Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pSEBXHRB0MA5DEy5GTqrrIIreZI.roa
File: pSEBXHRB0MA5DEy5GTqrrIIreZI.roa (raw, json)
Hash identifier: +4xULRwJ0JHdFREV1O6njxdWcMpPRLWEAXgnf5DDC+g=
Subject key identifier: A5:21:01:5C:74:41:D0:C0:39:0C:4C:B9:19:3A:AB:AC:82:2B:79:92
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194793B24CCAF997CF6C256A0CD77424135
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pSEBXHRB0MA5DEy5GTqrrIIreZI.roa
Signing time: Sat 18 Jan 2025 11:45:06 +0000
ROA not before: Sat 18 Jan 2025 11:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207388
IP address blocks: 192.145.28.0/22 maxlen: 24
193.168.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 05:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:79:3b:24:cc:af:99:7c:f6:c2:56:a0:cd:77:42:41:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 18 11:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a521015c7441d0c0390c4cb9193aabac822b7992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:85:2f:5e:10:74:74:9a:4c:83:98:a8:1b:40:
a5:c0:08:ce:84:92:d6:72:b1:77:31:5b:e1:16:58:
47:ff:53:55:97:52:57:14:21:fc:ca:bf:6a:68:b0:
2e:46:01:22:c3:f5:93:af:ed:63:cf:5d:c8:0a:24:
dd:16:4c:0b:4b:44:cf:91:dd:ab:ed:5e:40:51:8e:
c2:47:7d:5c:fd:d3:dd:57:7f:b5:ad:e3:78:50:a5:
74:a2:20:37:da:f0:90:3b:c7:60:d6:e2:49:ee:c2:
54:f0:6a:2f:98:97:b9:19:58:ed:9f:b4:42:d4:42:
eb:f0:6f:9c:26:a7:ca:23:c8:a1:29:34:a3:1d:25:
ea:69:7d:94:aa:e3:8e:45:f3:5d:21:ab:b3:b2:42:
6b:90:7d:03:f0:d2:c4:60:ba:b0:36:aa:28:06:5a:
cb:89:8b:5c:20:7b:d3:ae:86:6f:b8:08:6a:4e:3a:
61:cf:f6:1e:bd:9c:40:06:56:78:d0:ea:4b:c7:09:
8b:cd:f9:bf:d7:af:a6:42:af:ab:08:71:ff:4e:14:
06:a7:c4:cc:16:df:38:6e:f0:05:8f:1e:0f:4f:28:
a2:cd:50:c2:6d:cd:a3:4b:af:5e:0e:53:e4:04:c9:
16:3e:13:cc:29:21:95:39:0b:f0:93:5b:19:7c:2f:
42:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:21:01:5C:74:41:D0:C0:39:0C:4C:B9:19:3A:AB:AC:82:2B:79:92
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/pSEBXHRB0MA5DEy5GTqrrIIreZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.28.0/22
193.168.198.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:e8:3f:40:40:39:f1:c3:02:7c:f1:b8:bb:aa:5e:e5:e8:7c:
97:2d:b5:d3:7a:3e:3d:a2:2d:3f:0d:1d:ea:46:0c:bd:7d:2c:
48:7c:24:e1:79:b4:a8:cc:e2:ac:d9:3e:3a:7e:11:d6:25:d8:
f8:07:60:50:87:05:44:dd:a2:39:94:43:34:d7:de:13:1c:45:
ec:b4:18:f5:32:2f:41:84:cb:cd:b3:c0:6c:2f:33:3f:92:0d:
c7:b7:31:4d:55:4a:21:4a:6f:df:67:fa:70:88:35:0e:52:f9:
df:8d:f1:48:e4:25:01:62:59:b4:a7:e3:c1:51:3e:50:43:69:
6e:d7:b7:fd:d7:53:5d:3d:8e:98:08:3e:91:3b:02:fa:78:45:
d1:c2:a7:1c:0f:71:7a:d7:c0:93:76:b3:6d:c9:66:71:d6:89:
63:7b:cf:68:63:9d:3a:61:fd:1a:d3:e9:5a:bf:ba:15:48:d6:
e6:a4:3a:9d:28:25:6c:02:6c:21:a3:5b:69:5a:5b:f7:40:f6:
ea:3c:6d:4b:ba:70:4c:00:dc:d2:9c:8d:a1:27:9b:5c:77:13:
f6:e5:8f:9e:df:05:df:a8:59:67:20:b8:8b:8d:5d:67:12:8c:
21:86:1d:d6:a0:05:67:41:6e:7c:fe:ab:72:a2:a7:c0:d5:73:
f5:fc:66:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZR5OyTMr5l89sJWoM13QkE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTE4MTE0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTIxMDE1Yzc0NDFkMGMwMzkwYzRjYjkxOTNhYWJhYzgyMmI3OTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIUvXhB0dJpMg5ioG0ClwAjOhJLW
crF3MVvhFlhH/1NVl1JXFCH8yr9qaLAuRgEiw/WTr+1jz13ICiTdFkwLS0TPkd2r
7V5AUY7CR31c/dPdV3+1reN4UKV0oiA32vCQO8dg1uJJ7sJU8GovmJe5GVjtn7RC
1ELr8G+cJqfKI8ihKTSjHSXqaX2UquOORfNdIauzskJrkH0D8NLEYLqwNqooBlrL
iYtcIHvTroZvuAhqTjphz/YevZxABlZ40OpLxwmLzfm/16+mQq+rCHH/ThQGp8TM
Ft84bvAFjx4PTyiizVDCbc2jS69eDlPkBMkWPhPMKSGVOQvwk1sZfC9C2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKUhAVx0QdDAOQxMuRk6q6yCK3mSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcFNFQlhIUkIwTUE1REV5NUdUcXJySUlyZVpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwJEcAwQA
wajGMA0GCSqGSIb3DQEBCwUAA4IBAQCo6D9AQDnxwwJ88bi7ql7l6HyXLbXTej49
oi0/DR3qRgy9fSxIfCThebSozOKs2T46fhHWJdj4B2BQhwVE3aI5lEM0194THEXs
tBj1Mi9BhMvNs8BsLzM/kg3HtzFNVUohSm/fZ/pwiDUOUvnfjfFI5CUBYlm0p+PB
UT5QQ2lu17f911NdPY6YCD6ROwL6eEXRwqccD3F618CTdrNtyWZx1olje89oY506
Yf0a0+lav7oVSNbmpDqdKCVsAmwho1tpWlv3QPbqPG1LunBMANzSnI2hJ5tcdxP2
5Y+e3wXfqFlnILiLjV1nEowhhh3WoAVnQW58/qtyoqfA1XP1/Gbr
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:24:13 2025 by rpki-client