Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/7dfa04-7c2c-4ac3-a66b-0c180a0841ab/1/4t4qbE7XJHOMxDritWykDWYFs3s.roa
File: 4t4qbE7XJHOMxDritWykDWYFs3s.roa (raw, json)
Hash identifier: Dc7SLcgR5MN0wArZWbaFYHX16jk4EspKC824JBr2dQQ=
Subject key identifier: E2:DE:2A:6C:4E:D7:24:73:8C:C4:3A:E2:B5:6C:A4:0D:66:05:B3:7B
Certificate issuer: /CN=48679a22d0dbc980d5d59b333679f939b9ae3f25
Certificate serial: 018CC5DCF82DE8015E5DBEB8366E27E160A5
Authority key identifier: 48:67:9A:22:D0:DB:C9:80:D5:D5:9B:33:36:79:F9:39:B9:AE:3F:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGeaItDbyYDV1ZszNnn5ObmuPyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/7dfa04-7c2c-4ac3-a66b-0c180a0841ab/1/4t4qbE7XJHOMxDritWykDWYFs3s.roa
Signing time: Mon 01 Jan 2024 16:30:42 +0000
ROA not before: Mon 01 Jan 2024 16:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50156
IP address blocks: 195.200.224.0/23 maxlen: 23
195.200.225.0/24 maxlen: 24
2001:67c:344::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:f8:2d:e8:01:5e:5d:be:b8:36:6e:27:e1:60:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48679a22d0dbc980d5d59b333679f939b9ae3f25
Validity
Not Before: Jan 1 16:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2de2a6c4ed724738cc43ae2b56ca40d6605b37b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a6:43:ae:e5:20:34:f5:9f:bb:0a:9e:38:b8:
65:1b:31:66:59:e3:70:3e:a3:66:ea:a5:05:d5:70:
8c:a6:c5:e5:bc:e1:2f:43:4e:00:34:65:c0:88:54:
be:c9:2e:4f:30:a5:2c:34:5a:10:19:b1:de:28:7a:
43:3d:9c:e1:c2:bc:5b:b1:f6:a0:e5:08:26:4b:fe:
7f:52:9a:39:a6:2c:89:5d:11:62:38:ec:27:34:00:
7f:09:f3:1f:d0:c7:ce:d0:c2:ab:b1:1d:03:93:d6:
c9:97:7d:f2:94:16:bb:13:a9:b5:44:f3:9e:cd:15:
6f:82:48:4a:17:a2:81:7d:0f:c2:39:e0:bb:8e:29:
1e:c1:03:7f:37:f4:bb:e4:7b:6f:27:e7:df:e3:e8:
20:de:f0:da:c5:d4:b7:3f:ff:49:be:cb:66:0b:61:
4d:1a:58:cb:c5:72:74:8b:49:89:95:36:ff:8e:ef:
ec:31:c4:05:f0:f0:a0:71:c5:56:61:ee:a8:18:4e:
bd:fe:55:ef:87:95:63:8a:2c:5d:39:33:fd:1c:71:
29:e0:b2:57:59:ae:69:76:b5:53:41:f7:f9:d7:43:
05:6e:00:ad:02:72:0c:e5:db:0f:a0:ce:40:3a:82:
b6:71:4d:18:2e:6b:ff:e1:09:d9:57:71:6e:24:aa:
d3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DE:2A:6C:4E:D7:24:73:8C:C4:3A:E2:B5:6C:A4:0D:66:05:B3:7B
X509v3 Authority Key Identifier:
keyid:48:67:9A:22:D0:DB:C9:80:D5:D5:9B:33:36:79:F9:39:B9:AE:3F:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGeaItDbyYDV1ZszNnn5ObmuPyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7dfa04-7c2c-4ac3-a66b-0c180a0841ab/1/4t4qbE7XJHOMxDritWykDWYFs3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/7dfa04-7c2c-4ac3-a66b-0c180a0841ab/1/SGeaItDbyYDV1ZszNnn5ObmuPyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.200.224.0/23
IPv6:
2001:67c:344::/48
Signature Algorithm: sha256WithRSAEncryption
b9:d7:e2:99:9c:ac:15:94:a8:aa:da:0b:e2:28:e9:ad:21:56:
6c:a7:99:ec:96:06:b5:fb:98:c0:d9:46:dc:bd:fa:d5:c4:cf:
bf:d9:34:a8:19:50:aa:36:e7:5f:37:02:5b:fc:4d:6f:a7:5a:
25:21:8b:40:2e:98:19:19:32:2b:21:a7:27:fd:00:ee:46:f2:
d5:49:df:97:08:ae:16:37:fc:b5:5c:e1:43:2a:83:fd:db:77:
ca:75:ef:80:01:84:e9:ac:fa:19:8c:56:11:4f:a2:7e:de:da:
d0:6a:22:54:22:00:35:ca:c2:5e:2f:e1:0e:7f:46:b7:71:45:
c1:20:11:fc:09:44:cb:63:b2:0b:26:72:6c:35:96:da:21:27:
09:ee:4e:b7:3b:80:2a:91:3e:dc:56:ca:91:13:4c:5a:82:e7:
c4:df:bb:fc:be:df:52:64:8b:3d:b4:c4:8c:cc:fb:a3:5b:eb:
2c:d4:9a:14:c8:50:9d:c7:fb:c5:6e:6c:16:b3:a8:f2:b8:b0:
a3:dc:e1:f0:58:7e:81:09:00:f8:f0:13:95:4b:f9:c8:19:be:
88:26:4b:a4:82:35:b3:d3:bf:e9:91:8e:bd:33:3f:3f:54:13:
b3:97:69:1f:68:39:0c:7c:d0:17:59:9d:e3:b4:e0:e4:32:38:
b9:71:62:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3Pgt6AFeXb64Nm4n4WClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4Njc5YTIyZDBkYmM5ODBkNWQ1OWIzMzM2NzlmOTM5Yjlh
ZTNmMjUwHhcNMjQwMTAxMTYzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmRlMmE2YzRlZDcyNDczOGNjNDNhZTJiNTZjYTQwZDY2MDViMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqZDruUgNPWfuwqeOLhlGzFmWeNw
PqNm6qUF1XCMpsXlvOEvQ04ANGXAiFS+yS5PMKUsNFoQGbHeKHpDPZzhwrxbsfag
5QgmS/5/Upo5piyJXRFiOOwnNAB/CfMf0MfO0MKrsR0Dk9bJl33ylBa7E6m1RPOe
zRVvgkhKF6KBfQ/COeC7jikewQN/N/S75HtvJ+ff4+gg3vDaxdS3P/9JvstmC2FN
GljLxXJ0i0mJlTb/ju/sMcQF8PCgccVWYe6oGE69/lXvh5VjiixdOTP9HHEp4LJX
Wa5pdrVTQff510MFbgCtAnIM5dsPoM5AOoK2cU0YLmv/4QnZV3FuJKrTAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOLeKmxO1yRzjMQ64rVspA1mBbN7MB8GA1UdIwQY
MBaAFEhnmiLQ28mA1dWbMzZ5+Tm5rj8lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0dlYUl0RGJ5WURWMVpzek5ubjVPYm11UHlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83ZGZhMDQtN2MyYy00YWMzLWE2NmIt
MGMxODBhMDg0MWFiLzEvNHQ0cWJFN1hKSE9NeERyaXRXeWtEV1lGczNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83ZGZhMDQtN2MyYy00YWMzLWE2NmItMGMxODBhMDg0MWFi
LzEvU0dlYUl0RGJ5WURWMVpzek5ubjVPYm11UHlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw8jgMA8E
AgACMAkDBwAgAQZ8A0QwDQYJKoZIhvcNAQELBQADggEBALnX4pmcrBWUqKraC+Io
6a0hVmynmeyWBrX7mMDZRty9+tXEz7/ZNKgZUKo25183Alv8TW+nWiUhi0AumBkZ
Mishpyf9AO5G8tVJ35cIrhY3/LVc4UMqg/3bd8p174ABhOms+hmMVhFPon7e2tBq
IlQiADXKwl4v4Q5/RrdxRcEgEfwJRMtjsgsmcmw1ltohJwnuTrc7gCqRPtxWypET
TFqC58Tfu/y+31Jkiz20xIzM+6Nb6yzUmhTIUJ3H+8VubBazqPK4sKPc4fBYfoEJ
APjwE5VL+cgZvogmS6SCNbPTv+mRjr0zPz9UE7OXaR9oOQx80BdZneO04OQyOLlx
Yi4=
-----END CERTIFICATE-----
Generated at Sun Mar 9 18:59:46 2025 by rpki-client