Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/34b48f-70c0-4004-ba0f-de3c8d953ec5/1/oR2F_m2TtQdasuUhTt9o5YBRE0c.roa
File: oR2F_m2TtQdasuUhTt9o5YBRE0c.roa (raw, json)
Hash identifier: yVIyAlDJbNsVWtkwP0vtwQgTuHEFrzqqGFSnJ8yykvU=
Subject key identifier: A1:1D:85:FE:6D:93:B5:07:5A:B2:E5:21:4E:DF:68:E5:80:51:13:47
Certificate issuer: /CN=c00a88d7e5a565ea719cfc40d8bb63ee1671856a
Certificate serial: 018EC197270E9B2B70A7A7791901BDA55A2C
Authority key identifier: C0:0A:88:D7:E5:A5:65:EA:71:9C:FC:40:D8:BB:63:EE:16:71:85:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wAqI1-WlZepxnPxA2Ltj7hZxhWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/34b48f-70c0-4004-ba0f-de3c8d953ec5/1/oR2F_m2TtQdasuUhTt9o5YBRE0c.roa
Signing time: Tue 09 Apr 2024 06:41:32 +0000
ROA not before: Tue 09 Apr 2024 06:41:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202515
IP address blocks: 193.57.28.0/24 maxlen: 24
193.57.29.0/24 maxlen: 24
193.57.30.0/24 maxlen: 24
193.57.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c1:97:27:0e:9b:2b:70:a7:a7:79:19:01:bd:a5:5a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c00a88d7e5a565ea719cfc40d8bb63ee1671856a
Validity
Not Before: Apr 9 06:41:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a11d85fe6d93b5075ab2e5214edf68e580511347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3d:51:19:c2:a7:74:c2:44:76:7e:2b:5b:0d:
bb:69:84:f2:99:85:c3:50:a8:4f:57:01:38:34:70:
a0:be:6c:33:5b:58:ea:01:19:6b:dc:0f:f1:46:49:
7c:61:7e:2f:b6:b9:27:cb:d1:dd:cd:0d:20:48:e2:
5d:97:2d:ba:1c:b6:6e:61:f5:15:89:33:94:9d:7d:
3f:80:93:d5:eb:68:20:86:54:95:41:6b:15:cf:1a:
d2:ec:ac:65:6a:5b:e2:f1:b8:f2:19:07:03:09:f7:
8f:1f:f0:4e:f6:2d:7b:69:7e:61:21:d5:a2:41:b8:
72:64:d3:69:e2:12:8d:a8:a7:93:c6:f4:25:17:08:
48:a0:4c:c8:41:25:87:d5:11:17:81:f0:39:3e:86:
af:e5:1d:89:7d:91:44:47:58:9b:5d:8d:7f:f5:54:
5a:1e:49:62:08:f8:20:91:6e:7d:3c:07:fc:2b:e0:
0c:7d:fb:9a:01:ae:11:7b:92:24:15:67:14:9b:e5:
d0:39:86:09:74:8e:9c:8e:af:d3:d0:f1:53:eb:ef:
ec:40:b5:6b:34:4c:e2:fa:98:7f:1c:2e:4c:79:92:
d6:5e:86:f6:a3:0f:97:84:7b:10:83:f8:16:82:82:
a9:dd:68:5e:71:f4:28:e4:79:50:53:64:ac:13:eb:
87:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1D:85:FE:6D:93:B5:07:5A:B2:E5:21:4E:DF:68:E5:80:51:13:47
X509v3 Authority Key Identifier:
keyid:C0:0A:88:D7:E5:A5:65:EA:71:9C:FC:40:D8:BB:63:EE:16:71:85:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wAqI1-WlZepxnPxA2Ltj7hZxhWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/34b48f-70c0-4004-ba0f-de3c8d953ec5/1/oR2F_m2TtQdasuUhTt9o5YBRE0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/34b48f-70c0-4004-ba0f-de3c8d953ec5/1/wAqI1-WlZepxnPxA2Ltj7hZxhWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.28.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:c0:fc:4b:06:0a:de:49:14:28:a3:6c:a5:21:1e:6c:ab:bc:
93:e8:7f:f9:d4:57:9f:b0:12:39:7e:e9:23:73:32:2f:97:e5:
cf:66:32:4f:f8:32:83:54:1e:c9:e6:24:ba:a9:ca:99:b8:a2:
cb:ec:32:d7:ac:d6:e4:b2:ad:42:e4:b9:84:e0:4e:c7:27:28:
77:e9:f7:db:56:fd:01:ab:2f:b7:a5:ef:8d:bf:dc:d8:ab:bb:
c4:b5:a5:dd:67:86:2a:93:2a:0e:6d:d4:e5:17:77:8a:ed:07:
b4:70:ae:b1:cf:91:21:10:1d:54:0a:8e:d4:c9:97:70:e0:30:
01:34:94:51:69:c7:a2:9f:48:46:2e:01:e9:2c:9b:06:b3:9b:
a9:d9:ed:42:a6:aa:5a:05:14:b2:b2:dd:88:62:1e:b9:4e:da:
36:3a:67:49:5b:49:f9:68:17:8f:69:12:3b:b3:22:b1:13:9d:
05:fc:d1:84:2b:e3:a7:10:33:c1:3b:5b:1c:4d:49:25:a3:26:
99:66:04:f7:78:e3:a8:c2:5b:ca:70:b2:de:f9:73:5a:38:96:
56:12:14:0d:d4:57:ff:a1:2d:e2:8e:e5:83:a7:59:7d:15:b4:
e2:51:8c:c1:17:0d:e4:4c:bf:d4:3c:4f:70:9c:d7:2c:e8:25:
0c:10:b5:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7BlycOmytwp6d5GQG9pVosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMGE4OGQ3ZTVhNTY1ZWE3MTljZmM0MGQ4YmI2M2VlMTY3
MTg1NmEwHhcNMjQwNDA5MDY0MTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFkODVmZTZkOTNiNTA3NWFiMmU1MjE0ZWRmNjhlNTgwNTExMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD1RGcKndMJEdn4rWw27aYTymYXD
UKhPVwE4NHCgvmwzW1jqARlr3A/xRkl8YX4vtrkny9HdzQ0gSOJdly26HLZuYfUV
iTOUnX0/gJPV62gghlSVQWsVzxrS7Kxlalvi8bjyGQcDCfePH/BO9i17aX5hIdWi
QbhyZNNp4hKNqKeTxvQlFwhIoEzIQSWH1REXgfA5Poav5R2JfZFER1ibXY1/9VRa
HkliCPggkW59PAf8K+AMffuaAa4Re5IkFWcUm+XQOYYJdI6cjq/T0PFT6+/sQLVr
NEzi+ph/HC5MeZLWXob2ow+XhHsQg/gWgoKp3WhecfQo5HlQU2SsE+uHGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEdhf5tk7UHWrLlIU7faOWAURNHMB8GA1UdIwQY
MBaAFMAKiNflpWXqcZz8QNi7Y+4WcYVqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0FxSTEtV2xaZXB4blB4QTJMdGo3aFp4aFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zNGI0OGYtNzBjMC00MDA0LWJhMGYt
ZGUzYzhkOTUzZWM1LzEvb1IyRl9tMlR0UWRhc3VVaFR0OW81WUJSRTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zNGI0OGYtNzBjMC00MDA0LWJhMGYtZGUzYzhkOTUzZWM1
LzEvd0FxSTEtV2xaZXB4blB4QTJMdGo3aFp4aFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwTkcMA0G
CSqGSIb3DQEBCwUAA4IBAQCKwPxLBgreSRQoo2ylIR5sq7yT6H/51FefsBI5fukj
czIvl+XPZjJP+DKDVB7J5iS6qcqZuKLL7DLXrNbksq1C5LmE4E7HJyh36ffbVv0B
qy+3pe+Nv9zYq7vEtaXdZ4YqkyoObdTlF3eK7Qe0cK6xz5EhEB1UCo7UyZdw4DAB
NJRRacein0hGLgHpLJsGs5up2e1CpqpaBRSyst2IYh65Tto2OmdJW0n5aBePaRI7
syKxE50F/NGEK+OnEDPBO1scTUkloyaZZgT3eOOowlvKcLLe+XNaOJZWEhQN1Ff/
oS3ijuWDp1l9FbTiUYzBFw3kTL/UPE9wnNcs6CUMELXy
-----END CERTIFICATE-----
Generated at Wed Apr 23 12:59:26 2025 by rpki-client