Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/aK9jg52JEp0xJ8ZmnQkApBG26P4.roa
File: aK9jg52JEp0xJ8ZmnQkApBG26P4.roa (raw, json)
Hash identifier: Fpdcxn9gmz9I7Zse2nYle+HYvqZtxvglDSjCx0RyUzI=
Subject key identifier: 68:AF:63:83:9D:89:12:9D:31:27:C6:66:9D:09:00:A4:11:B6:E8:FE
Certificate issuer: /CN=34e83f41e5d24254c90a86e3b2bb7a80af039721
Certificate serial: 018CC727195BD9BB72ABF1317920C3D3465E
Authority key identifier: 34:E8:3F:41:E5:D2:42:54:C9:0A:86:E3:B2:BB:7A:80:AF:03:97:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NOg_QeXSQlTJCobjsrt6gK8DlyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/aK9jg52JEp0xJ8ZmnQkApBG26P4.roa
Signing time: Mon 01 Jan 2024 22:31:17 +0000
ROA not before: Mon 01 Jan 2024 22:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13249
IP address blocks: 193.109.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:19:5b:d9:bb:72:ab:f1:31:79:20:c3:d3:46:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34e83f41e5d24254c90a86e3b2bb7a80af039721
Validity
Not Before: Jan 1 22:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68af63839d89129d3127c6669d0900a411b6e8fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:59:d0:62:73:63:81:d9:8b:7b:8e:cb:25:20:
eb:aa:d0:f3:47:78:45:39:ad:67:5d:c4:20:cc:58:
6b:be:c2:d0:b1:41:29:c7:e8:7a:5f:f6:56:06:b8:
ac:00:22:29:d3:73:1f:86:ae:69:84:0a:56:69:c7:
62:9e:f3:c8:62:cd:ff:b5:65:c3:0e:80:9d:5f:6b:
3a:da:e3:9e:92:1b:75:dc:67:23:c8:3a:ec:f8:05:
35:d9:d8:cf:b4:1b:77:d6:07:96:ae:85:d9:17:ee:
cc:99:e2:c1:9e:ca:cb:04:94:54:79:d9:7c:d5:0f:
0c:d3:dc:97:51:a6:d7:cd:44:74:b0:10:fb:4c:d1:
09:73:f6:f9:7e:eb:7c:0e:30:13:09:a9:a8:39:7c:
f6:48:3a:9c:96:89:b1:b0:cf:74:09:14:5c:5d:df:
f9:8e:a9:83:bc:9e:83:b1:a5:b1:92:8a:1b:af:ea:
4d:2c:fc:31:30:13:6e:ef:fb:04:87:76:19:95:b9:
8a:c7:d6:a9:d5:18:ad:df:3c:c5:6d:b2:5f:b2:a7:
80:96:99:94:e6:e0:7f:be:e4:cc:10:62:12:3c:3d:
0a:b9:91:7d:c8:17:d0:76:66:e4:05:89:b0:6a:d7:
88:d7:d2:60:2f:3f:ae:c4:da:06:8e:b5:bf:a2:94:
f8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:AF:63:83:9D:89:12:9D:31:27:C6:66:9D:09:00:A4:11:B6:E8:FE
X509v3 Authority Key Identifier:
keyid:34:E8:3F:41:E5:D2:42:54:C9:0A:86:E3:B2:BB:7A:80:AF:03:97:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NOg_QeXSQlTJCobjsrt6gK8DlyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/aK9jg52JEp0xJ8ZmnQkApBG26P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/fba28c-6b17-4626-963c-058cc953e803/1/NOg_QeXSQlTJCobjsrt6gK8DlyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.241.0/24
Signature Algorithm: sha256WithRSAEncryption
79:d9:35:a1:36:0e:7a:59:b6:53:88:f3:e3:7d:e6:60:ce:ea:
3d:c8:34:0a:7a:7d:2e:7d:c2:56:d1:48:8d:93:18:81:84:4f:
79:6f:8d:e8:2b:52:18:4c:71:d9:01:b8:60:1e:52:8c:fa:8d:
f1:75:4a:76:a8:5e:f7:a3:3d:2b:af:f2:d2:4f:27:94:f3:80:
c5:f3:8f:1a:b9:0b:2d:63:b8:0b:56:59:72:0b:9c:ef:da:d3:
ea:a9:30:5d:60:cf:ad:88:e6:d5:ea:1d:cb:ab:ad:45:91:bf:
8a:f7:a2:8d:23:a3:69:0a:52:5d:5f:2c:a7:76:35:aa:68:f3:
6f:df:82:30:54:f4:d3:e8:d9:6c:88:fd:ff:75:91:5e:75:8a:
ca:f7:51:62:f5:fc:11:58:6d:53:a1:8a:a1:fc:e1:30:e5:19:
63:12:17:10:f6:5d:af:d9:24:fe:58:ff:b5:6e:57:51:b6:30:
f4:92:f6:e8:60:f7:4a:1f:b2:92:e9:f3:92:ce:01:2e:e7:14:
61:1d:3f:95:a1:b3:a8:5e:d2:03:f2:5e:6c:e0:e1:3a:33:d9:
76:c5:98:2c:48:bd:0e:f8:88:51:39:fa:b6:9e:94:ea:8d:bb:
1d:4f:27:47:05:ee:b8:51:0b:a7:70:7b:a4:1e:6f:bb:1b:1e:
c0:ec:76:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJxlb2btyq/ExeSDD00ZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZTgzZjQxZTVkMjQyNTRjOTBhODZlM2IyYmI3YTgwYWYw
Mzk3MjEwHhcNMjQwMTAxMjIzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGFmNjM4MzlkODkxMjlkMzEyN2M2NjY5ZDA5MDBhNDExYjZlOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFnQYnNjgdmLe47LJSDrqtDzR3hF
Oa1nXcQgzFhrvsLQsUEpx+h6X/ZWBrisACIp03Mfhq5phApWacdinvPIYs3/tWXD
DoCdX2s62uOekht13GcjyDrs+AU12djPtBt31geWroXZF+7MmeLBnsrLBJRUedl8
1Q8M09yXUabXzUR0sBD7TNEJc/b5fut8DjATCamoOXz2SDqclomxsM90CRRcXd/5
jqmDvJ6DsaWxkoobr+pNLPwxMBNu7/sEh3YZlbmKx9ap1Rit3zzFbbJfsqeAlpmU
5uB/vuTMEGISPD0KuZF9yBfQdmbkBYmwateI19JgLz+uxNoGjrW/opT4GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGivY4OdiRKdMSfGZp0JAKQRtuj+MB8GA1UdIwQY
MBaAFDToP0Hl0kJUyQqG47K7eoCvA5chMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk9nX1FlWFNRbFRKQ29ianNydDZnSzhEbHlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9mYmEyOGMtNmIxNy00NjI2LTk2M2Mt
MDU4Y2M5NTNlODAzLzEvYUs5amc1MkpFcDB4SjhabW5Ra0FwQkcyNlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9mYmEyOGMtNmIxNy00NjI2LTk2M2MtMDU4Y2M5NTNlODAz
LzEvTk9nX1FlWFNRbFRKQ29ianNydDZnSzhEbHlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW3xMA0G
CSqGSIb3DQEBCwUAA4IBAQB52TWhNg56WbZTiPPjfeZgzuo9yDQKen0ufcJW0UiN
kxiBhE95b43oK1IYTHHZAbhgHlKM+o3xdUp2qF73oz0rr/LSTyeU84DF848auQst
Y7gLVllyC5zv2tPqqTBdYM+tiObV6h3Lq61Fkb+K96KNI6NpClJdXyyndjWqaPNv
34IwVPTT6NlsiP3/dZFedYrK91Fi9fwRWG1ToYqh/OEw5RljEhcQ9l2v2ST+WP+1
bldRtjD0kvboYPdKH7KS6fOSzgEu5xRhHT+VobOoXtID8l5s4OE6M9l2xZgsSL0O
+IhROfq2npTqjbsdTydHBe64UQuncHukHm+7Gx7A7HYp
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:10 2025 by rpki-client