Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2D7ZQE7ENq11alRSjN5pLkDm3iU.roa
File: 2D7ZQE7ENq11alRSjN5pLkDm3iU.roa (raw, json)
Hash identifier: NKWni8qTNhd2/BsIlgEGHSFZc9WHgJo5WlaMVwFRnwA=
Subject key identifier: D8:3E:D9:40:4E:C4:36:AD:75:6A:54:52:8C:DE:69:2E:40:E6:DE:25
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01936CD5C94CD5BA9115DE50D153DA056E67
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2D7ZQE7ENq11alRSjN5pLkDm3iU.roa
Signing time: Wed 27 Nov 2024 08:56:10 +0000
ROA not before: Wed 27 Nov 2024 08:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212025
IP address blocks: 193.124.207.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:d5:c9:4c:d5:ba:91:15:de:50:d1:53:da:05:6e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 27 08:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d83ed9404ec436ad756a54528cde692e40e6de25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0d:37:fa:82:46:3e:63:b9:55:92:41:24:6a:
cc:74:6f:f4:51:5b:e2:37:93:b3:b5:0e:74:80:94:
99:96:e8:87:9f:8f:4b:cf:fc:c6:ee:28:b1:90:ac:
bf:07:8a:06:a3:f3:d5:a0:ca:51:b7:8c:7a:87:24:
07:2f:26:29:e9:49:9f:10:e6:1f:47:33:64:51:ac:
9e:b2:7c:16:9a:8a:fa:5a:91:16:29:36:3b:1b:22:
a2:26:b7:e2:34:72:a0:3b:f9:a8:7d:2f:1c:5c:d3:
9e:56:d6:1e:c6:ae:c9:4c:5e:4d:7a:76:87:c9:86:
6c:56:5f:04:50:fd:0f:1d:84:37:e0:f5:e8:c1:7d:
9a:f5:d3:8b:b7:64:fd:90:dc:b8:c6:e3:1e:1c:04:
a2:57:60:f1:ff:21:16:03:89:7c:42:69:65:3c:94:
b1:b3:f9:96:d8:b7:51:9a:6f:23:b1:c8:69:01:f0:
80:0b:f1:24:3d:a3:b9:1a:0c:95:26:3d:53:54:9f:
11:63:45:a6:73:ae:1c:af:35:bc:ca:f4:c4:44:5c:
37:54:a6:c9:be:fd:44:75:68:75:c0:ec:be:b2:02:
a3:b7:85:cc:58:4d:42:7e:b0:d7:ab:0d:39:84:0c:
d6:da:69:a0:91:ed:0b:84:9e:83:c9:d5:af:75:10:
22:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3E:D9:40:4E:C4:36:AD:75:6A:54:52:8C:DE:69:2E:40:E6:DE:25
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/2D7ZQE7ENq11alRSjN5pLkDm3iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.207.0/24
212.192.241.0/24
Signature Algorithm: sha256WithRSAEncryption
08:8f:16:97:19:8f:4a:5e:bb:7a:04:76:e9:5b:83:c4:ef:bc:
3a:eb:34:82:42:39:66:ca:1a:b3:7e:d2:4b:cc:50:5a:f5:6f:
fd:22:c0:db:35:40:49:3d:1d:47:37:8c:f8:ef:60:bb:d0:76:
e3:9b:6a:40:7e:39:77:0d:08:ad:01:e8:05:af:fb:41:b8:2b:
4b:d1:4e:f1:7f:bb:17:38:f9:08:63:cf:d8:76:e5:56:fb:c9:
7c:a9:66:83:ae:cc:0e:14:47:fa:ae:bc:a1:17:c8:b6:32:be:
37:08:52:c4:b3:db:07:f3:26:e3:3e:14:85:72:1c:1f:6a:50:
12:1b:96:59:6e:f2:43:b5:8b:7d:f3:12:bb:76:02:f1:c1:00:
a1:da:6c:e9:ed:7d:97:f3:e6:98:8d:b6:45:c5:fa:94:61:7b:
67:da:70:b3:a1:c1:eb:36:38:93:84:e9:e2:92:05:b4:b4:c5:
f6:db:39:cb:c3:42:aa:18:05:d2:9d:87:50:55:41:50:82:e5:
8e:56:d0:b3:32:7a:92:f0:b9:7d:40:b9:9e:2e:54:80:40:db:
30:fa:45:c7:8b:ee:56:0d:26:ce:68:ef:38:e0:a7:b1:b9:c6:
d1:bb:49:b3:8d:00:67:a0:96:c0:6a:20:57:4a:20:6c:03:8b:
b6:c2:62:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNs1clM1bqRFd5Q0VPaBW5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTI3MDg1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODNlZDk0MDRlYzQzNmFkNzU2YTU0NTI4Y2RlNjkyZTQwZTZkZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg03+oJGPmO5VZJBJGrMdG/0UVvi
N5OztQ50gJSZluiHn49Lz/zG7iixkKy/B4oGo/PVoMpRt4x6hyQHLyYp6UmfEOYf
RzNkUayesnwWmor6WpEWKTY7GyKiJrfiNHKgO/mofS8cXNOeVtYexq7JTF5NenaH
yYZsVl8EUP0PHYQ34PXowX2a9dOLt2T9kNy4xuMeHASiV2Dx/yEWA4l8QmllPJSx
s/mW2LdRmm8jschpAfCAC/EkPaO5GgyVJj1TVJ8RY0Wmc64crzW8yvTERFw3VKbJ
vv1EdWh1wOy+sgKjt4XMWE1CfrDXqw05hAzW2mmgke0LhJ6DydWvdRAiAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNg+2UBOxDatdWpUUozeaS5A5t4lMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvMkQ3WlFFN0VOcTExYWxSU2pONXBMa0RtM2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwXzPAwQA
1MDxMA0GCSqGSIb3DQEBCwUAA4IBAQAIjxaXGY9KXrt6BHbpW4PE77w66zSCQjlm
yhqzftJLzFBa9W/9IsDbNUBJPR1HN4z472C70Hbjm2pAfjl3DQitAegFr/tBuCtL
0U7xf7sXOPkIY8/YduVW+8l8qWaDrswOFEf6rryhF8i2Mr43CFLEs9sH8ybjPhSF
chwfalASG5ZZbvJDtYt98xK7dgLxwQCh2mzp7X2X8+aYjbZFxfqUYXtn2nCzocHr
NjiThOnikgW0tMX22znLw0KqGAXSnYdQVUFQguWOVtCzMnqS8Ll9QLmeLlSAQNsw
+kXHi+5WDSbOaO844KexucbRu0mzjQBnoJbAaiBXSiBsA4u2wmJH
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:19:31 2025 by rpki-client