Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kWFnrv4bxHKlGbBLH2sxiJUJ-KQ.roa
File: kWFnrv4bxHKlGbBLH2sxiJUJ-KQ.roa (raw, json)
Hash identifier: 0o2Im+bSxYz18VAljYzGlIIIpvczgvxSp0+1S3AO+rI=
Subject key identifier: 91:61:67:AE:FE:1B:C4:72:A5:19:B0:4B:1F:6B:31:88:95:09:F8:A4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193D7F86FD847EEE75F52BE725C9189A438
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kWFnrv4bxHKlGbBLH2sxiJUJ-KQ.roa
Signing time: Wed 18 Dec 2024 04:13:23 +0000
ROA not before: Wed 18 Dec 2024 04:13:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205220
IP address blocks: 194.180.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d7:f8:6f:d8:47:ee:e7:5f:52:be:72:5c:91:89:a4:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 18 04:13:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=916167aefe1bc472a519b04b1f6b31889509f8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fd:d6:2d:52:fd:b8:44:11:3f:73:5a:2b:7c:
e3:42:98:e7:1d:71:10:d9:99:0b:3a:df:b3:f7:12:
3a:76:19:d9:80:40:d8:e0:d8:17:13:df:a4:bd:16:
39:83:5e:22:70:0d:cf:1b:cf:96:e0:b4:40:b7:18:
6d:91:af:ac:5e:45:89:e5:ec:ff:a0:de:87:56:7f:
17:06:a8:ee:70:cc:dc:84:f6:aa:28:79:c6:08:13:
00:95:8b:76:32:8d:fa:a0:9a:24:93:1f:c6:d9:b0:
7d:96:0a:dc:29:98:72:e5:b2:53:3d:5e:e9:97:5a:
92:af:3b:2b:90:ea:bb:9a:c7:77:cf:e4:e1:12:9e:
32:b3:f6:d0:2a:40:df:11:e2:b4:25:f6:07:66:61:
03:e4:35:8e:6c:ca:6f:66:14:af:70:c3:bf:5f:d5:
8c:19:44:0c:d9:d6:56:d7:65:71:1e:a6:8c:be:15:
7c:d4:3e:1c:c6:16:f1:09:d3:ac:cc:6a:89:a1:9e:
71:07:c1:7c:a0:04:09:e7:5b:06:48:60:34:bf:b2:
62:83:50:0a:69:e7:c8:a9:a1:9d:13:9a:fe:41:58:
1a:6a:aa:0d:4e:2c:be:26:34:9a:99:27:f4:c9:c4:
ac:bd:a1:23:91:9d:8d:e2:e8:77:26:9f:94:95:03:
e8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:61:67:AE:FE:1B:C4:72:A5:19:B0:4B:1F:6B:31:88:95:09:F8:A4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kWFnrv4bxHKlGbBLH2sxiJUJ-KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.37.0/24
Signature Algorithm: sha256WithRSAEncryption
76:77:57:7e:83:41:60:1d:6d:39:e0:69:72:1e:b0:45:60:51:
da:9f:ab:ec:15:96:6e:92:61:e5:09:67:a9:c6:35:75:77:a2:
5d:d3:34:f0:88:78:b0:89:84:ad:3c:29:b6:4e:62:69:5c:2a:
39:47:13:ab:7a:8a:92:eb:86:a2:67:89:db:cb:17:bf:62:59:
2b:da:f0:ca:81:2a:9e:e2:de:71:00:27:0b:74:92:df:99:e3:
33:f7:4e:25:d1:aa:4d:11:cc:91:16:ef:9d:22:98:c2:b2:19:
f3:5e:95:4e:94:a0:68:c9:55:6d:2c:7b:21:37:8b:b0:8e:c7:
ec:87:4a:f2:4c:cc:c5:0e:1e:e6:5c:31:7e:d8:f1:28:66:9f:
8d:78:db:c3:75:ee:12:e4:28:79:bf:a6:70:32:97:70:4b:22:
68:a5:a3:37:50:0f:f8:bb:c2:5c:42:79:34:37:fe:85:fd:a9:
23:6c:3a:87:64:53:8f:4f:fc:8e:a6:05:86:ed:e2:4d:08:d9:
fc:d7:45:db:42:a0:31:bd:95:01:71:e0:47:48:2a:03:12:ac:
ae:be:4d:14:d5:56:9f:10:a4:e9:d5:91:40:50:7d:c7:d8:f5:
35:ce:eb:af:4a:47:13:ac:9a:2b:94:09:87:e8:c3:e3:2e:d9:
67:3c:e2:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPX+G/YR+7nX1K+clyRiaQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjE4MDQxMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTYxNjdhZWZlMWJjNDcyYTUxOWIwNGIxZjZiMzE4ODk1MDlmOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv3WLVL9uEQRP3NaK3zjQpjnHXEQ
2ZkLOt+z9xI6dhnZgEDY4NgXE9+kvRY5g14icA3PG8+W4LRAtxhtka+sXkWJ5ez/
oN6HVn8XBqjucMzchPaqKHnGCBMAlYt2Mo36oJokkx/G2bB9lgrcKZhy5bJTPV7p
l1qSrzsrkOq7msd3z+ThEp4ys/bQKkDfEeK0JfYHZmED5DWObMpvZhSvcMO/X9WM
GUQM2dZW12VxHqaMvhV81D4cxhbxCdOszGqJoZ5xB8F8oAQJ51sGSGA0v7Jig1AK
aefIqaGdE5r+QVgaaqoNTiy+JjSamSf0ycSsvaEjkZ2N4uh3Jp+UlQPo9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFhZ67+G8RypRmwSx9rMYiVCfikMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva1dGbnJ2NGJ4SEtsR2JCTEgyc3hpSlVKLUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrQlMA0G
CSqGSIb3DQEBCwUAA4IBAQB2d1d+g0FgHW054GlyHrBFYFHan6vsFZZukmHlCWep
xjV1d6Jd0zTwiHiwiYStPCm2TmJpXCo5RxOreoqS64aiZ4nbyxe/Ylkr2vDKgSqe
4t5xACcLdJLfmeMz904l0apNEcyRFu+dIpjCshnzXpVOlKBoyVVtLHshN4uwjsfs
h0ryTMzFDh7mXDF+2PEoZp+NeNvDde4S5Ch5v6ZwMpdwSyJopaM3UA/4u8JcQnk0
N/6F/akjbDqHZFOPT/yOpgWG7eJNCNn810XbQqAxvZUBceBHSCoDEqyuvk0U1Vaf
EKTp1ZFAUH3H2PU1zuuvSkcTrJorlAmH6MPjLtlnPOIN
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:35:40 2025 by rpki-client