Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/e1ab57-9c25-4b8f-b56e-4f5212290769/1/nDvnMS3XeNV7Qh_jlK4V6bj3OMc.roa
File: nDvnMS3XeNV7Qh_jlK4V6bj3OMc.roa (raw, json)
Hash identifier: q+0MWhxx1aku7HHQzVt6GJhLjg5kJig8jtqcKUNHGU8=
Subject key identifier: 9C:3B:E7:31:2D:D7:78:D5:7B:42:1F:E3:94:AE:15:E9:B8:F7:38:C7
Certificate issuer: /CN=100e44c92ad493118a4ad2ba81145f1d34a18bca
Certificate serial: 018CC8DEA9761318C9625C5DF0B78D49490B
Authority key identifier: 10:0E:44:C9:2A:D4:93:11:8A:4A:D2:BA:81:14:5F:1D:34:A1:8B:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EA5EySrUkxGKStK6gRRfHTShi8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/e1ab57-9c25-4b8f-b56e-4f5212290769/1/nDvnMS3XeNV7Qh_jlK4V6bj3OMc.roa
Signing time: Tue 02 Jan 2024 06:31:24 +0000
ROA not before: Tue 02 Jan 2024 06:31:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202367
IP address blocks: 194.107.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:a9:76:13:18:c9:62:5c:5d:f0:b7:8d:49:49:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=100e44c92ad493118a4ad2ba81145f1d34a18bca
Validity
Not Before: Jan 2 06:31:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c3be7312dd778d57b421fe394ae15e9b8f738c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:14:28:21:ee:1c:71:00:ef:78:4c:0d:d4:
a9:7d:62:4f:61:6d:28:38:aa:82:a3:8f:df:14:8a:
51:e3:25:15:ba:1b:ee:db:73:4a:e9:3b:d0:ad:d2:
17:e7:c7:24:d9:48:d6:ef:29:94:3f:4c:b0:93:6d:
45:74:fd:9f:56:2e:a0:9c:e7:7b:ed:b2:31:b6:2f:
78:3b:5c:39:c9:d0:35:ea:f1:83:18:1b:23:fa:ed:
e4:63:56:8c:08:a1:a0:c8:b3:7d:55:d3:58:9f:24:
1f:d5:7a:53:09:8e:5c:45:26:02:d9:fa:99:42:ed:
0c:96:53:cd:e3:77:34:a3:6a:70:fe:3e:76:7c:52:
8a:38:21:83:c7:07:0b:e3:d8:18:98:2b:a7:d8:f7:
7a:6c:4b:f9:ae:00:a5:9a:7f:05:94:2d:85:1a:ba:
05:ff:a9:9d:d1:14:60:6d:66:20:94:d9:e7:03:a6:
b4:bd:4a:2c:a1:89:43:ed:8e:0d:1e:c8:f3:d1:13:
1c:fa:e5:20:1c:63:36:80:21:a7:e6:3d:44:72:fa:
9a:0d:ce:3a:eb:25:76:ac:89:64:da:a2:55:68:4a:
55:10:17:32:0b:e0:83:89:bd:85:19:8d:0c:02:bc:
ec:ad:c4:56:bb:c8:f0:5c:a7:09:0f:c4:7f:cf:a9:
f7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3B:E7:31:2D:D7:78:D5:7B:42:1F:E3:94:AE:15:E9:B8:F7:38:C7
X509v3 Authority Key Identifier:
keyid:10:0E:44:C9:2A:D4:93:11:8A:4A:D2:BA:81:14:5F:1D:34:A1:8B:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EA5EySrUkxGKStK6gRRfHTShi8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e1ab57-9c25-4b8f-b56e-4f5212290769/1/nDvnMS3XeNV7Qh_jlK4V6bj3OMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e1ab57-9c25-4b8f-b56e-4f5212290769/1/EA5EySrUkxGKStK6gRRfHTShi8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.136.0/22
Signature Algorithm: sha256WithRSAEncryption
13:ec:ba:1e:6e:13:98:78:1c:18:56:f9:d9:5d:f0:a4:5d:8b:
a8:c6:2a:c3:24:28:eb:1a:71:38:f9:bc:ca:82:ae:2e:1b:77:
59:bc:3d:1c:c6:de:92:43:5e:28:27:87:9c:50:f3:49:64:d5:
de:38:01:87:cb:34:6a:bb:c8:32:2c:57:e1:03:7c:c5:d7:a1:
0c:6c:d0:8b:10:b5:93:24:f2:2f:8a:e6:34:8e:8e:5b:4a:fd:
08:a4:aa:51:ba:2b:cc:88:50:6b:b0:73:8f:11:3c:82:f9:35:
f4:70:43:fc:98:58:e4:45:e8:5e:ed:5d:91:0b:91:eb:2d:59:
7a:cb:45:c5:ba:64:57:3a:2f:95:22:f8:f3:8e:db:93:61:49:
d9:07:52:3f:fb:22:68:0c:b3:fc:bd:c0:86:61:f8:34:80:39:
ed:41:cf:d4:95:67:fd:2c:bd:51:6d:76:73:fa:35:64:6a:06:
aa:1f:fd:9b:20:ca:f6:0c:6b:3e:48:15:8d:7a:3c:8b:69:d0:
d5:0b:94:59:d2:b0:5c:9a:bd:c2:5a:c0:f4:96:37:83:22:15:
b5:d5:f6:d2:a4:1c:66:69:04:78:86:01:90:ab:f1:dd:8e:0a:
5f:ff:6a:7b:ac:a8:0d:55:03:db:25:99:7e:bc:3a:e1:cb:00:
17:15:68:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3ql2ExjJYlxd8LeNSUkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMGU0NGM5MmFkNDkzMTE4YTRhZDJiYTgxMTQ1ZjFkMzRh
MThiY2EwHhcNMjQwMTAyMDYzMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNiZTczMTJkZDc3OGQ1N2I0MjFmZTM5NGFlMTVlOWI4ZjczOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQYUKCHuHHEA73hMDdSpfWJPYW0o
OKqCo4/fFIpR4yUVuhvu23NK6TvQrdIX58ck2UjW7ymUP0ywk21FdP2fVi6gnOd7
7bIxti94O1w5ydA16vGDGBsj+u3kY1aMCKGgyLN9VdNYnyQf1XpTCY5cRSYC2fqZ
Qu0MllPN43c0o2pw/j52fFKKOCGDxwcL49gYmCun2Pd6bEv5rgClmn8FlC2FGroF
/6md0RRgbWYglNnnA6a0vUosoYlD7Y4NHsjz0RMc+uUgHGM2gCGn5j1EcvqaDc46
6yV2rIlk2qJVaEpVEBcyC+CDib2FGY0MArzsrcRWu8jwXKcJD8R/z6n39QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJw75zEt13jVe0If45SuFem49zjHMB8GA1UdIwQY
MBaAFBAORMkq1JMRikrSuoEUXx00oYvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUE1RXlTclVreEdLU3RLNmdSUmZIVFNoaThvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9lMWFiNTctOWMyNS00YjhmLWI1NmUt
NGY1MjEyMjkwNzY5LzEvbkR2bk1TM1hlTlY3UWhfamxLNFY2YmozT01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9lMWFiNTctOWMyNS00YjhmLWI1NmUtNGY1MjEyMjkwNzY5
LzEvRUE1RXlTclVreEdLU3RLNmdSUmZIVFNoaThvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwmuIMA0G
CSqGSIb3DQEBCwUAA4IBAQAT7LoebhOYeBwYVvnZXfCkXYuoxirDJCjrGnE4+bzK
gq4uG3dZvD0cxt6SQ14oJ4ecUPNJZNXeOAGHyzRqu8gyLFfhA3zF16EMbNCLELWT
JPIviuY0jo5bSv0IpKpRuivMiFBrsHOPETyC+TX0cEP8mFjkRehe7V2RC5HrLVl6
y0XFumRXOi+VIvjzjtuTYUnZB1I/+yJoDLP8vcCGYfg0gDntQc/UlWf9LL1RbXZz
+jVkagaqH/2bIMr2DGs+SBWNejyLadDVC5RZ0rBcmr3CWsD0ljeDIhW11fbSpBxm
aQR4hgGQq/Hdjgpf/2p7rKgNVQPbJZl+vDrhywAXFWjv
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:13:59 2025 by rpki-client