Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DvFUtX6FfjG7yBgB9MgLdnnZUHM.roa
File: DvFUtX6FfjG7yBgB9MgLdnnZUHM.roa (raw, json)
Hash identifier: eCO7BBka3/FarWWbw/HXw+HUukb9/k5P/PATnS3DnN0=
Subject key identifier: 0E:F1:54:B5:7E:85:7E:31:BB:C8:18:01:F4:C8:0B:76:79:D9:50:73
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193B5776C31ADF9D725DCDC1ED7F0089C46
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DvFUtX6FfjG7yBgB9MgLdnnZUHM.roa
Signing time: Wed 11 Dec 2024 11:25:22 +0000
ROA not before: Wed 11 Dec 2024 11:25:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:77:6c:31:ad:f9:d7:25:dc:dc:1e:d7:f0:08:9c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 11 11:25:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ef154b57e857e31bbc81801f4c80b7679d95073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6b:4b:f3:db:2d:63:9d:2b:e1:79:54:8f:89:
a2:87:f6:fc:95:d3:74:dc:2a:d7:2f:bd:ad:11:e7:
e0:34:90:d8:b7:63:8e:6f:5e:f9:3d:fa:21:19:a6:
27:e0:38:57:7f:22:ae:05:ba:cf:40:c1:1c:3c:e0:
58:da:d1:ef:e7:a8:5d:4b:bd:df:93:c1:36:dd:2e:
be:83:16:20:4d:7b:0b:f6:17:06:6d:08:9d:7c:69:
5a:4b:74:2b:0b:ea:c4:2f:da:ac:4d:2f:ac:06:f3:
64:c1:10:83:6a:ac:76:7b:6b:e0:1c:50:a9:b0:b9:
07:0b:99:af:e7:6e:e1:73:78:b3:b9:66:9a:c2:06:
11:e6:68:97:a4:35:c9:b8:64:02:d7:c4:c8:55:88:
a6:5b:45:1c:f2:ee:12:fb:b4:b8:52:99:8d:78:6e:
ad:b5:07:0f:ec:6c:ab:1c:c8:7a:2f:6b:d1:a5:70:
ec:c3:10:82:92:8c:dd:53:25:2f:11:0e:d4:56:b3:
c8:75:d5:55:40:06:64:2f:8f:29:37:14:6b:90:cb:
48:84:cf:7e:11:cf:78:73:af:7b:f1:48:3e:84:f6:
7f:12:4c:b3:e5:7d:bd:3e:cb:78:ce:6b:eb:3f:8d:
c9:e0:40:53:ad:ab:b0:62:e7:ad:fc:a4:2e:27:3a:
aa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:F1:54:B5:7E:85:7E:31:BB:C8:18:01:F4:C8:0B:76:79:D9:50:73
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/DvFUtX6FfjG7yBgB9MgLdnnZUHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.24.0/24
194.87.123.0/24
194.135.104.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
18:bc:cb:5e:f1:67:3b:8e:5e:a3:23:0d:bb:09:29:9f:0b:8b:
98:e1:15:14:90:e7:8e:9e:15:ce:b7:da:25:b7:1b:ce:1b:56:
55:8c:ba:01:0c:75:ec:d0:32:2e:12:ba:04:19:fc:cf:94:b8:
9b:c8:b6:a8:70:4a:37:3c:a2:7d:8b:78:97:35:05:d1:f7:eb:
60:89:36:ad:9e:49:1f:a9:45:9c:ab:6b:c6:55:ab:9f:4c:4e:
61:06:f5:86:70:85:1f:ea:da:9c:f5:1d:44:30:1c:5f:6a:a2:
5a:00:11:37:c0:d0:b0:39:81:42:c8:fb:a6:12:a4:d0:23:32:
49:10:95:71:61:fc:7c:7c:97:a4:17:ed:53:f6:1d:31:39:ac:
80:cc:81:e1:0b:fd:5e:83:97:89:40:12:7d:a3:b1:3c:c8:87:
6c:27:a9:9d:75:4e:b1:18:6e:c9:93:76:87:c7:fc:24:94:64:
5a:00:65:12:11:24:99:9e:ea:5c:f6:ce:cc:94:bd:20:57:97:
5a:fa:06:23:f6:25:10:b5:53:bb:1f:77:f2:12:ba:30:b3:3f:
05:c8:39:66:8b:9f:39:b3:44:2e:57:d4:89:e6:2c:e9:31:ea:
19:f3:44:5e:e1:9c:b5:70:95:cf:29:29:32:95:5a:03:89:11:
0e:e6:24:cd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZO1d2wxrfnXJdzcHtfwCJxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjExMTEyNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWYxNTRiNTdlODU3ZTMxYmJjODE4MDFmNGM4MGI3Njc5ZDk1MDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2tL89stY50r4XlUj4mih/b8ldN0
3CrXL72tEefgNJDYt2OOb175PfohGaYn4DhXfyKuBbrPQMEcPOBY2tHv56hdS73f
k8E23S6+gxYgTXsL9hcGbQidfGlaS3QrC+rEL9qsTS+sBvNkwRCDaqx2e2vgHFCp
sLkHC5mv527hc3izuWaawgYR5miXpDXJuGQC18TIVYimW0Uc8u4S+7S4UpmNeG6t
tQcP7GyrHMh6L2vRpXDswxCCkozdUyUvEQ7UVrPIddVVQAZkL48pNxRrkMtIhM9+
Ec94c6978Ug+hPZ/Ekyz5X29Pst4zmvrP43J4EBTrauwYuet/KQuJzqqFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFA7xVLV+hX4xu8gYAfTIC3Z52VBzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRHZGVXRYNkZmakc3eUJnQjlNZ0xkbm5aVUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwYAwQA
wld7AwQAwodoAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQAYvMte8Wc7jl6jIw27
CSmfC4uY4RUUkOeOnhXOt9oltxvOG1ZVjLoBDHXs0DIuEroEGfzPlLibyLaocEo3
PKJ9i3iXNQXR9+tgiTatnkkfqUWcq2vGVaufTE5hBvWGcIUf6tqc9R1EMBxfaqJa
ABE3wNCwOYFCyPumEqTQIzJJEJVxYfx8fJekF+1T9h0xOayAzIHhC/1eg5eJQBJ9
o7E8yIdsJ6mddU6xGG7Jk3aHx/wklGRaAGUSESSZnupc9s7MlL0gV5da+gYj9iUQ
tVO7H3fyErowsz8FyDlmi585s0QuV9SJ5izpMeoZ80Re4Zy1cJXPKSkylVoDiREO
5iTN
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:13 2025 by rpki-client