Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/cUNnTxHHOaFinZi4nQp8JHrUETE.roa
File: cUNnTxHHOaFinZi4nQp8JHrUETE.roa (raw, json)
Hash identifier: MLW5qtn1X0VHdGU9PRHTmOqjd8A04uZWyENyyveHcc0=
Subject key identifier: 71:43:67:4F:11:C7:39:A1:62:9D:98:B8:9D:0A:7C:24:7A:D4:11:31
Certificate issuer: /CN=acebf396c9adf94f84dc901656e255ce6d50660c
Certificate serial: 01938BD85182CB85E7728B1FC525F10C7F9E
Authority key identifier: AC:EB:F3:96:C9:AD:F9:4F:84:DC:90:16:56:E2:55:CE:6D:50:66:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/cUNnTxHHOaFinZi4nQp8JHrUETE.roa
Signing time: Tue 03 Dec 2024 09:27:09 +0000
ROA not before: Tue 03 Dec 2024 09:27:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15779
IP address blocks: 194.153.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:d8:51:82:cb:85:e7:72:8b:1f:c5:25:f1:0c:7f:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acebf396c9adf94f84dc901656e255ce6d50660c
Validity
Not Before: Dec 3 09:27:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7143674f11c739a1629d98b89d0a7c247ad41131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5f:a5:ac:b1:84:0f:6b:f6:ee:f4:3e:ae:20:
92:3b:08:f0:60:4c:4d:a8:58:fe:d8:24:b5:0a:0b:
1b:b8:e5:db:de:a2:94:2e:c8:d5:9a:b0:29:4d:25:
c1:26:99:57:8a:4f:45:c6:05:84:2e:fa:58:33:ae:
b6:ad:b8:92:c7:43:ea:2b:01:87:73:61:9b:9a:6f:
fb:9f:e7:6f:6a:27:e1:84:56:92:56:56:4a:bc:05:
10:4b:de:df:a2:6a:87:ff:2b:cc:83:dd:20:e1:4a:
2e:b8:40:31:24:98:21:d1:06:b4:5c:cd:75:f3:30:
9b:b7:7e:8a:54:85:0c:39:ba:2c:95:40:7a:54:a8:
c7:0a:54:54:a2:33:c6:c8:8b:de:90:9a:53:ea:43:
62:fe:74:4a:c7:e1:ba:4f:4a:99:71:ba:f2:24:60:
c4:2a:ea:db:54:99:aa:6e:db:48:fb:b7:c8:f1:38:
59:4b:ba:63:f1:60:e0:b1:13:40:f4:fa:76:39:f8:
43:d0:a4:54:b9:f8:86:de:47:32:48:09:90:cc:ac:
9b:40:0d:84:b2:20:fa:0c:6a:87:6b:c0:77:c4:52:
3e:41:29:6b:95:8d:50:d3:e5:cc:26:26:7b:97:f7:
54:d3:7b:0f:39:dd:b2:bf:6e:0e:ce:90:24:6e:31:
92:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:43:67:4F:11:C7:39:A1:62:9D:98:B8:9D:0A:7C:24:7A:D4:11:31
X509v3 Authority Key Identifier:
keyid:AC:EB:F3:96:C9:AD:F9:4F:84:DC:90:16:56:E2:55:CE:6D:50:66:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rOvzlsmt-U-E3JAWVuJVzm1QZgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/cUNnTxHHOaFinZi4nQp8JHrUETE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/971dc5-14f3-4d95-b0bd-4847d393ab55/1/rOvzlsmt-U-E3JAWVuJVzm1QZgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.100.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:05:64:fc:46:ae:6f:e4:58:57:e0:c8:c4:01:94:a5:22:4f:
71:f0:de:2f:18:3d:1a:05:d9:4b:5d:3b:ac:a3:2c:17:71:3d:
e9:70:b2:d0:a9:18:d9:ed:97:f5:45:38:0a:dd:cd:86:74:0e:
2c:9d:57:5b:16:73:ad:76:5f:23:06:89:11:77:ce:cd:23:a0:
9e:b7:b5:53:d8:dd:30:5f:7f:06:b9:8b:50:72:fe:17:19:4a:
23:f3:89:de:8a:5f:0e:79:83:01:8f:aa:11:58:ae:a6:9f:af:
6a:06:6c:b1:88:9f:a6:f9:c6:08:a9:45:39:f6:00:e7:a0:dc:
85:e9:f5:bb:36:0e:d2:e3:f2:44:04:1c:5c:e4:4a:4a:49:aa:
a9:7e:2d:c3:21:e4:8a:44:4c:22:24:98:14:f2:4c:89:e1:29:
f0:03:20:92:c3:59:b6:4a:f8:0f:6b:87:d5:20:81:b5:95:63:
2f:d1:0e:9a:f1:a1:65:ca:7d:d2:74:34:ad:ca:21:51:d6:77:
bb:1d:f1:28:f7:d5:cc:ee:d1:7e:6f:a3:49:d5:cc:d2:3f:44:
57:c5:d6:2f:64:2e:f1:09:1e:a3:37:c9:88:b2:8f:17:f7:18:
7c:1b:b5:b6:32:c5:26:d4:56:5e:21:cf:ca:1d:79:a0:9e:58:
f9:77:4a:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOL2FGCy4XncosfxSXxDH+eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZWJmMzk2YzlhZGY5NGY4NGRjOTAxNjU2ZTI1NWNlNmQ1
MDY2MGMwHhcNMjQxMjAzMDkyNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTQzNjc0ZjExYzczOWExNjI5ZDk4Yjg5ZDBhN2MyNDdhZDQxMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1+lrLGED2v27vQ+riCSOwjwYExN
qFj+2CS1CgsbuOXb3qKULsjVmrApTSXBJplXik9FxgWELvpYM662rbiSx0PqKwGH
c2Gbmm/7n+dvaifhhFaSVlZKvAUQS97fomqH/yvMg90g4UouuEAxJJgh0Qa0XM11
8zCbt36KVIUMOboslUB6VKjHClRUojPGyIvekJpT6kNi/nRKx+G6T0qZcbryJGDE
KurbVJmqbttI+7fI8ThZS7pj8WDgsRNA9Pp2OfhD0KRUufiG3kcySAmQzKybQA2E
siD6DGqHa8B3xFI+QSlrlY1Q0+XMJiZ7l/dU03sPOd2yv24OzpAkbjGShQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFDZ08RxzmhYp2YuJ0KfCR61BExMB8GA1UdIwQY
MBaAFKzr85bJrflPhNyQFlbiVc5tUGYMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85NzFkYzUtMTRmMy00ZDk1LWIwYmQt
NDg0N2QzOTNhYjU1LzEvY1VOblR4SEhPYUZpblppNG5RcDhKSHJVRVRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85NzFkYzUtMTRmMy00ZDk1LWIwYmQtNDg0N2QzOTNhYjU1
LzEvck92emxzbXQtVS1FM0pBV1Z1SlZ6bTFRWmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwplkMA0G
CSqGSIb3DQEBCwUAA4IBAQCwBWT8Rq5v5FhX4MjEAZSlIk9x8N4vGD0aBdlLXTus
oywXcT3pcLLQqRjZ7Zf1RTgK3c2GdA4snVdbFnOtdl8jBokRd87NI6Cet7VT2N0w
X38GuYtQcv4XGUoj84neil8OeYMBj6oRWK6mn69qBmyxiJ+m+cYIqUU59gDnoNyF
6fW7Ng7S4/JEBBxc5EpKSaqpfi3DIeSKREwiJJgU8kyJ4SnwAyCSw1m2SvgPa4fV
IIG1lWMv0Q6a8aFlyn3SdDStyiFR1ne7HfEo99XM7tF+b6NJ1czSP0RXxdYvZC7x
CR6jN8mIso8X9xh8G7W2MsUm1FZeIc/KHXmgnlj5d0pk
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:10:24 2025 by rpki-client