Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/6b08c2-5c3a-4288-844b-7fe42ff4dcd8/1/_fVXRZZVGe2ekCXelOxjeimpddA.roa
File: _fVXRZZVGe2ekCXelOxjeimpddA.roa (raw, json)
Hash identifier: omxDviT30Ax+sFu/uNtdSYGCUeDbmPiyrWHwzMiFnxE=
Subject key identifier: FD:F5:57:45:96:55:19:ED:9E:90:25:DE:94:EC:63:7A:29:A9:75:D0
Certificate issuer: /CN=93d43d499868091bbdc47d95aee1c9099f005620
Certificate serial: 018CC9BC933397AF82E9676AC003441A9C2D
Authority key identifier: 93:D4:3D:49:98:68:09:1B:BD:C4:7D:95:AE:E1:C9:09:9F:00:56:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k9Q9SZhoCRu9xH2VruHJCZ8AViA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/6b08c2-5c3a-4288-844b-7fe42ff4dcd8/1/_fVXRZZVGe2ekCXelOxjeimpddA.roa
Signing time: Tue 02 Jan 2024 10:33:48 +0000
ROA not before: Tue 02 Jan 2024 10:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6707
IP address blocks: 193.28.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:93:33:97:af:82:e9:67:6a:c0:03:44:1a:9c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93d43d499868091bbdc47d95aee1c9099f005620
Validity
Not Before: Jan 2 10:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdf55745965519ed9e9025de94ec637a29a975d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f0:dc:f3:1c:f6:f9:d8:c4:0a:81:b5:0b:19:
42:07:69:e0:8c:6d:5d:c5:ea:38:fc:96:16:60:d6:
2f:38:ac:a2:cb:b9:9b:0c:85:79:36:de:1b:dc:e3:
13:6a:c8:1c:31:65:45:9a:32:4d:0d:cc:ea:11:20:
02:cc:78:a5:11:2d:f1:39:6e:61:d7:86:c3:4c:77:
0a:ab:8a:0e:90:8b:f3:64:28:38:3f:25:97:92:75:
c6:6a:97:1c:2c:fd:30:1f:87:5b:a3:c4:ea:df:72:
f7:44:b9:3b:37:d2:37:75:37:49:8f:87:99:f2:0a:
b4:dc:5b:ab:5b:d1:a2:d9:62:de:bf:6a:76:f1:8f:
2c:60:1d:3b:66:b7:18:5c:61:2c:7e:b5:8a:54:4f:
25:f7:e0:e9:1f:65:03:cb:1f:68:6b:6a:db:64:f3:
62:c9:71:e1:43:e2:ff:73:05:3b:fa:d5:c7:d7:26:
26:a1:88:d8:7b:4d:31:19:7d:30:b0:46:e9:7c:3f:
39:5d:ba:21:d9:fc:2a:d8:a5:40:88:a7:25:2e:89:
8a:74:32:38:0c:53:8e:cc:ae:49:78:03:46:e8:4f:
6a:3d:0e:3e:a3:9f:ec:aa:0f:53:f1:42:9b:f3:72:
7f:fc:f8:4e:36:8b:b0:5f:5b:7e:06:f2:d6:94:5a:
a6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F5:57:45:96:55:19:ED:9E:90:25:DE:94:EC:63:7A:29:A9:75:D0
X509v3 Authority Key Identifier:
keyid:93:D4:3D:49:98:68:09:1B:BD:C4:7D:95:AE:E1:C9:09:9F:00:56:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k9Q9SZhoCRu9xH2VruHJCZ8AViA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6b08c2-5c3a-4288-844b-7fe42ff4dcd8/1/_fVXRZZVGe2ekCXelOxjeimpddA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/6b08c2-5c3a-4288-844b-7fe42ff4dcd8/1/k9Q9SZhoCRu9xH2VruHJCZ8AViA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.225.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:36:8f:a8:5f:0a:28:af:d4:dc:66:be:db:5f:fa:1a:25:73:
d7:06:04:30:84:74:6c:e1:9a:9c:43:61:63:eb:10:70:3b:6a:
d1:b1:86:b9:dd:91:29:58:e5:b0:74:f3:9e:b1:8e:13:18:55:
e2:a1:0c:55:66:b6:bf:3f:60:5a:6a:23:ae:93:ab:95:64:f7:
a5:fa:e7:8b:f5:88:04:a0:10:84:f9:88:f7:d7:98:b8:9b:83:
cc:d4:6a:ab:4e:a9:16:9a:dc:78:92:81:29:0b:53:b7:1b:df:
78:78:35:94:2f:24:23:71:45:a4:a1:7c:a6:7e:ad:68:2c:66:
bc:8e:03:30:33:0b:41:e4:e3:76:00:4f:bb:0d:e4:32:c0:6a:
b7:5f:9a:76:99:b8:d5:42:f4:57:ef:fb:ba:bc:16:2e:07:6d:
3b:55:a0:2f:d4:0a:a9:28:96:ad:d9:ad:01:a6:ec:b8:d6:d4:
ad:ea:29:20:72:bb:0d:ba:2a:c8:1a:2a:97:83:33:5d:82:09:
62:0e:c0:4b:c6:6a:fa:0c:7b:d5:35:84:e3:c2:e6:71:5c:3f:
52:59:3a:52:fc:f7:de:a0:aa:a4:5b:1e:5f:3a:78:0b:30:21:
d6:e7:27:9f:b7:06:02:f1:a8:bd:a8:34:3a:ac:6a:f7:ac:33:
28:ed:33:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvJMzl6+C6WdqwANEGpwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZDQzZDQ5OTg2ODA5MWJiZGM0N2Q5NWFlZTFjOTA5OWYw
MDU2MjAwHhcNMjQwMTAyMTAzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGY1NTc0NTk2NTUxOWVkOWU5MDI1ZGU5NGVjNjM3YTI5YTk3NWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPDc8xz2+djECoG1CxlCB2ngjG1d
xeo4/JYWYNYvOKyiy7mbDIV5Nt4b3OMTasgcMWVFmjJNDczqESACzHilES3xOW5h
14bDTHcKq4oOkIvzZCg4PyWXknXGapccLP0wH4dbo8Tq33L3RLk7N9I3dTdJj4eZ
8gq03FurW9Gi2WLev2p28Y8sYB07ZrcYXGEsfrWKVE8l9+DpH2UDyx9oa2rbZPNi
yXHhQ+L/cwU7+tXH1yYmoYjYe00xGX0wsEbpfD85Xboh2fwq2KVAiKclLomKdDI4
DFOOzK5JeANG6E9qPQ4+o5/sqg9T8UKb83J//PhONouwX1t+BvLWlFqmTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP31V0WWVRntnpAl3pTsY3opqXXQMB8GA1UdIwQY
MBaAFJPUPUmYaAkbvcR9la7hyQmfAFYgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazlROVNaaG9DUnU5eEgyVnJ1SEpDWjhBVmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC82YjA4YzItNWMzYS00Mjg4LTg0NGIt
N2ZlNDJmZjRkY2Q4LzEvX2ZWWFJaWlZHZTJla0NYZWxPeGplaW1wZGRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC82YjA4YzItNWMzYS00Mjg4LTg0NGItN2ZlNDJmZjRkY2Q4
LzEvazlROVNaaG9DUnU5eEgyVnJ1SEpDWjhBVmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRzhMA0G
CSqGSIb3DQEBCwUAA4IBAQAcNo+oXwoor9TcZr7bX/oaJXPXBgQwhHRs4ZqcQ2Fj
6xBwO2rRsYa53ZEpWOWwdPOesY4TGFXioQxVZra/P2BaaiOuk6uVZPel+ueL9YgE
oBCE+Yj315i4m4PM1GqrTqkWmtx4koEpC1O3G994eDWULyQjcUWkoXymfq1oLGa8
jgMwMwtB5ON2AE+7DeQywGq3X5p2mbjVQvRX7/u6vBYuB207VaAv1AqpKJat2a0B
puy41tSt6ikgcrsNuirIGiqXgzNdggliDsBLxmr6DHvVNYTjwuZxXD9SWTpS/Pfe
oKqkWx5fOngLMCHW5yeftwYC8ai9qDQ6rGr3rDMo7TNl
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:41:11 2025 by rpki-client