Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/pRrC0WYKdtmVU7KWR-qr44drTNk.roa
File: pRrC0WYKdtmVU7KWR-qr44drTNk.roa (raw, json)
Hash identifier: 8gNtVtgTsaKfvHOQASEM4sxWSOGcVNm30f/06HtyXyY=
Subject key identifier: A5:1A:C2:D1:66:0A:76:D9:95:53:B2:96:47:EA:AB:E3:87:6B:4C:D9
Certificate issuer: /CN=cd8e8ebd80fcf884975e42b46bf4e548793f29cb
Certificate serial: 018E5B368B373AE3F4953C7885F21E775424
Authority key identifier: CD:8E:8E:BD:80:FC:F8:84:97:5E:42:B4:6B:F4:E5:48:79:3F:29:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/pRrC0WYKdtmVU7KWR-qr44drTNk.roa
Signing time: Wed 20 Mar 2024 09:34:44 +0000
ROA not before: Wed 20 Mar 2024 09:34:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25248
IP address blocks: 193.34.80.0/24 maxlen: 24
2a10:d840::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 30 Mar 2024 16:56:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:36:8b:37:3a:e3:f4:95:3c:78:85:f2:1e:77:54:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8e8ebd80fcf884975e42b46bf4e548793f29cb
Validity
Not Before: Mar 20 09:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a51ac2d1660a76d99553b29647eaabe3876b4cd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1c:91:6d:9f:96:87:6f:dc:ee:0e:d1:f7:fe:
36:49:f4:e3:d3:36:09:10:30:62:4e:d5:27:ce:3a:
7f:df:1d:2d:12:2b:ad:10:e6:b7:ca:17:41:f8:62:
2a:29:14:87:dd:ed:7d:6b:7b:79:9f:8c:8d:da:ce:
0d:0c:f0:7e:66:92:4b:f5:9b:4a:33:5e:19:a9:0e:
2a:03:0d:dc:70:50:3a:9e:c1:9e:dd:08:d8:c8:93:
ca:a9:11:9e:0e:d9:1a:46:20:b9:d9:cb:67:6f:0a:
74:b3:e7:c7:17:22:4a:1f:6d:6e:a1:b0:28:b4:f8:
b6:9b:4e:68:75:99:38:88:d6:40:c4:c2:22:48:4a:
f4:94:29:77:a5:b7:65:a1:81:f3:f1:54:42:ee:45:
f4:f8:05:65:c6:c0:23:e8:6c:39:9b:cb:8b:92:a9:
8a:de:71:66:b8:e0:7c:40:f4:b0:34:d0:7e:e7:1c:
5b:f6:a6:82:e2:e1:72:c8:a0:c4:e5:4a:cb:8e:a5:
cd:e1:cc:e3:db:e9:1d:bf:3b:ef:f3:95:55:fe:c2:
37:33:4c:f3:7b:76:1b:df:d7:28:0a:49:58:38:f8:
b4:88:a6:7b:1b:24:ef:62:24:10:1b:33:98:06:81:
e9:40:56:fc:e0:fe:1c:4d:48:7b:f4:e6:3c:d1:f6:
2c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1A:C2:D1:66:0A:76:D9:95:53:B2:96:47:EA:AB:E3:87:6B:4C:D9
X509v3 Authority Key Identifier:
keyid:CD:8E:8E:BD:80:FC:F8:84:97:5E:42:B4:6B:F4:E5:48:79:3F:29:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/pRrC0WYKdtmVU7KWR-qr44drTNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.80.0/24
IPv6:
2a10:d840::/29
Signature Algorithm: sha256WithRSAEncryption
92:cd:0b:77:b5:05:3d:0c:f5:87:ac:a7:5d:3b:9f:96:bd:6e:
5f:03:11:bd:e3:ba:5d:bf:04:b2:e8:84:5a:43:a4:62:fb:1c:
b4:6e:9a:1e:6c:f0:e3:05:8a:7c:aa:61:f9:82:c4:ea:ef:b9:
42:7d:18:f0:f3:9d:2e:25:78:0a:69:f0:e2:03:1c:a5:3e:66:
17:14:a7:21:56:58:12:4c:c0:66:a3:c0:5c:bb:06:78:73:2d:
e6:b4:73:93:10:22:a7:a7:7f:b2:72:b4:0a:2a:bd:c6:23:7b:
48:37:5a:20:2a:69:59:66:a0:ec:79:4e:e1:a9:af:80:ec:08:
e3:3e:a1:ea:19:9e:ba:0f:18:d3:56:e1:59:ee:98:f8:fb:d8:
ca:2d:d4:e7:2d:39:65:30:ce:35:92:65:1e:2b:59:ba:65:5a:
8e:8a:07:36:23:4c:a6:af:af:a1:3d:73:d8:3f:ac:23:eb:43:
b0:28:17:fc:2e:87:20:18:1f:92:ad:59:7f:80:78:21:35:60:
f6:de:74:d2:55:12:eb:4a:44:d9:91:33:4b:ac:b0:f5:42:fa:
71:53:74:8a:3f:1e:d3:83:05:e4:33:bf:36:7c:46:1a:0f:95:
12:56:9a:df:f3:38:94:ca:84:7f:0e:3f:dc:b2:58:66:6d:a8:
0f:c2:c7:35
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY5bNos3OuP0lTx4hfIed1QkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOGU4ZWJkODBmY2Y4ODQ5NzVlNDJiNDZiZjRlNTQ4Nzkz
ZjI5Y2IwHhcNMjQwMzIwMDkzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTFhYzJkMTY2MGE3NmQ5OTU1M2IyOTY0N2VhYWJlMzg3NmI0Y2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRyRbZ+Wh2/c7g7R9/42SfTj0zYJ
EDBiTtUnzjp/3x0tEiutEOa3yhdB+GIqKRSH3e19a3t5n4yN2s4NDPB+ZpJL9ZtK
M14ZqQ4qAw3ccFA6nsGe3QjYyJPKqRGeDtkaRiC52ctnbwp0s+fHFyJKH21uobAo
tPi2m05odZk4iNZAxMIiSEr0lCl3pbdloYHz8VRC7kX0+AVlxsAj6Gw5m8uLkqmK
3nFmuOB8QPSwNNB+5xxb9qaC4uFyyKDE5UrLjqXN4czj2+kdvzvv85VV/sI3M0zz
e3Yb39coCklYOPi0iKZ7GyTvYiQQGzOYBoHpQFb84P4cTUh79OY80fYsIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKUawtFmCnbZlVOylkfqq+OHa0zZMB8GA1UdIwQY
MBaAFM2Ojr2A/PiEl15CtGv05Uh5PynLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelk2T3ZZRDgtSVNYWGtLMGFfVGxTSGtfS2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9kYzhmOWItMDZkNi00NGQzLTlhMzgt
Mjg2YTVlZTZlMDQzLzEvcFJyQzBXWUtkdG1WVTdLV1ItcXI0NGRyVE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9kYzhmOWItMDZkNi00NGQzLTlhMzgtMjg2YTVlZTZlMDQz
LzEvelk2T3ZZRDgtSVNYWGtLMGFfVGxTSGtfS2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSJQMA0E
AgACMAcDBQMqENhAMA0GCSqGSIb3DQEBCwUAA4IBAQCSzQt3tQU9DPWHrKddO5+W
vW5fAxG947pdvwSy6IRaQ6Ri+xy0bpoebPDjBYp8qmH5gsTq77lCfRjw850uJXgK
afDiAxylPmYXFKchVlgSTMBmo8BcuwZ4cy3mtHOTECKnp3+ycrQKKr3GI3tIN1og
KmlZZqDseU7hqa+A7AjjPqHqGZ66DxjTVuFZ7pj4+9jKLdTnLTllMM41kmUeK1m6
ZVqOigc2I0ymr6+hPXPYP6wj60OwKBf8LocgGB+SrVl/gHghNWD23nTSVRLrSkTZ
kTNLrLD1QvpxU3SKPx7TgwXkM782fEYaD5USVprf8ziUyoR/Dj/cslhmbagPwsc1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:37 2024 by rpki-client on console-ams.rpki-client.org