:58:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/94ItRZflST0VF4v7EOaEHdF-WJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/8IPy-th6QBkZVGcJBRGxaY1ixxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/31081a-8b5a-49ec-9036-862e99973fc3/1/94ItRZflST0VF4v7EOaEHdF-WJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.47.10.0/23
158.47.200.0-158.47.255.255
Signature Algorithm: sha256WithRSAEncryption
ab:3d:e0:d4:d3:bd:13:93:09:b0:83:6b:df:ae:0f:96:8e:4a:
cd:ce:51:b8:b8:52:03:c5:1e:69:f5:29:7b:1e:2d:9e:75:77:
66:8b:24:d1:b5:f2:d8:f5:de:69:13:86:80:ee:62:60:d0:f3:
6d:ab:29:fb:55:9e:cb:a0:b4:13:dd:5a:59:35:f1:73:1d:09:
e2:cf:58:38:b2:43:54:ac:b8:bd:3d:a4:69:27:f7:5d:61:2b:
3b:bd:fe:e5:ca:66:07:e4:52:22:1d:1f:43:5c:1c:e9:66:74:
86:04:cd:59:07:b3:c8:0a:22:df:a9:7f:8e:56:98:ab:47:43:
b4:ff:73:53:24:27:2c:ab:42:02:67:a7:35:d6:de:9c:87:52:
c9:7c:ad:9b:46:01:e3:fb:c8:28:9f:bb:31:d4:7c:46:17:02:
26:88:12:c2:4d:97:60:6d:55:1d:54:4b:0a:4b:53:d0:fa:31:
7b:3c:92:e3:e5:1c:ad:51:0b:4d:40:8b:9d:df:cf:d3:ea:24:
ec:dd:29:6e:cd:39:b4:01:7d:94:ac:b5:a7:a1:17:a6:4e:a5:
15:c6:84:e0:5b:44:01:32:41:8e:4f:dc:af:59:a7:18:f4:11:
da:63:f0:01:28:8a:2a:0b:71:31:98:31:fe:d3:f5:d6:d5:e3:
e5:67:6a:b6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZS8SxvNdZ+fRPHzE3wSiFnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ODIyZDQ1OTdlNTQ5M2QxNTE3OGJmYjEwZTY4NDFkZDE3
ZTU4OTcwHhcNMjUwMTMxMTIxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDgzZjJmYWQ4N2E0MDE5MTk1NDY3MDkwNTExYjE2OThkNjJjNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7xZlXa/JdZXEgoysDH93cqenIYBq
dpSn+GECI/8GRk7N4qbl+Lgmr7tnIXu/nmVoOKxEaL9l6maaTVOLYlmZH4Nbvcm6
D1MY71nPWNpiGBWJLlHDuTtJNsM89lHaqI9tKy2gLcWsbavEFNE18le9uxl0kgwH
ab1j9yayrZKhjQ49Qjo8tkBjbgUudbEZf41w0AMVSa3UpczC4OjJfet0uQ5qSCJh
0VfJVsfdDTo7hNrUbHWTsLeBuxvZarPgI7UgcJqvy5F7SQPYBNZUvf/C5ISyDXGu
y8Mo0z/U4PXxbfnuBNout0GhrQJqFAnCuWx+UVMrd0sZT8TCkBPtqEsW9wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPCD8vrYekAZGVRnCQURsWmNYscRMB8GA1UdIwQY
MBaAFPeCLUWX5Uk9FReL+xDmhB3RfliXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYt
ODYyZTk5OTczZmMzLzEvOElQeS10aDZRQmtaVkdjSkJSR3hhWTFpeHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8zMTA4MWEtOGI1YS00OWVjLTkwMzYtODYyZTk5OTczZmMz
LzEvOTRJdFJaZmxTVDBWRjR2N0VPYUVIZEYtV0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwQBni8KMAsD
BAOeL8gDAwSeIDANBgkqhkiG9w0BAQsFAAOCAQEAqz3g1NO9E5MJsINr364Plo5K
zc5RuLhSA8UeafUpex4tnnV3Zosk0bXy2PXeaROGgO5iYNDzbasp+1Wey6C0E91a
WTXxcx0J4s9YOLJDVKy4vT2kaSf3XWErO73+5cpmB+RSIh0fQ1wc6WZ0hgTNWQez
yAoi36l/jlaYq0dDtP9zUyQnLKtCAmenNdbenIdSyXytm0YB4/vIKJ+7MdR8RhcC
JogSwk2XYG1VHVRLCktT0PoxezyS4+UcrVELTUCLnd/P0+ok7N0pbs05tAF9lKy1
p6EXpk6lFcaE4FtEATJBjk/cr1mnGPQR2mPwASiKKgtxMZgx/tP11tXj5Wdqtg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:01:17 2025 by rpki-client