Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/U-VQJRpdjvJQKPecRY_WGgA23Qk.roa
File: U-VQJRpdjvJQKPecRY_WGgA23Qk.roa (raw, json)
Hash identifier: 3+Kr/DDUMQU4g4TwaBXHEqElz3MD1YQyziL1RSG+G+U=
Subject key identifier: 53:E5:50:25:1A:5D:8E:F2:50:28:F7:9C:45:8F:D6:1A:00:36:DD:09
Certificate issuer: /CN=c6ff541cf364193a2a00ada14244acd34c14038a
Certificate serial: 0193A164DE2131861D7C0DDE012AC9916672
Authority key identifier: C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/U-VQJRpdjvJQKPecRY_WGgA23Qk.roa
Signing time: Sat 07 Dec 2024 13:52:42 +0000
ROA not before: Sat 07 Dec 2024 13:52:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39249
IP address blocks: 193.104.254.0/24 maxlen: 24
2001:67c:1874::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a1:64:de:21:31:86:1d:7c:0d:de:01:2a:c9:91:66:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6ff541cf364193a2a00ada14244acd34c14038a
Validity
Not Before: Dec 7 13:52:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53e550251a5d8ef25028f79c458fd61a0036dd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0b:6a:88:75:34:7c:09:3f:1a:5c:d6:2a:99:
6c:51:9d:7f:02:5e:65:df:2e:fc:4b:bb:d4:de:68:
e0:ed:54:a1:a5:10:d0:16:af:9d:a2:dd:a0:06:07:
13:45:5d:a2:ff:8e:c7:b1:93:c9:a6:48:b4:97:e9:
09:8f:b9:cf:82:2a:65:1f:13:f0:94:5f:ba:23:8d:
67:4f:44:62:50:77:fb:94:cf:a7:0e:d9:62:b3:d0:
2e:e9:7c:07:a9:0e:b2:0e:70:1e:9b:e6:8b:03:7f:
b5:b4:48:40:f5:cb:24:3b:01:68:ec:23:54:cc:95:
71:f3:c1:e4:8f:8d:ce:5a:5e:c2:d6:6c:22:bc:1e:
58:a0:55:59:f4:10:cd:10:7c:54:81:cd:26:2c:d0:
fe:78:82:58:33:6b:50:a0:84:9f:43:7a:cb:9e:7d:
aa:12:fa:7f:2a:a4:af:81:7d:74:b9:be:fb:2e:10:
4a:dd:18:40:79:ec:c3:e0:31:dd:1d:51:09:c5:e5:
e5:e2:7a:97:62:09:c8:6a:6c:5a:aa:a8:1f:5f:65:
71:d8:bf:bc:d4:dd:fc:31:45:58:3a:06:37:c3:47:
fb:00:57:86:8d:49:3b:79:15:f8:15:61:1b:6a:32:
bd:8c:50:a8:ca:19:69:b9:35:91:a7:d3:c4:d0:e3:
9b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E5:50:25:1A:5D:8E:F2:50:28:F7:9C:45:8F:D6:1A:00:36:DD:09
X509v3 Authority Key Identifier:
keyid:C6:FF:54:1C:F3:64:19:3A:2A:00:AD:A1:42:44:AC:D3:4C:14:03:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xv9UHPNkGToqAK2hQkSs00wUA4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/U-VQJRpdjvJQKPecRY_WGgA23Qk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/39a022-faed-4376-8be6-2a5e98abd1f3/1/xv9UHPNkGToqAK2hQkSs00wUA4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.254.0/24
IPv6:
2001:67c:1874::/48
Signature Algorithm: sha256WithRSAEncryption
58:db:05:d2:9f:0f:08:5b:fc:64:00:98:32:cc:fd:5b:2e:b5:
68:a0:f0:e6:da:1c:15:4f:6e:3a:6a:38:14:27:ee:50:a4:bc:
69:27:76:85:b1:97:1a:a9:89:50:05:81:f6:68:76:da:92:2d:
c0:3e:7f:ac:95:3e:ff:65:02:a5:97:5d:5b:6c:7f:22:d7:1d:
0a:4c:84:b1:05:2d:39:35:50:41:d8:56:72:db:8a:4f:2b:f7:
23:c1:ea:99:68:c8:bb:c0:3b:f4:01:ef:56:35:47:14:20:33:
8b:15:cc:b6:73:35:8b:85:e1:7b:4c:52:3d:94:2a:02:84:cb:
ec:4b:53:e7:41:07:a6:c8:af:8b:c2:41:9e:75:3f:62:48:44:
a3:00:8f:6f:61:c9:4b:06:41:11:69:36:6c:5a:4c:0b:db:1e:
cf:82:db:1b:64:e1:ee:d5:30:10:88:c0:a3:f7:c6:f0:24:c5:
4c:52:83:c3:36:b5:3b:87:cf:ec:95:84:b4:65:36:55:cd:a2:
e1:a1:f7:85:73:de:6e:12:d6:ba:5f:ee:74:e7:ce:e2:25:94:
b3:32:71:e5:21:9d:a3:a2:91:c6:53:4a:d6:60:19:c8:dd:4e:
2d:69:1a:63:64:7c:1f:0b:02:61:d5:24:de:d0:c3:91:cd:e5:
eb:4b:47:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZOhZN4hMYYdfA3eASrJkWZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZmY1NDFjZjM2NDE5M2EyYTAwYWRhMTQyNDRhY2QzNGMx
NDAzOGEwHhcNMjQxMjA3MTM1MjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2U1NTAyNTFhNWQ4ZWYyNTAyOGY3OWM0NThmZDYxYTAwMzZkZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQtqiHU0fAk/GlzWKplsUZ1/Al5l
3y78S7vU3mjg7VShpRDQFq+dot2gBgcTRV2i/47HsZPJpki0l+kJj7nPgiplHxPw
lF+6I41nT0RiUHf7lM+nDtlis9Au6XwHqQ6yDnAem+aLA3+1tEhA9cskOwFo7CNU
zJVx88Hkj43OWl7C1mwivB5YoFVZ9BDNEHxUgc0mLND+eIJYM2tQoISfQ3rLnn2q
Evp/KqSvgX10ub77LhBK3RhAeezD4DHdHVEJxeXl4nqXYgnIamxaqqgfX2Vx2L+8
1N38MUVYOgY3w0f7AFeGjUk7eRX4FWEbajK9jFCoyhlpuTWRp9PE0OObCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFPlUCUaXY7yUCj3nEWP1hoANt0JMB8GA1UdIwQY
MBaAFMb/VBzzZBk6KgCtoUJErNNMFAOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYt
MmE1ZTk4YWJkMWYzLzEvVS1WUUpScGRqdkpRS1BlY1JZX1dHZ0EyM1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zOWEwMjItZmFlZC00Mzc2LThiZTYtMmE1ZTk4YWJkMWYz
LzEveHY5VUhQTmtHVG9xQUsyaFFrU3MwMHdVQTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwWj+MA8E
AgACMAkDBwAgAQZ8GHQwDQYJKoZIhvcNAQELBQADggEBAFjbBdKfDwhb/GQAmDLM
/VsutWig8ObaHBVPbjpqOBQn7lCkvGkndoWxlxqpiVAFgfZodtqSLcA+f6yVPv9l
AqWXXVtsfyLXHQpMhLEFLTk1UEHYVnLbik8r9yPB6ployLvAO/QB71Y1RxQgM4sV
zLZzNYuF4XtMUj2UKgKEy+xLU+dBB6bIr4vCQZ51P2JIRKMAj29hyUsGQRFpNmxa
TAvbHs+C2xtk4e7VMBCIwKP3xvAkxUxSg8M2tTuHz+yVhLRlNlXNouGh94Vz3m4S
1rpf7nTnzuIllLMyceUhnaOikcZTStZgGcjdTi1pGmNkfB8LAmHVJN7Qw5HN5etL
R8I=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:28:55 2025 by rpki-client