Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/xI8Cw_DdDkw9UtNyoktzWIXYB6U.roa
File: xI8Cw_DdDkw9UtNyoktzWIXYB6U.roa (raw, json)
Hash identifier: nWRrP/zVUsUAM+4qRHAWGPGyRiC/6lZdsM6gPuWsxj4=
Subject key identifier: C4:8F:02:C3:F0:DD:0E:4C:3D:52:D3:72:A2:4B:73:58:85:D8:07:A5
Certificate issuer: /CN=24f4b9f485642089f36b174d9642dc4837ff4d24
Certificate serial: 0194FEF64F7B03DDEDE142C634927A578B2D
Authority key identifier: 24:F4:B9:F4:85:64:20:89:F3:6B:17:4D:96:42:DC:48:37:FF:4D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JPS59IVkIInzaxdNlkLcSDf_TSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/xI8Cw_DdDkw9UtNyoktzWIXYB6U.roa
Signing time: Thu 13 Feb 2025 10:59:02 +0000
ROA not before: Thu 13 Feb 2025 10:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215130
IP address blocks: 83.142.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 17:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fe:f6:4f:7b:03:dd:ed:e1:42:c6:34:92:7a:57:8b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24f4b9f485642089f36b174d9642dc4837ff4d24
Validity
Not Before: Feb 13 10:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c48f02c3f0dd0e4c3d52d372a24b735885d807a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:c3:43:04:50:d1:6e:e4:48:44:31:55:b4:
b2:5f:b1:ff:c4:a1:53:6c:25:7d:9f:15:46:eb:78:
be:83:b5:d8:e2:a6:e5:2c:d6:7d:be:3e:83:31:09:
de:e0:a9:8c:44:e6:d6:ce:71:2d:3b:f2:bd:04:e4:
e2:55:cc:4b:65:fc:ac:40:2b:96:70:f5:c0:36:7c:
13:33:a2:4f:4f:1b:48:de:dd:8d:57:62:5c:82:4b:
eb:c1:cf:1d:63:c8:43:c9:8b:46:5b:23:2a:81:a7:
85:3e:a9:cf:d5:e1:89:3d:cf:04:4d:ac:00:80:ff:
71:cf:ab:c8:53:f9:5d:c7:4d:9c:c2:f4:70:e8:bd:
fa:4d:34:81:e9:54:32:e5:3d:7e:28:18:11:fc:34:
29:21:5b:9d:9f:84:1d:5f:4c:01:95:88:cc:e7:59:
fe:c0:f6:88:c9:70:52:ad:1e:c9:9c:72:65:1a:7d:
b6:dd:bd:eb:e0:98:ed:43:ec:06:cb:25:60:d8:63:
d1:40:b1:25:37:a4:aa:b8:5b:94:50:f1:2c:d7:15:
e6:4d:3e:d6:be:41:94:4c:7a:e4:1a:03:37:5c:9d:
f5:5f:1f:d8:b8:71:ec:87:ae:e5:4d:a5:8d:1c:96:
d9:a3:5a:8a:c3:f2:19:42:e1:0d:b9:60:c7:00:6e:
e3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:8F:02:C3:F0:DD:0E:4C:3D:52:D3:72:A2:4B:73:58:85:D8:07:A5
X509v3 Authority Key Identifier:
keyid:24:F4:B9:F4:85:64:20:89:F3:6B:17:4D:96:42:DC:48:37:FF:4D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JPS59IVkIInzaxdNlkLcSDf_TSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/xI8Cw_DdDkw9UtNyoktzWIXYB6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c47e90-0f08-463b-8810-c07b98f6e765/1/JPS59IVkIInzaxdNlkLcSDf_TSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.28.0/24
Signature Algorithm: sha256WithRSAEncryption
40:59:2c:31:e8:f5:c7:1a:3d:d4:ca:e9:37:60:6a:b5:4f:d4:
cf:b7:fe:6f:1b:ba:7e:15:45:6c:3f:1c:22:82:e1:dc:c0:1d:
50:d9:b5:79:cd:eb:72:65:78:cc:3a:e7:a1:1a:62:cf:a3:e4:
b7:b8:18:47:6a:d0:27:7d:48:d2:d7:eb:18:7e:73:f8:86:d7:
ea:4b:8c:36:4d:02:04:34:92:60:3d:9d:23:da:19:e5:19:b8:
21:e4:80:1a:28:86:ee:63:25:a1:3f:5c:97:76:ed:dc:f3:a9:
8f:75:13:e5:45:dd:a2:9b:22:c7:51:b3:42:a3:48:5d:1f:7a:
f3:0d:83:82:de:7a:aa:4d:37:4f:34:77:de:9f:9a:1b:89:15:
5d:38:f0:6d:ae:d1:f4:8f:b0:05:da:34:72:29:dc:a9:1d:9e:
fb:f5:ee:2d:21:af:a6:7e:fd:d1:78:e7:5c:cf:3c:24:c0:58:
cb:06:5a:46:0f:78:f0:43:9f:8c:a9:7b:c2:aa:2b:ff:c1:34:
a5:27:13:3b:c3:a3:d6:3b:88:ac:d6:ea:2c:b6:8f:0d:d0:db:
61:81:6e:78:2d:3b:87:61:65:e0:4a:44:47:5d:4b:5c:2b:dd:
e0:ad:ab:00:d3:45:5e:71:b8:15:b4:8e:3d:57:33:90:52:f1:
0f:be:ff:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZT+9k97A93t4ULGNJJ6V4stMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZjRiOWY0ODU2NDIwODlmMzZiMTc0ZDk2NDJkYzQ4Mzdm
ZjRkMjQwHhcNMjUwMjEzMTA1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDhmMDJjM2YwZGQwZTRjM2Q1MmQzNzJhMjRiNzM1ODg1ZDgwN2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPfDQwRQ0W7kSEQxVbSyX7H/xKFT
bCV9nxVG63i+g7XY4qblLNZ9vj6DMQne4KmMRObWznEtO/K9BOTiVcxLZfysQCuW
cPXANnwTM6JPTxtI3t2NV2Jcgkvrwc8dY8hDyYtGWyMqgaeFPqnP1eGJPc8ETawA
gP9xz6vIU/ldx02cwvRw6L36TTSB6VQy5T1+KBgR/DQpIVudn4QdX0wBlYjM51n+
wPaIyXBSrR7JnHJlGn223b3r4JjtQ+wGyyVg2GPRQLElN6SquFuUUPEs1xXmTT7W
vkGUTHrkGgM3XJ31Xx/YuHHsh67lTaWNHJbZo1qKw/IZQuENuWDHAG7jSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSPAsPw3Q5MPVLTcqJLc1iF2AelMB8GA1UdIwQY
MBaAFCT0ufSFZCCJ82sXTZZC3Eg3/00kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlBTNTlJVmtJSW56YXhkTmxrTGNTRGZfVFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jNDdlOTAtMGYwOC00NjNiLTg4MTAt
YzA3Yjk4ZjZlNzY1LzEveEk4Q3dfRGREa3c5VXROeW9rdHpXSVhZQjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jNDdlOTAtMGYwOC00NjNiLTg4MTAtYzA3Yjk4ZjZlNzY1
LzEvSlBTNTlJVmtJSW56YXhkTmxrTGNTRGZfVFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU44cMA0G
CSqGSIb3DQEBCwUAA4IBAQBAWSwx6PXHGj3Uyuk3YGq1T9TPt/5vG7p+FUVsPxwi
guHcwB1Q2bV5zetyZXjMOuehGmLPo+S3uBhHatAnfUjS1+sYfnP4htfqS4w2TQIE
NJJgPZ0j2hnlGbgh5IAaKIbuYyWhP1yXdu3c86mPdRPlRd2imyLHUbNCo0hdH3rz
DYOC3nqqTTdPNHfen5obiRVdOPBtrtH0j7AF2jRyKdypHZ779e4tIa+mfv3ReOdc
zzwkwFjLBlpGD3jwQ5+MqXvCqiv/wTSlJxM7w6PWO4is1uosto8N0NthgW54LTuH
YWXgSkRHXUtcK93grasA00VecbgVtI49VzOQUvEPvv8C
-----END CERTIFICATE-----
Generated at Mon Apr 28 13:20:27 2025 by rpki-client