Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/Rq4ncT34drVyz9pLRfEmUwACu20.roa
File: Rq4ncT34drVyz9pLRfEmUwACu20.roa (raw, json)
Hash identifier: UaiTGfy/4qLXIIsAL3Ph5mgQNmYuu04p4Iw8X1qu/WI=
Subject key identifier: 46:AE:27:71:3D:F8:76:B5:72:CF:DA:4B:45:F1:26:53:00:02:BB:6D
Certificate issuer: /CN=34e83f41e5d24254c90a86e3b2bb7a80af039721
Certificate serial: 018CC727198E47A01320F96E00978F3C7C0E
Authority key identifier: 34:E8:3F:41:E5:D2:42:54:C9:0A:86:E3:B2:BB:7A:80:AF:03:97:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOg_QeXSQlTJCobjsrt6gK8DlyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/Rq4ncT34drVyz9pLRfEmUwACu20.roa
Signing time: Mon 01 Jan 2024 22:31:17 +0000
ROA not before: Mon 01 Jan 2024 22:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21257
IP address blocks: 194.106.216.0/23 maxlen: 23
193.109.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:19:8e:47:a0:13:20:f9:6e:00:97:8f:3c:7c:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e83f41e5d24254c90a86e3b2bb7a80af039721
Validity
Not Before: Jan 1 22:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46ae27713df876b572cfda4b45f126530002bb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:81:e5:ba:79:8c:4a:6a:57:dd:de:36:64:df:
a9:78:1b:a0:5f:70:cf:5c:be:fb:83:6b:c3:47:1c:
3c:a5:6a:69:77:6d:90:5a:c5:67:3e:2e:b7:05:52:
89:3b:1d:d6:03:c6:08:ba:c3:5b:e9:ea:d5:7a:72:
a3:fb:79:29:f3:bb:1d:a2:89:7f:99:bb:e1:82:d3:
f9:93:e7:15:87:be:bb:fa:79:da:e0:cc:f9:30:07:
ac:c4:fc:07:34:eb:b6:52:4a:83:bf:22:24:bd:66:
ef:a9:ce:29:56:3a:02:e5:e6:17:26:dd:52:12:bf:
48:c7:55:d8:7d:91:5b:68:27:b7:09:2b:cc:77:37:
7d:7a:07:3b:ab:ce:d4:52:04:70:e8:61:bb:82:6e:
9e:01:76:26:90:32:4f:ef:f3:ca:08:e9:78:3c:d3:
07:a2:cb:69:f3:ec:cf:9b:86:18:8c:01:47:6b:f5:
09:a1:f1:30:c0:e5:86:ed:4f:c7:cc:bc:f0:b3:f9:
ec:a5:04:ed:76:dd:53:d7:70:78:f9:e8:37:de:38:
bc:8c:bd:26:8d:df:7f:00:b3:8b:f6:0e:5f:9f:c6:
2d:91:58:9f:d2:86:4d:bf:90:2a:1d:f8:ab:f4:ff:
ab:3a:89:b8:5c:43:5c:1a:7d:b3:a9:a0:9d:94:0f:
07:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AE:27:71:3D:F8:76:B5:72:CF:DA:4B:45:F1:26:53:00:02:BB:6D
X509v3 Authority Key Identifier:
keyid:34:E8:3F:41:E5:D2:42:54:C9:0A:86:E3:B2:BB:7A:80:AF:03:97:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOg_QeXSQlTJCobjsrt6gK8DlyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/Rq4ncT34drVyz9pLRfEmUwACu20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/NOg_QeXSQlTJCobjsrt6gK8DlyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.240.0/24
194.106.216.0/23
Signature Algorithm: sha256WithRSAEncryption
96:ab:1c:1c:07:ab:cd:36:eb:e9:4b:3e:d4:7e:10:57:d6:6c:
a3:22:f7:21:61:8f:30:2c:7e:6d:21:23:53:b0:ba:be:73:60:
7a:02:e4:33:4f:f5:13:4f:55:d5:96:1c:17:5c:91:94:28:f4:
c6:e1:c7:66:90:fc:eb:ff:5a:5f:5b:0f:2a:3f:a8:9c:37:38:
68:db:49:ce:92:cc:94:4b:46:cf:08:a7:cc:95:62:79:2c:13:
91:10:ee:e2:60:88:0f:a8:e2:72:b8:9d:98:e2:12:04:23:db:
22:1e:b0:d7:64:dc:d0:ee:16:16:1d:7d:1d:0a:21:b8:3c:89:
34:33:dc:bd:32:e9:8d:1a:08:c0:d6:d7:72:5d:f5:1c:e8:ed:
ca:00:17:2b:21:a9:2c:b5:c5:d7:89:5c:82:95:9e:cf:7b:1a:
8d:5d:80:fe:3f:f1:94:22:f8:13:5e:fe:fd:da:8e:de:f5:9d:
29:8f:77:1f:c8:02:3e:88:ae:de:d8:db:3c:3e:95:80:fd:87:
2f:ed:77:41:0c:4a:1d:32:e3:55:b2:54:98:81:3c:ba:89:fe:
c5:5e:f1:71:a9:39:37:65:ed:75:97:5c:c4:69:f0:c3:69:b1:
e5:19:bb:c8:a8:b1:77:da:f9:d1:27:39:69:46:c5:6d:ee:ad:
13:55:0d:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJxmOR6ATIPluAJePPHwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTgzZjQxZTVkMjQyNTRjOTBhODZlM2IyYmI3YTgwYWYw
Mzk3MjEwHhcNMjQwMTAxMjIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFlMjc3MTNkZjg3NmI1NzJjZmRhNGI0NWYxMjY1MzAwMDJiYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4HlunmMSmpX3d42ZN+peBugX3DP
XL77g2vDRxw8pWppd22QWsVnPi63BVKJOx3WA8YIusNb6erVenKj+3kp87sdool/
mbvhgtP5k+cVh767+nna4Mz5MAesxPwHNOu2UkqDvyIkvWbvqc4pVjoC5eYXJt1S
Er9Ix1XYfZFbaCe3CSvMdzd9egc7q87UUgRw6GG7gm6eAXYmkDJP7/PKCOl4PNMH
ostp8+zPm4YYjAFHa/UJofEwwOWG7U/HzLzws/nspQTtdt1T13B4+eg33ji8jL0m
jd9/ALOL9g5fn8YtkVif0oZNv5AqHfir9P+rOom4XENcGn2zqaCdlA8HkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEauJ3E9+Ha1cs/aS0XxJlMAArttMB8GA1UdIwQY
MBaAFDToP0Hl0kJUyQqG47K7eoCvA5chMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9nX1FlWFNRbFRKQ29ianNydDZnSzhEbHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mYmEyOGMtNmIxNy00NjI2LTk2M2Mt
MDU4Y2M5NTNlODAzLzEvUnE0bmNUMzRkclZ5ejlwTFJmRW1Vd0FDdTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mYmEyOGMtNmIxNy00NjI2LTk2M2MtMDU4Y2M5NTNlODAz
LzEvTk9nX1FlWFNRbFRKQ29ianNydDZnSzhEbHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW3wAwQB
wmrYMA0GCSqGSIb3DQEBCwUAA4IBAQCWqxwcB6vNNuvpSz7UfhBX1myjIvchYY8w
LH5tISNTsLq+c2B6AuQzT/UTT1XVlhwXXJGUKPTG4cdmkPzr/1pfWw8qP6icNzho
20nOksyUS0bPCKfMlWJ5LBOREO7iYIgPqOJyuJ2Y4hIEI9siHrDXZNzQ7hYWHX0d
CiG4PIk0M9y9MumNGgjA1tdyXfUc6O3KABcrIakstcXXiVyClZ7PexqNXYD+P/GU
IvgTXv792o7e9Z0pj3cfyAI+iK7e2Ns8PpWA/Ycv7XdBDEodMuNVslSYgTy6if7F
XvFxqTk3Ze11l1zEafDDabHlGbvIqLF32vnRJzlpRsVt7q0TVQ05
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:10 2025 by rpki-client