Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4bxRo7BvdmXs1O2sgZB1RB1QvLo.roa
File: 4bxRo7BvdmXs1O2sgZB1RB1QvLo.roa (raw, json)
Hash identifier: 8Hjew0AI9PCR7nVm01hx9lSgkRjZ++Q9MYPuI+ubl3s=
Subject key identifier: E1:BC:51:A3:B0:6F:76:65:EC:D4:ED:AC:81:90:75:44:1D:50:BC:BA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193C9CE06F426B7771A1F636F21F32494D5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4bxRo7BvdmXs1O2sgZB1RB1QvLo.roa
Signing time: Sun 15 Dec 2024 10:12:22 +0000
ROA not before: Sun 15 Dec 2024 10:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214300
IP address blocks: 193.124.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c9:ce:06:f4:26:b7:77:1a:1f:63:6f:21:f3:24:94:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 15 10:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1bc51a3b06f7665ecd4edac819075441d50bcba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:54:c9:61:f8:9e:93:78:79:b7:f6:18:0f:6d:
77:a6:13:cc:1c:0a:bd:8e:45:80:b4:26:68:dd:a1:
13:d2:ae:d7:a6:1f:be:f3:71:26:2f:a9:1d:37:35:
9f:31:20:2e:f6:46:89:50:a6:c0:e0:41:2b:f8:51:
c2:90:5b:ee:22:21:fc:d7:76:84:d0:c9:a9:bd:55:
1a:64:98:54:cc:44:be:88:30:0a:8f:09:b2:a9:82:
3f:77:ba:13:c9:42:58:9f:f9:0b:00:b1:4c:1b:8c:
a3:26:0f:7e:df:26:c8:e7:12:a5:bb:bb:9d:a0:90:
57:e9:bc:87:2d:52:a7:b0:f1:b9:3c:f8:2b:5f:4e:
a0:55:80:b2:0b:91:03:83:b8:19:f1:a7:ab:3e:74:
eb:73:1d:75:0e:b4:2e:df:38:2f:00:bd:ef:64:39:
b3:34:26:1b:05:94:32:51:fe:9a:a4:3d:2d:20:07:
fb:d3:20:66:35:68:03:c8:a5:5e:8c:82:a6:67:e3:
03:a8:d0:b6:6b:d3:9d:b6:bc:f7:25:e2:57:9e:b7:
5d:eb:7c:59:0a:27:9d:a3:e5:9f:b9:52:ed:67:12:
a0:54:d9:5a:2e:08:17:44:92:eb:5a:d0:af:74:df:
3c:f2:91:ab:80:8e:02:d1:4a:57:8a:97:42:d9:5f:
29:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BC:51:A3:B0:6F:76:65:EC:D4:ED:AC:81:90:75:44:1D:50:BC:BA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/4bxRo7BvdmXs1O2sgZB1RB1QvLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.89.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f7:9c:3e:2f:bb:c9:b2:1f:c8:44:db:2d:07:39:b6:25:4e:
61:d8:dc:c9:08:c5:cb:08:90:a1:86:59:78:99:eb:34:26:fd:
52:39:1c:cd:68:9b:d0:78:26:92:d4:62:bf:38:a5:a0:75:17:
3c:eb:11:8e:e7:38:2c:37:1e:dc:2e:1b:d6:a4:a0:54:8f:43:
21:c9:c6:32:0f:d6:a4:e7:f4:aa:69:ff:fd:f5:23:d0:a9:e1:
bd:16:72:66:d9:51:1c:c0:95:21:47:63:0f:9b:34:04:1a:fe:
36:05:47:b3:e9:e9:4d:ce:b5:6f:15:4f:f5:0f:31:09:e7:fd:
cc:1e:5f:b5:f4:da:a0:66:1d:26:13:03:59:e7:a9:76:cd:b9:
f3:43:6a:8c:20:c2:6c:b3:ed:cc:2b:31:c4:77:79:34:f6:ba:
da:4c:7d:42:cf:a3:b5:45:f6:71:1f:7e:25:8d:e9:95:b8:d0:
5f:74:71:89:8a:c6:0d:d1:0d:d7:13:cf:5e:b0:53:d9:81:9e:
fb:ff:86:b0:dc:b1:e8:69:e8:d7:dd:3c:0d:a5:db:e1:52:47:
44:30:bf:38:4e:77:bd:46:9f:c7:19:c5:75:a9:50:af:d4:35:
13:85:bf:77:1c:f6:39:59:4e:af:b6:f5:03:00:be:b7:e1:d4:
b3:da:ee:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPJzgb0Jrd3Gh9jbyHzJJTVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjE1MTAxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWJjNTFhM2IwNmY3NjY1ZWNkNGVkYWM4MTkwNzU0NDFkNTBiY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVTJYfiek3h5t/YYD213phPMHAq9
jkWAtCZo3aET0q7Xph++83EmL6kdNzWfMSAu9kaJUKbA4EEr+FHCkFvuIiH813aE
0MmpvVUaZJhUzES+iDAKjwmyqYI/d7oTyUJYn/kLALFMG4yjJg9+3ybI5xKlu7ud
oJBX6byHLVKnsPG5PPgrX06gVYCyC5EDg7gZ8aerPnTrcx11DrQu3zgvAL3vZDmz
NCYbBZQyUf6apD0tIAf70yBmNWgDyKVejIKmZ+MDqNC2a9Odtrz3JeJXnrdd63xZ
Ciedo+WfuVLtZxKgVNlaLggXRJLrWtCvdN888pGrgI4C0UpXipdC2V8pVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOG8UaOwb3Zl7NTtrIGQdUQdULy6MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNGJ4Um83QnZkbVhzMU8yc2daQjFSQjFRdkxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXxZMA0G
CSqGSIb3DQEBCwUAA4IBAQCM95w+L7vJsh/IRNstBzm2JU5h2NzJCMXLCJChhll4
mes0Jv1SORzNaJvQeCaS1GK/OKWgdRc86xGO5zgsNx7cLhvWpKBUj0MhycYyD9ak
5/Sqaf/99SPQqeG9FnJm2VEcwJUhR2MPmzQEGv42BUez6elNzrVvFU/1DzEJ5/3M
Hl+19NqgZh0mEwNZ56l2zbnzQ2qMIMJss+3MKzHEd3k09rraTH1Cz6O1RfZxH34l
jemVuNBfdHGJisYN0Q3XE89esFPZgZ77/4aw3LHoaejX3TwNpdvhUkdEML84Tne9
Rp/HGcV1qVCv1DUThb93HPY5WU6vtvUDAL634dSz2u65
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:35:15 2025 by rpki-client