Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/tR2-pI5qxRIRfqhufTAWMo0ULps.roa
File: tR2-pI5qxRIRfqhufTAWMo0ULps.roa (raw, json)
Hash identifier: G7o50mtcFdfaAOMstkje9EVlufm402yPCt/FfLmHhVA=
Subject key identifier: B5:1D:BE:A4:8E:6A:C5:12:11:7E:A8:6E:7D:30:16:32:8D:14:2E:9B
Certificate issuer: /CN=7a8bae923305a71c526a6fcf57c29d6c16a4269e
Certificate serial: 018D8DFE6382D5B145F7CCE64949421927A7
Authority key identifier: 7A:8B:AE:92:33:05:A7:1C:52:6A:6F:CF:57:C2:9D:6C:16:A4:26:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/tR2-pI5qxRIRfqhufTAWMo0ULps.roa
Signing time: Fri 09 Feb 2024 13:11:15 +0000
ROA not before: Fri 09 Feb 2024 13:11:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34907
IP address blocks: 193.3.162.0/24 maxlen: 24
195.245.200.0/24 maxlen: 24
2001:67c:178c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 24 Sep 2024 15:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8d:fe:63:82:d5:b1:45:f7:cc:e6:49:49:42:19:27:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a8bae923305a71c526a6fcf57c29d6c16a4269e
Validity
Not Before: Feb 9 13:11:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b51dbea48e6ac512117ea86e7d3016328d142e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9b:f4:11:e1:8e:7f:83:06:73:b0:3b:af:0e:
ec:c5:7f:51:97:ec:92:1e:c7:c3:f2:23:2e:dd:d6:
c5:f5:a3:1c:45:ec:63:7a:a0:ab:93:65:94:88:41:
a4:2e:0e:b5:76:7d:77:ec:65:62:ea:e2:7e:5e:11:
ca:8a:66:a5:e7:01:7d:d6:cd:51:ac:53:cb:48:35:
c7:58:7b:a1:74:44:b8:12:d4:76:d0:86:0d:a2:e1:
8b:c8:17:9b:8b:7a:36:5f:57:d1:49:03:da:3a:01:
69:64:eb:58:d2:b8:2c:a2:16:46:50:f3:e4:47:bd:
9d:03:54:93:de:68:26:46:3f:78:a8:d6:f9:9e:4b:
c2:0b:0f:83:89:9b:e1:78:bf:7a:2b:f5:f4:bc:78:
3f:93:2d:8f:b5:8b:4f:99:3f:2e:d2:69:64:0d:48:
d2:e0:f4:69:77:35:4d:2f:a5:4a:c7:af:67:0c:21:
fa:26:5c:aa:79:fe:c7:7b:86:2f:4e:89:ae:40:b3:
df:64:11:f8:79:08:c7:b0:15:1a:ee:79:27:97:c0:
75:fd:4d:fa:8a:04:dd:c5:87:49:e7:1d:e0:33:b9:
3d:83:4e:a5:4b:be:7f:47:c6:78:cc:39:5a:b8:ec:
44:7f:92:2a:99:3d:d2:da:c9:58:b6:75:72:d9:d2:
a0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1D:BE:A4:8E:6A:C5:12:11:7E:A8:6E:7D:30:16:32:8D:14:2E:9B
X509v3 Authority Key Identifier:
keyid:7A:8B:AE:92:33:05:A7:1C:52:6A:6F:CF:57:C2:9D:6C:16:A4:26:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eouukjMFpxxSam_PV8KdbBakJp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/tR2-pI5qxRIRfqhufTAWMo0ULps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a1e5c-1010-4098-94c9-de0c570ba850/1/eouukjMFpxxSam_PV8KdbBakJp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.162.0/24
195.245.200.0/24
IPv6:
2001:67c:178c::/48
Signature Algorithm: sha256WithRSAEncryption
9b:f0:ce:25:89:90:e0:51:d3:62:b7:f4:b6:bf:c1:7c:dd:4a:
f8:ed:23:0b:d4:03:62:5a:c8:a9:31:d9:17:1a:07:4f:83:a3:
18:c4:2a:ef:dc:8d:97:bd:9d:4b:78:f7:bc:3b:a4:9f:9b:47:
6a:26:57:be:95:3e:75:af:fb:f8:da:2c:e2:f2:dd:d1:cd:ad:
f8:7d:6b:16:f0:0f:38:f8:a3:ed:10:80:21:9e:e5:26:ef:fa:
80:cc:02:39:ae:6c:4c:45:20:c4:b1:27:36:20:e6:26:8f:b7:
64:8a:98:5e:25:ae:1d:dc:3e:87:18:e2:1a:41:70:cf:ed:e6:
f9:a1:56:da:11:5c:ea:ee:d8:57:6d:aa:54:2d:a6:01:5f:60:
5d:9f:27:0f:ab:41:02:32:56:ee:d1:89:ad:e4:19:0e:88:a6:
d3:f7:6f:28:c9:73:97:11:36:4f:38:7c:99:ff:b8:b5:7f:24:
3d:11:4d:b7:93:61:43:88:3b:fe:12:3b:d1:f3:69:c5:d5:38:
64:48:35:cd:9c:da:2c:f2:e7:97:5b:45:b9:c9:12:46:80:5d:
db:d1:bc:c9:34:0b:63:d4:e4:20:af:1f:08:a0:7c:21:f9:bc:
80:06:38:a4:d9:27:f7:8a:80:57:59:ae:4f:88:9d:55:ad:65:
9a:52:23:2b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY2N/mOC1bFF98zmSUlCGSenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhOGJhZTkyMzMwNWE3MWM1MjZhNmZjZjU3YzI5ZDZjMTZh
NDI2OWUwHhcNMjQwMjA5MTMxMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFkYmVhNDhlNmFjNTEyMTE3ZWE4NmU3ZDMwMTYzMjhkMTQyZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5v0EeGOf4MGc7A7rw7sxX9Rl+yS
HsfD8iMu3dbF9aMcRexjeqCrk2WUiEGkLg61dn137GVi6uJ+XhHKimal5wF91s1R
rFPLSDXHWHuhdES4EtR20IYNouGLyBebi3o2X1fRSQPaOgFpZOtY0rgsohZGUPPk
R72dA1ST3mgmRj94qNb5nkvCCw+DiZvheL96K/X0vHg/ky2PtYtPmT8u0mlkDUjS
4PRpdzVNL6VKx69nDCH6Jlyqef7He4YvTomuQLPfZBH4eQjHsBUa7nknl8B1/U36
igTdxYdJ5x3gM7k9g06lS75/R8Z4zDlauOxEf5IqmT3S2slYtnVy2dKg8QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLUdvqSOasUSEX6obn0wFjKNFC6bMB8GA1UdIwQY
MBaAFHqLrpIzBaccUmpvz1fCnWwWpCaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZW91dWtqTUZweHhTYW1fUFY4S2RiQmFrSnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yYTFlNWMtMTAxMC00MDk4LTk0Yzkt
ZGUwYzU3MGJhODUwLzEvdFIyLXBJNXF4UklSZnFodWZUQVdNbzBVTHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yYTFlNWMtMTAxMC00MDk4LTk0YzktZGUwYzU3MGJhODUw
LzEvZW91dWtqTUZweHhTYW1fUFY4S2RiQmFrSnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwQOiAwQA
w/XIMA8EAgACMAkDBwAgAQZ8F4wwDQYJKoZIhvcNAQELBQADggEBAJvwziWJkOBR
02K39La/wXzdSvjtIwvUA2JayKkx2RcaB0+DoxjEKu/cjZe9nUt497w7pJ+bR2om
V76VPnWv+/jaLOLy3dHNrfh9axbwDzj4o+0QgCGe5Sbv+oDMAjmubExFIMSxJzYg
5iaPt2SKmF4lrh3cPocY4hpBcM/t5vmhVtoRXOru2FdtqlQtpgFfYF2fJw+rQQIy
Vu7Ria3kGQ6IptP3byjJc5cRNk84fJn/uLV/JD0RTbeTYUOIO/4SO9HzacXVOGRI
Nc2c2izy55dbRbnJEkaAXdvRvMk0C2PU5CCvHwigfCH5vIAGOKTZJ/eKgFdZrk+I
nVWtZZpSIys=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:04 2025 by rpki-client