Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8pbHZdRmHjgLbLXxwybpNKpp3Q.roa
File: _8pbHZdRmHjgLbLXxwybpNKpp3Q.roa (raw, json)
Hash identifier: qJlSqsDL5cmJtxq51f2t0dXHGfSQf2k7LLrn3xC8RbQ=
Subject key identifier: FF:CA:5B:1D:97:51:98:78:E0:2D:B2:D7:C7:0C:9B:A4:D2:A9:A7:74
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018ECD9E99F8F9626EFD78E74B35FAEDE5BC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8pbHZdRmHjgLbLXxwybpNKpp3Q.roa
Signing time: Thu 11 Apr 2024 14:45:07 +0000
ROA not before: Thu 11 Apr 2024 14:45:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201670
IP address blocks: 82.153.245.0/24 maxlen: 24
82.163.16.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 14:42:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:9e:99:f8:f9:62:6e:fd:78:e7:4b:35:fa:ed:e5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 11 14:45:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffca5b1d97519878e02db2d7c70c9ba4d2a9a774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:74:ae:7b:c6:f8:c9:2d:e8:5a:db:45:ef:88:
1c:5d:e7:6a:11:0a:76:66:d4:1b:30:f2:12:d3:a9:
6c:34:15:82:35:b2:42:f8:23:43:7f:be:34:af:05:
f4:3a:a7:91:29:ff:51:b1:d1:23:f7:d3:e7:12:38:
4a:e4:de:c7:91:68:c1:09:18:b6:87:22:21:4c:49:
95:86:58:e0:fe:93:49:a4:25:ac:08:de:d2:ea:cc:
ac:2b:d1:cc:d2:29:f5:7c:17:34:d7:14:b1:b2:10:
79:8f:89:fc:a5:bd:04:16:4a:e6:81:58:94:b2:23:
5f:e0:fd:02:57:2f:7f:6f:65:0c:8e:10:51:2e:cc:
2e:3e:63:c4:0e:52:1f:1b:97:92:63:82:7d:1b:87:
73:c7:93:ad:7e:73:11:c4:b6:2a:86:41:cc:69:c9:
50:03:6f:4c:8e:5b:c5:3d:34:4a:7b:37:1a:e3:e5:
2a:20:b6:c1:d5:f4:86:9b:8d:b0:7f:bc:16:31:b5:
de:b0:b4:f7:54:d3:e4:f6:b9:2d:33:a2:02:88:d6:
49:e3:6b:d5:7d:a4:7e:c3:f4:8c:80:c8:09:6d:3d:
ec:c7:d9:19:b0:8e:60:3c:ad:b8:45:ac:ea:8b:1e:
5b:05:c3:f4:55:92:31:5f:1a:a2:2c:9f:43:3a:1e:
bd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CA:5B:1D:97:51:98:78:E0:2D:B2:D7:C7:0C:9B:A4:D2:A9:A7:74
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_8pbHZdRmHjgLbLXxwybpNKpp3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.245.0/24
82.163.16.0/24
109.176.193.0/24
Signature Algorithm: sha256WithRSAEncryption
65:1d:e0:37:6f:1c:03:e6:b8:0d:57:5c:f5:34:4d:80:7a:b1:
05:5e:49:78:c1:48:bc:c8:08:07:9b:68:63:7b:54:c3:60:a7:
59:3a:7f:48:33:01:7d:55:5d:d0:c8:aa:de:5b:0b:1a:74:45:
e6:a6:c1:c7:8c:cf:15:84:f5:4d:81:dc:39:45:2d:02:60:16:
02:b5:5b:31:a4:a3:06:b5:2d:f7:72:7c:6a:bb:54:21:82:27:
a1:ea:02:b7:43:b4:9a:1e:ed:7c:bc:7a:d8:22:8c:26:f1:e0:
a9:7a:fb:d3:6a:71:73:62:53:31:0d:f5:97:35:99:6e:e0:6b:
8d:b5:a8:87:13:a8:28:b7:3a:91:bd:94:1b:ca:7f:71:2e:ea:
7a:d5:b3:1c:36:fa:f3:ef:d5:f6:92:1b:61:38:8c:43:ea:e5:
11:45:2b:49:61:0e:5b:7a:ab:fc:cf:55:28:64:d5:23:1b:0e:
be:4c:71:c3:03:6e:e8:1f:1d:d5:eb:1a:87:70:2a:16:8d:0a:
bd:dd:9a:57:f7:b6:69:4a:5d:92:a3:f0:26:6c:ad:53:89:40:
ea:2b:e7:26:48:0a:7e:5f:39:65:96:16:a4:f5:0b:2b:fe:92:
19:fa:c1:8e:97:4e:2a:69:a7:ed:e5:cb:0d:a5:6a:28:b3:05:
22:75:d2:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7Nnpn4+WJu/XjnSzX67eW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDExMTQ0NTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNhNWIxZDk3NTE5ODc4ZTAyZGIyZDdjNzBjOWJhNGQyYTlhNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3Sue8b4yS3oWttF74gcXedqEQp2
ZtQbMPIS06lsNBWCNbJC+CNDf740rwX0OqeRKf9RsdEj99PnEjhK5N7HkWjBCRi2
hyIhTEmVhljg/pNJpCWsCN7S6sysK9HM0in1fBc01xSxshB5j4n8pb0EFkrmgViU
siNf4P0CVy9/b2UMjhBRLswuPmPEDlIfG5eSY4J9G4dzx5OtfnMRxLYqhkHMaclQ
A29MjlvFPTRKezca4+UqILbB1fSGm42wf7wWMbXesLT3VNPk9rktM6ICiNZJ42vV
faR+w/SMgMgJbT3sx9kZsI5gPK24Razqix5bBcP0VZIxXxqiLJ9DOh69QQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP/KWx2XUZh44C2y18cMm6TSqad0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzhwYkhaZFJtSGpnTGJMWHh3eWJwTktwcDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpn1AwQA
UqMQAwQAbbDBMA0GCSqGSIb3DQEBCwUAA4IBAQBlHeA3bxwD5rgNV1z1NE2AerEF
Xkl4wUi8yAgHm2hje1TDYKdZOn9IMwF9VV3QyKreWwsadEXmpsHHjM8VhPVNgdw5
RS0CYBYCtVsxpKMGtS33cnxqu1Qhgieh6gK3Q7SaHu18vHrYIowm8eCpevvTanFz
YlMxDfWXNZlu4GuNtaiHE6gotzqRvZQbyn9xLup61bMcNvrz79X2khthOIxD6uUR
RStJYQ5beqv8z1UoZNUjGw6+THHDA27oHx3V6xqHcCoWjQq93ZpX97ZpSl2So/Am
bK1TiUDqK+cmSAp+Xzlllhak9Qsr/pIZ+sGOl04qaaft5csNpWooswUiddJD
-----END CERTIFICATE-----
Generated at Sat May 17 02:26:56 2025 by rpki-client