Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2tBwKnpYOHlKxZJd3fqa8yNYttg.roa
File: 2tBwKnpYOHlKxZJd3fqa8yNYttg.roa (raw, json)
Hash identifier: HMQ+uADGUh0tMbYB044CtCia67PtXEjKq6lc57Ro9+E=
Subject key identifier: DA:D0:70:2A:7A:58:38:79:4A:C5:92:5D:DD:FA:9A:F3:23:58:B6:D8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191D6621CE119B134315E00D977AB4BEF60
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2tBwKnpYOHlKxZJd3fqa8yNYttg.roa
Signing time: Mon 09 Sep 2024 10:43:59 +0000
ROA not before: Mon 09 Sep 2024 10:43:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 193.149.28.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:62:1c:e1:19:b1:34:31:5e:00:d9:77:ab:4b:ef:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 9 10:43:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dad0702a7a5838794ac5925dddfa9af32358b6d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a6:fa:6b:08:aa:5d:17:83:ae:ba:51:d6:b1:
3a:0f:df:66:90:59:8e:73:46:fc:cf:91:82:0a:60:
2b:0e:5b:e4:dd:3d:ea:f4:2e:b1:d4:9a:0e:be:d5:
0f:bc:f2:39:fe:fe:17:7c:73:f6:8c:fd:94:9d:8f:
11:19:52:96:c0:07:1b:10:34:6f:07:04:b8:87:53:
65:20:f9:37:99:48:f5:b3:61:b6:e5:e2:ac:5e:3e:
0f:a8:40:0b:bf:35:40:68:de:7a:34:1e:2c:14:42:
60:0c:ad:41:7d:ef:f3:49:da:4c:60:f6:b6:60:2b:
e4:14:2a:4b:74:aa:55:e9:c9:d8:0c:0c:02:dd:73:
7d:38:b5:4a:9e:80:74:af:4b:11:6c:2d:45:30:02:
3e:62:5b:2c:39:cc:2e:48:56:a6:63:a8:ab:78:b9:
15:3a:e8:c6:4b:a0:b6:3b:cf:f4:95:bd:14:a5:16:
da:0d:36:19:de:7f:0f:86:65:6f:46:99:61:98:09:
de:da:f5:a1:34:a9:8d:6e:26:bc:0a:86:99:8b:70:
f3:f6:24:e0:d7:b1:2d:73:26:f9:6f:fb:75:7a:3a:
d4:bb:24:a0:73:33:63:ae:b6:f4:db:a5:b3:96:46:
5a:7f:61:68:75:23:6f:f8:dc:3e:c4:63:25:4d:e2:
82:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D0:70:2A:7A:58:38:79:4A:C5:92:5D:DD:FA:9A:F3:23:58:B6:D8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2tBwKnpYOHlKxZJd3fqa8yNYttg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.149.28.0/22
194.180.36.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:12:5a:6f:fe:7e:56:c3:9f:43:d8:7a:77:c8:84:6c:8e:4a:
d5:e2:b7:01:ca:df:32:ec:6d:1a:ff:d9:6b:fa:77:4c:18:e7:
28:4e:8d:92:e4:a5:cb:d1:36:26:6c:14:3f:20:67:06:da:e0:
08:b0:f4:a5:37:99:41:44:36:fc:98:60:7a:cd:7d:e4:b4:d8:
b6:6b:2b:53:8b:cc:64:08:60:cc:56:e7:96:4c:0d:6d:ce:fe:
73:45:bf:83:e8:51:1f:bd:57:4b:56:24:cd:9a:ad:37:2f:2c:
a4:32:af:b7:b6:cd:09:61:bc:02:25:dd:9a:db:28:c5:26:71:
11:0e:ce:d3:f0:f9:8c:c8:a5:22:1f:f6:32:9f:4b:55:1e:47:
b7:c6:ff:0d:17:19:3a:a8:e7:d6:0d:9a:4c:b1:22:70:54:93:
e9:97:3f:37:d1:e1:2c:99:0b:11:a5:15:fa:65:b0:6d:5b:1c:
00:11:d8:53:66:f7:58:f2:99:3f:2c:96:8e:9f:e5:f8:16:2f:
b8:66:cd:19:dc:ef:7e:6e:85:64:49:69:7a:09:49:85:3d:7d:
94:10:b3:d4:b1:88:15:07:ea:27:c6:6c:0e:38:bc:c4:a1:f2:
c0:f9:2f:db:28:86:92:0d:ca:e6:75:32:23:da:c2:05:0f:26:
50:d1:f3:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHWYhzhGbE0MV4A2XerS+9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTA5MTA0MzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWQwNzAyYTdhNTgzODc5NGFjNTkyNWRkZGZhOWFmMzIzNThiNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6b6awiqXReDrrpR1rE6D99mkFmO
c0b8z5GCCmArDlvk3T3q9C6x1JoOvtUPvPI5/v4XfHP2jP2UnY8RGVKWwAcbEDRv
BwS4h1NlIPk3mUj1s2G25eKsXj4PqEALvzVAaN56NB4sFEJgDK1Bfe/zSdpMYPa2
YCvkFCpLdKpV6cnYDAwC3XN9OLVKnoB0r0sRbC1FMAI+YlssOcwuSFamY6ireLkV
OujGS6C2O8/0lb0UpRbaDTYZ3n8PhmVvRplhmAne2vWhNKmNbia8CoaZi3Dz9iTg
17Etcyb5b/t1ejrUuySgczNjrrb026WzlkZaf2FodSNv+Nw+xGMlTeKCVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNrQcCp6WDh5SsWSXd36mvMjWLbYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMnRCd0tucFlPSGxLeFpKZDNmcWE4eU5ZdHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwZUcAwQA
wrQkMA0GCSqGSIb3DQEBCwUAA4IBAQBaElpv/n5Ww59D2Hp3yIRsjkrV4rcByt8y
7G0a/9lr+ndMGOcoTo2S5KXL0TYmbBQ/IGcG2uAIsPSlN5lBRDb8mGB6zX3ktNi2
aytTi8xkCGDMVueWTA1tzv5zRb+D6FEfvVdLViTNmq03LyykMq+3ts0JYbwCJd2a
2yjFJnERDs7T8PmMyKUiH/Yyn0tVHke3xv8NFxk6qOfWDZpMsSJwVJPplz830eEs
mQsRpRX6ZbBtWxwAEdhTZvdY8pk/LJaOn+X4Fi+4Zs0Z3O9+boVkSWl6CUmFPX2U
ELPUsYgVB+onxmwOOLzEofLA+S/bKIaSDcrmdTIj2sIFDyZQ0fP2
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:23:13 2025 by rpki-client