Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xyOussdjMZRaCzPNgQFeanLkLdc.roa
File: xyOussdjMZRaCzPNgQFeanLkLdc.roa (raw, json)
Hash identifier: LvxHYATB92WHHvlOYiARNI/za36EMpX9AT7SG03fNwA=
Subject key identifier: C7:23:AE:B2:C7:63:31:94:5A:0B:33:CD:81:01:5E:6A:72:E4:2D:D7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193D095892013FD49FB48DF6414B903F9B3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xyOussdjMZRaCzPNgQFeanLkLdc.roa
Signing time: Mon 16 Dec 2024 17:48:01 +0000
ROA not before: Mon 16 Dec 2024 17:48:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 193.124.7.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
212.193.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d0:95:89:20:13:fd:49:fb:48:df:64:14:b9:03:f9:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 16 17:48:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c723aeb2c76331945a0b33cd81015e6a72e42dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:78:25:a6:56:a7:6b:ea:b8:3d:e8:b7:0f:c9:
e7:94:2f:7e:37:be:b4:80:a4:f4:92:06:00:b2:6d:
5c:5a:70:b4:2b:40:9c:61:6e:9c:d2:17:ed:07:21:
7f:c4:ce:1c:96:7a:8a:cf:b4:0b:cd:58:34:ef:4f:
60:7b:d5:17:20:cf:e5:22:e4:e8:57:8a:7e:8b:b1:
66:9a:71:7b:38:1d:06:7c:16:7a:34:cc:d6:a4:df:
ae:8a:88:00:d9:c1:0a:e7:43:a0:c4:34:32:84:23:
cb:11:7c:e8:85:e3:c9:ca:3d:13:50:f6:65:c3:f5:
2d:d6:4b:6a:cc:04:3d:17:34:86:28:9f:e1:74:41:
32:72:9c:ca:f3:20:a4:19:12:b0:2a:02:ea:71:66:
df:ff:37:dd:16:c6:69:b6:c2:8d:41:38:d7:30:64:
b1:73:94:9c:9b:cc:0d:f6:87:d7:82:4a:fc:a4:68:
db:e5:69:49:67:43:f1:40:1c:70:46:0e:ff:2c:ff:
0d:17:ea:d5:2c:63:a6:de:c4:76:c1:49:a2:a1:0c:
41:f1:8b:a1:63:8b:7b:01:9d:6b:3d:c7:47:0a:e7:
d7:f5:10:84:72:86:dc:f3:b9:3a:35:8f:38:e8:75:
80:4b:fc:d5:a5:38:35:80:e8:bc:ba:06:4c:55:f6:
bc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:23:AE:B2:C7:63:31:94:5A:0B:33:CD:81:01:5E:6A:72:E4:2D:D7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xyOussdjMZRaCzPNgQFeanLkLdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.87.52.0/24
195.133.37.0/24
212.193.11.0/24
Signature Algorithm: sha256WithRSAEncryption
35:a0:c8:f1:b0:2c:ca:85:b0:28:98:35:5f:e3:ad:d0:1b:e7:
c2:45:b3:3e:eb:c1:d2:de:2f:3f:08:84:42:61:9f:00:0b:a0:
6d:d8:84:a3:54:98:94:24:d5:4b:ba:93:1f:c3:bb:31:4d:6a:
e1:a3:f0:4c:63:4e:a3:4b:df:11:b3:cd:bf:a3:7f:67:79:5f:
6a:ee:c6:0c:58:d3:aa:a4:34:e1:a6:f7:b1:b7:06:a0:0c:f1:
e6:68:79:5e:5b:5e:54:08:2e:b4:87:25:e2:cb:de:c9:d0:3e:
c4:a8:e3:48:f1:c9:9d:8a:80:23:ed:3d:11:a6:8b:6a:db:d0:
ff:ca:29:54:89:2c:2a:5b:35:93:54:2a:02:d3:20:d5:fe:56:
d2:79:11:27:bc:02:ea:0e:46:8f:7f:93:ed:c9:98:ae:21:80:
a8:cd:32:0e:a2:c4:4d:b0:68:66:51:5d:4d:c6:cd:02:c4:0b:
c6:6c:17:28:c2:77:04:34:ec:46:85:bd:d9:45:4b:1b:74:da:
e1:cc:c0:8c:ed:3e:d4:fd:89:5d:4a:98:1d:73:ba:c4:8f:7a:
a0:1c:1e:c4:6e:44:03:f7:64:52:0a:d8:3c:43:01:c0:55:e0:
d4:c7:25:a6:74:cf:75:5b:36:0e:86:1d:39:92:30:7c:d5:84:
a5:95:34:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZPQlYkgE/1J+0jfZBS5A/mzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjE2MTc0ODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzIzYWViMmM3NjMzMTk0NWEwYjMzY2Q4MTAxNWU2YTcyZTQyZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Hglplana+q4Pei3D8nnlC9+N760
gKT0kgYAsm1cWnC0K0CcYW6c0hftByF/xM4clnqKz7QLzVg0709ge9UXIM/lIuTo
V4p+i7FmmnF7OB0GfBZ6NMzWpN+uiogA2cEK50OgxDQyhCPLEXzohePJyj0TUPZl
w/Ut1ktqzAQ9FzSGKJ/hdEEycpzK8yCkGRKwKgLqcWbf/zfdFsZptsKNQTjXMGSx
c5Scm8wN9ofXgkr8pGjb5WlJZ0PxQBxwRg7/LP8NF+rVLGOm3sR2wUmioQxB8Yuh
Y4t7AZ1rPcdHCufX9RCEcobc87k6NY846HWAS/zVpTg1gOi8ugZMVfa8twIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMcjrrLHYzGUWgszzYEBXmpy5C3XMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveHlPdXNzZGpNWlJhQ3pQTmdRRmVhbkxrTGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwXwHAwQA
wlc0AwQAw4UlAwQA1MELMA0GCSqGSIb3DQEBCwUAA4IBAQA1oMjxsCzKhbAomDVf
463QG+fCRbM+68HS3i8/CIRCYZ8AC6Bt2ISjVJiUJNVLupMfw7sxTWrho/BMY06j
S98Rs82/o39neV9q7sYMWNOqpDThpvextwagDPHmaHleW15UCC60hyXiy97J0D7E
qONI8cmdioAj7T0Rpotq29D/yilUiSwqWzWTVCoC0yDV/lbSeREnvALqDkaPf5Pt
yZiuIYCozTIOosRNsGhmUV1Nxs0CxAvGbBcowncENOxGhb3ZRUsbdNrhzMCM7T7U
/YldSpgdc7rEj3qgHB7EbkQD92RSCtg8QwHAVeDUxyWmdM91WzYOhh05kjB81YSl
lTSd
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:09:49 2025 by rpki-client