Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/7ywQoWqZIrHGvSdnG9yXrXyQkWQ.roa
File: 7ywQoWqZIrHGvSdnG9yXrXyQkWQ.roa (raw, json)
Hash identifier: ns4BOoj9nmQcFaQN2NJEQPZcl2OaLuKhbmUe12P1Obk=
Subject key identifier: EF:2C:10:A1:6A:99:22:B1:C6:BD:27:67:1B:DC:97:AD:7C:90:91:64
Certificate issuer: /CN=c330acdf041b5dcc7e5ec6cf8ff8bd0648e8670c
Certificate serial: 018D65437578214D77DA3EC18A8F2F76288E
Authority key identifier: C3:30:AC:DF:04:1B:5D:CC:7E:5E:C6:CF:8F:F8:BD:06:48:E8:67:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/7ywQoWqZIrHGvSdnG9yXrXyQkWQ.roa
Signing time: Thu 01 Feb 2024 15:22:16 +0000
ROA not before: Thu 01 Feb 2024 15:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59993
IP address blocks: 193.29.4.0/24 maxlen: 24
193.29.8.0/24 maxlen: 24
2a0f:7a40::/29 maxlen: 48
Validation: Failed, certificate revoked on Fri 09 Feb 2024 16:11:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:43:75:78:21:4d:77:da:3e:c1:8a:8f:2f:76:28:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c330acdf041b5dcc7e5ec6cf8ff8bd0648e8670c
Validity
Not Before: Feb 1 15:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef2c10a16a9922b1c6bd27671bdc97ad7c909164
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c6:42:d8:17:c2:c9:3b:8d:2d:90:51:a9:23:
13:92:0c:47:62:32:a6:d1:3d:9a:b2:07:1e:e4:43:
f0:f1:20:a6:62:62:11:09:f4:12:94:4e:44:59:45:
48:e8:03:e9:6d:e6:be:d0:6e:4a:a8:cb:c5:40:8c:
69:90:87:d2:16:01:e0:01:f1:0c:6a:2e:f4:d0:ba:
30:ec:5f:20:b9:41:9b:97:66:f9:a2:e3:8e:be:98:
39:ff:60:60:fc:8a:ed:59:fc:75:c1:8c:93:80:fd:
59:e7:38:26:1b:dd:7a:6d:12:b0:36:98:fa:24:07:
f5:7d:89:78:bc:ae:97:f6:c8:3e:3c:be:0a:a1:fe:
e4:ac:e9:25:6d:63:9e:3a:f7:7d:cd:25:e1:53:b4:
69:33:a9:32:e9:d4:62:a7:ee:63:fb:ad:a1:d2:55:
a9:a4:8e:a4:c1:9a:45:5a:3a:5d:5c:94:c6:f9:12:
1b:85:5e:f9:f2:de:64:94:7d:7b:c0:3b:79:cc:54:
a0:60:60:03:d5:e7:ef:9a:e7:1e:c2:46:ab:52:85:
45:be:95:63:c3:79:14:f1:0a:9c:b7:e5:ce:5c:df:
ca:d1:4d:15:7b:e4:56:f4:75:b2:6b:d5:b0:bc:74:
59:db:21:1e:c5:90:1a:31:5a:23:2f:84:1a:72:39:
16:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2C:10:A1:6A:99:22:B1:C6:BD:27:67:1B:DC:97:AD:7C:90:91:64
X509v3 Authority Key Identifier:
keyid:C3:30:AC:DF:04:1B:5D:CC:7E:5E:C6:CF:8F:F8:BD:06:48:E8:67:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzCs3wQbXcx-XsbPj_i9BkjoZww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/7ywQoWqZIrHGvSdnG9yXrXyQkWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2a84e9-68b3-4e3f-b615-a0ad61d194a1/1/wzCs3wQbXcx-XsbPj_i9BkjoZww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.4.0/24
193.29.8.0/24
IPv6:
2a0f:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
37:19:02:89:97:79:99:7e:71:8d:f0:74:88:0c:4f:e7:45:61:
92:64:72:0a:4a:5a:f8:01:95:99:2f:07:18:00:c1:74:2f:be:
df:7d:20:aa:3a:b6:db:47:9f:52:78:70:ec:af:83:33:b5:87:
d2:fe:be:4d:11:d8:d0:26:ca:f8:9a:43:26:5c:b8:0c:56:f3:
4b:97:34:be:08:3b:dd:80:8e:b1:68:66:be:77:d4:23:9d:72:
80:f4:59:b8:1c:11:ea:1e:be:ad:2e:b4:29:13:41:25:cf:07:
88:e8:88:5d:c9:28:3e:00:8e:be:24:90:2d:7a:ad:7e:55:bf:
82:c6:7c:d5:39:0c:14:74:86:8f:ac:c0:6c:e5:36:e1:9c:57:
2a:65:c4:72:23:98:4a:2f:20:0f:49:8e:6c:ee:1b:24:80:17:
81:26:9e:9f:3a:b8:80:80:e5:0a:df:a7:28:6a:6d:ce:d2:37:
94:d6:a0:bb:f7:28:06:cc:ef:3c:25:a9:47:3a:bd:ab:be:a9:
bc:a7:2e:77:86:79:2b:42:02:24:16:ed:f2:7b:96:bf:19:8f:
6c:95:07:b9:bf:5d:06:b0:1d:96:0e:b9:b3:c1:53:88:d8:53:
ac:de:26:95:9b:8d:dc:21:f1:cb:8f:21:60:a7:39:46:f9:5f:
3a:9e:42:37
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY1lQ3V4IU132j7Bio8vdiiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzBhY2RmMDQxYjVkY2M3ZTVlYzZjZjhmZjhiZDA2NDhl
ODY3MGMwHhcNMjQwMjAxMTUyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjJjMTBhMTZhOTkyMmIxYzZiZDI3NjcxYmRjOTdhZDdjOTA5MTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcZC2BfCyTuNLZBRqSMTkgxHYjKm
0T2asgce5EPw8SCmYmIRCfQSlE5EWUVI6APpbea+0G5KqMvFQIxpkIfSFgHgAfEM
ai700Low7F8guUGbl2b5ouOOvpg5/2Bg/IrtWfx1wYyTgP1Z5zgmG916bRKwNpj6
JAf1fYl4vK6X9sg+PL4Kof7krOklbWOeOvd9zSXhU7RpM6ky6dRip+5j+62h0lWp
pI6kwZpFWjpdXJTG+RIbhV758t5klH17wDt5zFSgYGAD1efvmucewkarUoVFvpVj
w3kU8Qqct+XOXN/K0U0Ve+RW9HWya9WwvHRZ2yEexZAaMVojL4QacjkWKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFO8sEKFqmSKxxr0nZxvcl618kJFkMB8GA1UdIwQY
MBaAFMMwrN8EG13Mfl7Gz4/4vQZI6GcMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pDczN3UWJYY3gtWHNiUGpfaTlCa2pvWnd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yYTg0ZTktNjhiMy00ZTNmLWI2MTUt
YTBhZDYxZDE5NGExLzEvN3l3UW9XcVpJckhHdlNkbkc5eVhyWHlRa1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yYTg0ZTktNjhiMy00ZTNmLWI2MTUtYTBhZDYxZDE5NGEx
LzEvd3pDczN3UWJYY3gtWHNiUGpfaTlCa2pvWnd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwR0EAwQA
wR0IMA0EAgACMAcDBQMqD3pAMA0GCSqGSIb3DQEBCwUAA4IBAQA3GQKJl3mZfnGN
8HSIDE/nRWGSZHIKSlr4AZWZLwcYAMF0L77ffSCqOrbbR59SeHDsr4MztYfS/r5N
EdjQJsr4mkMmXLgMVvNLlzS+CDvdgI6xaGa+d9QjnXKA9Fm4HBHqHr6tLrQpE0El
zweI6IhdySg+AI6+JJAteq1+Vb+CxnzVOQwUdIaPrMBs5TbhnFcqZcRyI5hKLyAP
SY5s7hskgBeBJp6fOriAgOUK36coam3O0jeU1qC79ygGzO88JalHOr2rvqm8py53
hnkrQgIkFu3ye5a/GY9slQe5v10GsB2WDrmzwVOI2FOs3iaVm43cIfHLjyFgpzlG
+V86nkI3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:53 2025 by rpki-client