Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/0aWlvOaQeg6C7qoIslfhpoQj-hI.roa
File: 0aWlvOaQeg6C7qoIslfhpoQj-hI.roa (raw, json)
Hash identifier: M7FVAmaHQ1d/cnM1YNysYIpo8QBsVyHGe/2NcMowJJQ=
Subject key identifier: D1:A5:A5:BC:E6:90:7A:0E:82:EE:AA:08:B2:57:E1:A6:84:23:FA:12
Certificate issuer: /CN=485ddb678c4c0d0c488efd3b8367142189f3358a
Certificate serial: 01916EE31AF6CD81A4A6BC22D4125A26703D
Authority key identifier: 48:5D:DB:67:8C:4C:0D:0C:48:8E:FD:3B:83:67:14:21:89:F3:35:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF3bZ4xMDQxIjv07g2cUIYnzNYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/0aWlvOaQeg6C7qoIslfhpoQj-hI.roa
Signing time: Tue 20 Aug 2024 08:24:22 +0000
ROA not before: Tue 20 Aug 2024 08:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43633
IP address blocks: 109.235.8.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6e:e3:1a:f6:cd:81:a4:a6:bc:22:d4:12:5a:26:70:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=485ddb678c4c0d0c488efd3b8367142189f3358a
Validity
Not Before: Aug 20 08:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1a5a5bce6907a0e82eeaa08b257e1a68423fa12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4a:11:5c:db:24:ea:32:dc:77:ce:92:39:78:
c8:48:b7:07:10:10:b3:d1:16:43:7b:b8:dd:c9:de:
67:1f:88:ff:fa:4c:cc:d1:73:e8:36:4d:56:fa:ae:
a4:74:9d:0b:e3:37:d6:1a:37:4b:79:3c:b1:68:d0:
dc:a5:6a:85:d5:a8:0a:92:87:94:a8:8b:3f:1f:02:
d5:a5:84:9e:91:50:44:ac:89:99:7d:4b:44:c8:70:
d9:7b:49:51:4b:23:78:94:04:ee:1a:13:cc:db:81:
e3:24:5e:64:96:55:e0:37:4e:9c:7c:9c:bc:cf:e7:
53:14:57:3a:81:f9:03:62:01:75:c2:02:26:09:47:
5e:9e:a3:22:0f:71:77:bc:84:57:7b:6e:29:e3:ce:
b7:40:08:79:ab:40:10:8e:06:78:c8:20:a4:dd:7a:
7f:ec:fe:98:31:28:8f:a2:b3:00:59:a1:63:70:aa:
69:fb:5b:25:a2:a0:8b:9c:47:04:36:88:3b:6d:03:
6c:22:34:7a:7a:93:7a:d1:51:32:24:11:4c:8f:4d:
0b:0d:09:db:4f:a4:ca:d4:14:81:39:5f:35:ae:da:
82:48:07:a2:ff:32:c3:f8:7f:2a:01:28:20:3d:c6:
11:41:70:05:0e:f5:df:b2:b2:dd:72:99:71:8f:3f:
30:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:A5:A5:BC:E6:90:7A:0E:82:EE:AA:08:B2:57:E1:A6:84:23:FA:12
X509v3 Authority Key Identifier:
keyid:48:5D:DB:67:8C:4C:0D:0C:48:8E:FD:3B:83:67:14:21:89:F3:35:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF3bZ4xMDQxIjv07g2cUIYnzNYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/0aWlvOaQeg6C7qoIslfhpoQj-hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/SF3bZ4xMDQxIjv07g2cUIYnzNYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.8.0/23
Signature Algorithm: sha256WithRSAEncryption
46:6d:e9:0d:3c:bc:07:10:9e:ec:27:36:db:df:3b:91:d1:9b:
31:fc:92:84:95:e5:79:65:c2:00:3a:34:26:d7:4b:42:48:3e:
c3:88:c6:f9:a6:d1:d8:72:e8:c0:ae:59:bb:84:4b:cb:ad:aa:
47:92:e1:a8:b3:c4:a6:7c:f0:7a:2d:54:e3:ec:fe:b2:56:3d:
ec:62:5b:29:6d:73:07:18:77:5e:14:71:c3:4a:36:46:f1:b5:
72:7e:1b:48:0e:0d:33:9a:76:80:25:8d:18:47:73:c2:1f:61:
e1:4f:07:b7:47:9c:b6:61:ed:3f:f7:06:e2:e1:0f:d5:b6:5a:
25:df:cf:2a:21:d1:ec:d0:00:5e:5b:c0:19:f7:1f:50:90:d1:
e2:88:56:d0:5e:ce:e2:e3:49:a4:c5:96:9b:15:75:18:9a:aa:
5a:dc:b3:39:f0:5c:a2:e7:6f:d0:34:9f:7a:b7:fe:46:0e:70:
8a:38:e8:35:4d:0f:b1:c1:5c:aa:f5:ce:03:f7:24:81:70:29:
c4:e9:c6:9d:a3:c6:50:fb:bb:8f:ba:06:d5:02:4d:9c:10:4e:
d2:ba:bb:75:dc:f1:93:c5:81:e6:c0:5d:29:93:5e:34:c1:06:
a7:4d:06:c6:83:40:bd:40:3c:d0:8a:66:00:2a:98:64:2a:66:
0d:52:86:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFu4xr2zYGkprwi1BJaJnA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NWRkYjY3OGM0YzBkMGM0ODhlZmQzYjgzNjcxNDIxODlm
MzM1OGEwHhcNMjQwODIwMDgyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWE1YTViY2U2OTA3YTBlODJlZWFhMDhiMjU3ZTFhNjg0MjNmYTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEoRXNsk6jLcd86SOXjISLcHEBCz
0RZDe7jdyd5nH4j/+kzM0XPoNk1W+q6kdJ0L4zfWGjdLeTyxaNDcpWqF1agKkoeU
qIs/HwLVpYSekVBErImZfUtEyHDZe0lRSyN4lATuGhPM24HjJF5kllXgN06cfJy8
z+dTFFc6gfkDYgF1wgImCUdenqMiD3F3vIRXe24p4863QAh5q0AQjgZ4yCCk3Xp/
7P6YMSiPorMAWaFjcKpp+1sloqCLnEcENog7bQNsIjR6epN60VEyJBFMj00LDQnb
T6TK1BSBOV81rtqCSAei/zLD+H8qASggPcYRQXAFDvXfsrLdcplxjz8wMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGlpbzmkHoOgu6qCLJX4aaEI/oSMB8GA1UdIwQY
MBaAFEhd22eMTA0MSI79O4NnFCGJ8zWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0YzYlo0eE1EUXhJanYwN2cyY1VJWW56TllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iZWIyMDAtZTVkNi00Njk2LWFlMjUt
ZGViZmNkOWViMjBlLzEvMGFXbHZPYVFlZzZDN3FvSXNsZmhwb1FqLWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iZWIyMDAtZTVkNi00Njk2LWFlMjUtZGViZmNkOWViMjBl
LzEvU0YzYlo0eE1EUXhJanYwN2cyY1VJWW56TllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbesIMA0G
CSqGSIb3DQEBCwUAA4IBAQBGbekNPLwHEJ7sJzbb3zuR0Zsx/JKEleV5ZcIAOjQm
10tCSD7DiMb5ptHYcujArlm7hEvLrapHkuGos8SmfPB6LVTj7P6yVj3sYlspbXMH
GHdeFHHDSjZG8bVyfhtIDg0zmnaAJY0YR3PCH2HhTwe3R5y2Ye0/9wbi4Q/Vtlol
388qIdHs0ABeW8AZ9x9QkNHiiFbQXs7i40mkxZabFXUYmqpa3LM58Fyi52/QNJ96
t/5GDnCKOOg1TQ+xwVyq9c4D9ySBcCnE6cado8ZQ+7uPugbVAk2cEE7Surt13PGT
xYHmwF0pk140wQanTQbGg0C9QDzQimYAKphkKmYNUobB
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:23:21 2025 by rpki-client