Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e1545b-fc52-44c0-8f57-2884dd8248d6/1/rt747R7hXk5ZVHKBTDKW-i-s0VY.roa
File: rt747R7hXk5ZVHKBTDKW-i-s0VY.roa (raw, json)
Hash identifier: I18tiuWyv6RURZNnicIPX4QcCo3EXPNOt1Sp4hPBmbQ=
Subject key identifier: AE:DE:F8:ED:1E:E1:5E:4E:59:54:72:81:4C:32:96:FA:2F:AC:D1:56
Certificate issuer: /CN=af48f67f53fce9891d41593ac84cae304abfcbcf
Certificate serial: 018CC56EDE49164989D7AA82457580367C53
Authority key identifier: AF:48:F6:7F:53:FC:E9:89:1D:41:59:3A:C8:4C:AE:30:4A:BF:CB:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0j2f1P86YkdQVk6yEyuMEq_y88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e1545b-fc52-44c0-8f57-2884dd8248d6/1/rt747R7hXk5ZVHKBTDKW-i-s0VY.roa
Signing time: Mon 01 Jan 2024 14:30:26 +0000
ROA not before: Mon 01 Jan 2024 14:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208034
IP address blocks: 193.169.170.0/24 maxlen: 24
185.194.248.0/24 maxlen: 24
193.169.106.0/24 maxlen: 24
193.169.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:de:49:16:49:89:d7:aa:82:45:75:80:36:7c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af48f67f53fce9891d41593ac84cae304abfcbcf
Validity
Not Before: Jan 1 14:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aedef8ed1ee15e4e595472814c3296fa2facd156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:48:a0:fe:ce:2e:1a:72:05:8d:8d:7e:ee:
f7:ed:58:c1:ce:c8:c2:ed:91:87:23:79:ce:b6:60:
3d:f8:8e:ca:92:c6:25:28:f6:2c:20:95:01:83:bc:
1d:cc:6d:f8:57:2c:b6:c7:08:5e:41:2e:c9:35:15:
c0:13:76:af:b3:32:fe:c4:10:35:6e:27:e9:d7:84:
89:60:9c:8b:a2:aa:7e:ea:ad:35:00:4a:c7:b8:18:
46:d4:f4:0b:ef:6b:8c:33:4f:c6:9f:00:e1:d3:ec:
87:e7:a1:01:ac:b3:d0:da:12:98:5e:34:c1:2b:63:
45:c3:52:c9:38:a9:0d:21:0f:07:94:62:94:9c:a8:
62:6d:61:11:20:5c:44:52:23:1f:d8:f6:2f:0d:28:
57:e2:b1:a6:75:13:d2:be:dc:09:4b:eb:ca:f2:01:
37:71:08:4c:e2:c3:3e:ef:09:66:df:a8:fb:1e:86:
d8:3c:8a:7b:3e:64:24:18:45:c6:b9:3d:57:a6:e6:
45:03:c5:16:1e:44:c8:71:06:da:1f:38:63:a1:a5:
34:c7:d2:0a:a5:f8:9a:88:d8:a8:00:6b:57:be:66:
11:46:0f:c1:77:3e:33:22:b7:7c:9c:47:61:fb:9a:
92:ea:93:68:d8:ff:11:b9:d3:52:8e:23:e4:f0:4d:
80:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DE:F8:ED:1E:E1:5E:4E:59:54:72:81:4C:32:96:FA:2F:AC:D1:56
X509v3 Authority Key Identifier:
keyid:AF:48:F6:7F:53:FC:E9:89:1D:41:59:3A:C8:4C:AE:30:4A:BF:CB:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0j2f1P86YkdQVk6yEyuMEq_y88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e1545b-fc52-44c0-8f57-2884dd8248d6/1/rt747R7hXk5ZVHKBTDKW-i-s0VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e1545b-fc52-44c0-8f57-2884dd8248d6/1/r0j2f1P86YkdQVk6yEyuMEq_y88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.248.0/24
193.169.106.0/23
193.169.170.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:07:ce:78:44:e4:2f:af:0d:a1:05:8f:82:76:81:61:e1:16:
eb:2d:a6:b6:f5:c4:52:ca:c9:62:e8:d4:73:3c:1a:6e:78:75:
5a:66:41:4b:6d:cb:8b:ab:3c:ce:a2:4b:af:a8:57:c7:87:9b:
aa:8a:ef:97:f1:01:b6:75:85:c7:cd:1e:7c:da:3b:9e:11:54:
d0:d4:3c:57:8e:a1:8f:89:10:00:5b:19:d9:87:50:9f:48:12:
4e:06:e5:dd:d3:26:9b:e4:4b:2a:05:67:18:df:bb:b6:6d:ad:
79:f7:95:c1:d5:66:d3:da:46:cd:8c:f8:1e:2d:c7:42:71:ca:
ab:39:61:c5:2d:dc:48:d9:25:1e:02:f0:dd:59:e1:d3:15:16:
21:33:fe:5f:89:af:d6:e8:21:a7:9d:59:8b:51:45:24:d4:ca:
03:85:67:3e:79:95:e6:03:2f:79:c7:46:e3:ce:ac:bc:48:df:
4e:80:cb:fd:55:fe:36:e9:06:b6:26:b5:43:f7:97:27:0c:bf:
7b:a8:d4:31:27:07:44:c7:d2:db:7a:66:7a:5a:21:c1:e4:e5:
a6:f6:d9:d0:8f:2b:08:44:90:23:6e:92:f9:cb:7d:86:90:20:
c3:8b:6b:b4:d7:0e:03:36:4e:66:60:96:52:76:11:3b:85:ce:
80:4e:82:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbt5JFkmJ16qCRXWANnxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNDhmNjdmNTNmY2U5ODkxZDQxNTkzYWM4NGNhZTMwNGFi
ZmNiY2YwHhcNMjQwMTAxMTQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWRlZjhlZDFlZTE1ZTRlNTk1NDcyODE0YzMyOTZmYTJmYWNkMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqJIoP7OLhpyBY2Nfu737VjBzsjC
7ZGHI3nOtmA9+I7KksYlKPYsIJUBg7wdzG34Vyy2xwheQS7JNRXAE3avszL+xBA1
bifp14SJYJyLoqp+6q01AErHuBhG1PQL72uMM0/GnwDh0+yH56EBrLPQ2hKYXjTB
K2NFw1LJOKkNIQ8HlGKUnKhibWERIFxEUiMf2PYvDShX4rGmdRPSvtwJS+vK8gE3
cQhM4sM+7wlm36j7HobYPIp7PmQkGEXGuT1XpuZFA8UWHkTIcQbaHzhjoaU0x9IK
pfiaiNioAGtXvmYRRg/Bdz4zIrd8nEdh+5qS6pNo2P8RudNSjiPk8E2A1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK7e+O0e4V5OWVRygUwylvovrNFWMB8GA1UdIwQY
MBaAFK9I9n9T/OmJHUFZOshMrjBKv8vPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjBqMmYxUDg2WWtkUVZrNnlFeXVNRXFfeTg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMTU0NWItZmM1Mi00NGMwLThmNTct
Mjg4NGRkODI0OGQ2LzEvcnQ3NDdSN2hYazVaVkhLQlRES1ctaS1zMFZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMTU0NWItZmM1Mi00NGMwLThmNTctMjg4NGRkODI0OGQ2
LzEvcjBqMmYxUDg2WWtkUVZrNnlFeXVNRXFfeTg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAucL4AwQB
walqAwQAwamqMA0GCSqGSIb3DQEBCwUAA4IBAQC8B854ROQvrw2hBY+CdoFh4Rbr
Laa29cRSysli6NRzPBpueHVaZkFLbcuLqzzOokuvqFfHh5uqiu+X8QG2dYXHzR58
2jueEVTQ1DxXjqGPiRAAWxnZh1CfSBJOBuXd0yab5EsqBWcY37u2ba1595XB1WbT
2kbNjPgeLcdCccqrOWHFLdxI2SUeAvDdWeHTFRYhM/5fia/W6CGnnVmLUUUk1MoD
hWc+eZXmAy95x0bjzqy8SN9OgMv9Vf426Qa2JrVD95cnDL97qNQxJwdEx9LbemZ6
WiHB5OWm9tnQjysIRJAjbpL5y32GkCDDi2u01w4DNk5mYJZSdhE7hc6AToJD
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:37:52 2025 by rpki-client