Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/8lppzzgAitiGEYTIPs1-yGKtBtA.roa
File: 8lppzzgAitiGEYTIPs1-yGKtBtA.roa (raw, json)
Hash identifier: LCeWPOooeEkrpVZYUVQIeKD4wPCmR0L1TClPbKyRJRg=
Subject key identifier: F2:5A:69:CF:38:00:8A:D8:86:11:84:C8:3E:CD:7E:C8:62:AD:06:D0
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 018E09B32CB8A08F1BF0ABB16725737F4E39
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/8lppzzgAitiGEYTIPs1-yGKtBtA.roa
Signing time: Mon 04 Mar 2024 13:42:01 +0000
ROA not before: Mon 04 Mar 2024 13:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215384
IP address blocks: 193.9.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Mar 2024 15:47:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:09:b3:2c:b8:a0:8f:1b:f0:ab:b1:67:25:73:7f:4e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Mar 4 13:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f25a69cf38008ad8861184c83ecd7ec862ad06d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7d:f2:c6:c1:d7:26:08:58:8b:4b:97:7f:47:
3e:da:2e:1a:e2:96:de:88:7b:20:13:3f:6d:0a:ce:
55:67:80:d2:c4:0c:86:cb:04:bc:1b:82:09:44:67:
4d:92:ad:84:44:a2:ca:12:ce:75:76:7e:6b:43:42:
41:5f:1c:45:22:27:18:96:d0:2b:44:10:1c:dd:78:
ae:aa:1e:65:b5:1b:7c:d1:f4:b1:ea:13:1e:d7:ad:
a1:67:a1:12:e2:a0:cd:55:c4:f3:e3:6f:0d:06:b2:
15:dd:00:2c:d0:b0:7a:83:12:27:41:50:d5:56:2c:
3e:b6:2c:5e:7c:8f:08:dc:c9:2c:ce:7d:36:60:89:
ab:2a:d8:29:e1:11:c7:fc:22:69:d6:02:b9:f2:11:
8f:06:19:34:0f:f4:bd:b6:46:64:bd:8a:00:67:fb:
40:d3:d4:91:b7:08:cd:3e:6f:e6:f9:65:9d:87:5b:
35:55:96:e7:f4:fa:bf:23:01:73:85:b1:57:18:fe:
29:e6:c3:91:f2:27:f8:28:71:d1:de:18:ca:a2:db:
fe:d9:51:c4:ed:cd:5e:23:1e:34:e8:98:27:d0:38:
a1:3f:e8:d0:48:52:ce:bc:48:07:4f:fb:96:93:cd:
36:33:1e:1f:40:59:1f:26:72:fd:c4:74:cc:ed:22:
84:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5A:69:CF:38:00:8A:D8:86:11:84:C8:3E:CD:7E:C8:62:AD:06:D0
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/8lppzzgAitiGEYTIPs1-yGKtBtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.9.47.0/24
Signature Algorithm: sha256WithRSAEncryption
63:f5:7a:67:e4:73:fc:eb:74:6b:5d:8a:59:c1:8a:f8:a2:d2:
e7:e1:fb:06:83:9c:b9:0b:66:29:e5:e7:4e:db:f6:76:84:01:
a8:52:80:58:02:ad:b7:5a:0a:77:4d:64:05:99:0e:f2:9f:4f:
04:a3:fa:be:eb:31:c6:e4:f2:3a:63:01:67:2c:5e:13:d6:b6:
57:5d:23:09:08:76:34:de:29:a3:f0:f5:51:aa:ca:cd:1e:37:
a5:7d:37:e4:bb:44:89:74:54:76:3c:52:ed:cc:1f:19:af:01:
f9:a4:17:05:5b:8f:24:7e:21:d3:0d:61:df:47:bb:2e:2c:f2:
4e:de:e2:57:65:8e:a9:3d:05:de:53:5f:f7:43:94:24:1f:79:
85:2c:09:d0:14:62:c6:2c:e9:71:ec:2c:b6:6d:6c:0e:ec:36:
ad:31:bb:00:96:06:ce:f8:7a:b4:ed:f9:1e:08:46:ba:f5:9e:
77:96:a3:58:59:cd:d2:fa:db:8d:62:42:37:92:3b:74:32:11:
75:73:07:5a:1f:fa:a3:77:57:ab:53:2b:a5:b7:57:a6:1f:7f:
5a:74:b4:32:50:01:d1:66:2e:6e:7c:aa:80:e7:3c:ff:8e:4f:
58:92:fb:5d:77:7d:ac:6f:23:74:8e:ea:47:cb:01:41:d7:5d:
f6:22:90:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4Jsyy4oI8b8KuxZyVzf045MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQwMzA0MTM0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVhNjljZjM4MDA4YWQ4ODYxMTg0YzgzZWNkN2VjODYyYWQwNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgn3yxsHXJghYi0uXf0c+2i4a4pbe
iHsgEz9tCs5VZ4DSxAyGywS8G4IJRGdNkq2ERKLKEs51dn5rQ0JBXxxFIicYltAr
RBAc3Xiuqh5ltRt80fSx6hMe162hZ6ES4qDNVcTz428NBrIV3QAs0LB6gxInQVDV
Viw+tixefI8I3Mkszn02YImrKtgp4RHH/CJp1gK58hGPBhk0D/S9tkZkvYoAZ/tA
09SRtwjNPm/m+WWdh1s1VZbn9Pq/IwFzhbFXGP4p5sOR8if4KHHR3hjKotv+2VHE
7c1eIx406Jgn0DihP+jQSFLOvEgHT/uWk802Mx4fQFkfJnL9xHTM7SKENQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJaac84AIrYhhGEyD7NfshirQbQMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvOGxwcHp6Z0FpdGlHRVlUSVBzMS15R0t0QnRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQkvMA0G
CSqGSIb3DQEBCwUAA4IBAQBj9Xpn5HP863RrXYpZwYr4otLn4fsGg5y5C2Yp5edO
2/Z2hAGoUoBYAq23Wgp3TWQFmQ7yn08Eo/q+6zHG5PI6YwFnLF4T1rZXXSMJCHY0
3imj8PVRqsrNHjelfTfku0SJdFR2PFLtzB8ZrwH5pBcFW48kfiHTDWHfR7suLPJO
3uJXZY6pPQXeU1/3Q5QkH3mFLAnQFGLGLOlx7Cy2bWwO7DatMbsAlgbO+Hq07fke
CEa69Z53lqNYWc3S+tuNYkI3kjt0MhF1cwdaH/qjd1erUyult1emH39adLQyUAHR
Zi5ufKqA5zz/jk9Ykvtdd32sbyN0jupHywFB1132IpDP
-----END CERTIFICATE-----
Generated at Thu May 1 07:20:14 2025 by rpki-client