Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/32d49c-fbb9-4664-9ab8-f2bdc2275b6e/1/JzU4qVVsyDJn1q-1rKdv-1phtFk.roa
File: JzU4qVVsyDJn1q-1rKdv-1phtFk.roa (raw, json)
Hash identifier: KywSll/8S5OYFdmA27Hv/oJRKbJXPFQGh+wZW7149LU=
Subject key identifier: 27:35:38:A9:55:6C:C8:32:67:D6:AF:B5:AC:A7:6F:FB:5A:61:B4:59
Certificate issuer: /CN=0f4d50f390cf945c6fa5b900905b4d517ebb091a
Certificate serial: 0191ECD7756BBE3CF35D17F1D7F3E4F52558
Authority key identifier: 0F:4D:50:F3:90:CF:94:5C:6F:A5:B9:00:90:5B:4D:51:7E:BB:09:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D01Q85DPlFxvpbkAkFtNUX67CRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/32d49c-fbb9-4664-9ab8-f2bdc2275b6e/1/JzU4qVVsyDJn1q-1rKdv-1phtFk.roa
Signing time: Fri 13 Sep 2024 19:23:48 +0000
ROA not before: Fri 13 Sep 2024 19:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200889
IP address blocks: 193.32.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ec:d7:75:6b:be:3c:f3:5d:17:f1:d7:f3:e4:f5:25:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f4d50f390cf945c6fa5b900905b4d517ebb091a
Validity
Not Before: Sep 13 19:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=273538a9556cc83267d6afb5aca76ffb5a61b459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:74:48:11:4c:30:5d:61:ab:74:09:d0:60:d2:
3b:b2:d4:22:bb:ef:e6:ad:1f:fd:f2:95:a1:aa:84:
e7:2a:f5:45:8d:88:04:65:b0:6b:69:be:a9:65:54:
16:01:20:a1:48:f7:b9:8b:23:bd:b9:cd:af:70:bd:
51:57:6e:be:29:27:f1:0a:0f:92:80:6c:8d:fd:83:
70:1c:e9:35:73:a0:01:82:7a:39:26:16:d8:fc:bf:
3f:7f:50:d3:56:84:70:25:5f:b9:41:bd:6c:b7:82:
a3:99:c8:04:11:88:0e:fe:9a:ce:da:fd:89:e8:f1:
4f:8d:4a:6b:4d:a6:9c:fb:1c:8e:c5:c1:1a:40:9d:
1c:e5:bf:46:7f:db:d8:ed:19:da:27:97:51:09:1a:
4e:03:0d:4d:3b:99:8a:f3:37:54:6c:fb:82:88:f7:
97:4b:0c:a0:17:28:8b:68:c7:18:1b:34:af:18:97:
ee:46:b0:b1:26:d1:95:b1:2e:d3:75:9a:87:b6:2f:
ca:1c:ac:de:84:40:ca:54:98:bb:54:51:72:3e:f8:
91:de:50:62:f2:10:f8:6e:b2:3f:93:ee:1c:0b:1c:
61:7d:64:62:64:4e:da:8b:49:e3:ab:8e:7e:2f:17:
09:e2:d8:4a:47:46:91:fd:a8:e6:e6:bd:03:82:d5:
a5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:35:38:A9:55:6C:C8:32:67:D6:AF:B5:AC:A7:6F:FB:5A:61:B4:59
X509v3 Authority Key Identifier:
keyid:0F:4D:50:F3:90:CF:94:5C:6F:A5:B9:00:90:5B:4D:51:7E:BB:09:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D01Q85DPlFxvpbkAkFtNUX67CRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/32d49c-fbb9-4664-9ab8-f2bdc2275b6e/1/JzU4qVVsyDJn1q-1rKdv-1phtFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/32d49c-fbb9-4664-9ab8-f2bdc2275b6e/1/D01Q85DPlFxvpbkAkFtNUX67CRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.95.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a4:42:70:55:81:dc:45:46:2b:76:c3:8f:f7:13:f1:bf:f9:
f5:75:91:02:7f:c1:20:4f:35:fe:62:77:dd:ac:16:12:7a:16:
49:e6:78:df:7f:0a:fb:02:30:cd:67:e5:58:48:98:b0:99:a8:
18:28:43:b9:c9:0f:51:ce:f1:3c:d3:e3:93:db:e6:50:5c:e0:
d8:14:3a:8d:b8:19:16:ab:1c:97:09:e6:12:cc:89:05:2b:c9:
a4:78:ec:c0:7e:72:3b:ed:05:61:9b:f0:10:6e:83:9c:05:fb:
86:98:1e:47:cd:b7:84:41:35:f0:42:13:58:dd:6e:ed:97:35:
6b:b3:1f:8d:e0:7c:57:7a:1d:38:3d:e0:c5:58:85:e2:23:54:
67:1e:d7:f0:46:2a:45:50:c5:3b:51:60:0c:d3:56:16:c2:7f:
7e:be:28:3f:ea:32:af:5b:5c:24:a8:71:bd:e7:8f:52:4e:51:
70:5b:5a:f9:4a:86:a2:26:21:26:b0:18:b9:e8:af:03:ed:87:
07:db:ab:cb:7f:33:2f:1f:44:8b:68:9a:f9:59:0c:bf:47:4a:
1f:77:d2:73:b3:cd:03:17:92:f9:9d:31:1c:fa:b7:b7:af:ba:
cd:e8:fd:f9:3b:4f:8c:01:c1:1c:51:c8:06:eb:7f:43:f0:47:
87:52:86:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHs13VrvjzzXRfx1/Pk9SVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNGQ1MGYzOTBjZjk0NWM2ZmE1YjkwMDkwNWI0ZDUxN2Vi
YjA5MWEwHhcNMjQwOTEzMTkyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzM1MzhhOTU1NmNjODMyNjdkNmFmYjVhY2E3NmZmYjVhNjFiNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnRIEUwwXWGrdAnQYNI7stQiu+/m
rR/98pWhqoTnKvVFjYgEZbBrab6pZVQWASChSPe5iyO9uc2vcL1RV26+KSfxCg+S
gGyN/YNwHOk1c6ABgno5JhbY/L8/f1DTVoRwJV+5Qb1st4KjmcgEEYgO/prO2v2J
6PFPjUprTaac+xyOxcEaQJ0c5b9Gf9vY7RnaJ5dRCRpOAw1NO5mK8zdUbPuCiPeX
SwygFyiLaMcYGzSvGJfuRrCxJtGVsS7TdZqHti/KHKzehEDKVJi7VFFyPviR3lBi
8hD4brI/k+4cCxxhfWRiZE7ai0njq45+LxcJ4thKR0aR/ajm5r0DgtWlCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCc1OKlVbMgyZ9avtaynb/taYbRZMB8GA1UdIwQY
MBaAFA9NUPOQz5Rcb6W5AJBbTVF+uwkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDAxUTg1RFBsRnh2cGJrQWtGdE5VWDY3Q1JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8zMmQ0OWMtZmJiOS00NjY0LTlhYjgt
ZjJiZGMyMjc1YjZlLzEvSnpVNHFWVnN5REpuMXEtMXJLZHYtMXBodEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8zMmQ0OWMtZmJiOS00NjY0LTlhYjgtZjJiZGMyMjc1YjZl
LzEvRDAxUTg1RFBsRnh2cGJrQWtGdE5VWDY3Q1JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSBfMA0G
CSqGSIb3DQEBCwUAA4IBAQBVpEJwVYHcRUYrdsOP9xPxv/n1dZECf8EgTzX+Ynfd
rBYSehZJ5njffwr7AjDNZ+VYSJiwmagYKEO5yQ9RzvE80+OT2+ZQXODYFDqNuBkW
qxyXCeYSzIkFK8mkeOzAfnI77QVhm/AQboOcBfuGmB5HzbeEQTXwQhNY3W7tlzVr
sx+N4HxXeh04PeDFWIXiI1RnHtfwRipFUMU7UWAM01YWwn9+vig/6jKvW1wkqHG9
549STlFwW1r5SoaiJiEmsBi56K8D7YcH26vLfzMvH0SLaJr5WQy/R0ofd9Jzs80D
F5L5nTEc+re3r7rN6P35O0+MAcEcUcgG639D8EeHUoZv
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:39 2025 by rpki-client