Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/ha4XUQNg2Cqeq9HLLI59Kkn7_sQ.roa
File: ha4XUQNg2Cqeq9HLLI59Kkn7_sQ.roa (raw, json)
Hash identifier: 6fuus+y8n7JYSVRRArq5sFuP9SYFhbsW+FlQZ/gxaqo=
Subject key identifier: 85:AE:17:51:03:60:D8:2A:9E:AB:D1:CB:2C:8E:7D:2A:49:FB:FE:C4
Certificate issuer: /CN=cd7cb97b523c73f1406d63c767c73d9c957d433b
Certificate serial: 01925137B633192AFC4DC48D9356D084486D
Authority key identifier: CD:7C:B9:7B:52:3C:73:F1:40:6D:63:C7:67:C7:3D:9C:95:7D:43:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/ha4XUQNg2Cqeq9HLLI59Kkn7_sQ.roa
Signing time: Thu 03 Oct 2024 07:10:58 +0000
ROA not before: Thu 03 Oct 2024 07:10:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44328
IP address blocks: 193.163.224.0/20 maxlen: 20
193.163.224.0/21 maxlen: 21
193.163.232.0/22 maxlen: 22
193.163.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:37:b6:33:19:2a:fc:4d:c4:8d:93:56:d0:84:48:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd7cb97b523c73f1406d63c767c73d9c957d433b
Validity
Not Before: Oct 3 07:10:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85ae17510360d82a9eabd1cb2c8e7d2a49fbfec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:40:cc:e6:66:53:02:de:b1:6b:f3:35:21:d3:
08:31:3a:ff:bb:25:cb:90:97:06:a3:48:74:d7:d4:
db:7c:14:dd:4e:95:53:19:53:13:d3:8c:2f:47:31:
c8:57:18:56:7e:a9:c8:21:2a:ba:86:d5:9b:7e:0f:
1e:f3:cd:b3:e7:3a:fd:46:a4:b4:6d:cc:a2:d7:3c:
69:8d:79:e9:4a:0e:b8:56:95:f9:b5:d4:30:a6:65:
b7:3c:95:4e:b5:26:42:db:44:e9:42:06:8f:5d:b0:
1d:7d:d2:f0:03:83:48:f9:7a:2a:db:e3:e8:94:d4:
89:aa:bc:97:88:ec:ef:7d:44:8f:fd:b8:a4:e9:f3:
9e:f9:ad:1e:a9:f0:fd:17:ee:0f:8a:3e:ab:06:4f:
59:6b:48:f9:36:9f:ad:d5:e0:98:61:46:ee:24:e4:
00:fc:3d:07:03:12:11:27:94:ab:96:68:65:b1:67:
f4:b0:70:a8:2f:25:81:48:83:65:bc:6d:bd:b2:cd:
6b:39:93:38:d6:b7:bc:8f:19:06:fd:6e:35:9f:43:
32:ea:93:c0:63:f2:03:ec:e6:ae:00:c5:b9:96:d8:
6c:4b:c2:6f:9d:6f:d8:5f:b0:f2:2e:34:bc:af:68:
0f:45:da:2c:80:3f:76:54:20:77:95:8c:8b:d5:4e:
85:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:AE:17:51:03:60:D8:2A:9E:AB:D1:CB:2C:8E:7D:2A:49:FB:FE:C4
X509v3 Authority Key Identifier:
keyid:CD:7C:B9:7B:52:3C:73:F1:40:6D:63:C7:67:C7:3D:9C:95:7D:43:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/ha4XUQNg2Cqeq9HLLI59Kkn7_sQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c2e18c-c63f-4dd3-8921-05116c9f8aef/1/zXy5e1I8c_FAbWPHZ8c9nJV9Qzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.224.0/20
Signature Algorithm: sha256WithRSAEncryption
85:51:8e:f8:bb:6f:5e:ba:3a:43:ca:a3:44:ef:17:b2:95:ff:
e2:fc:e9:60:64:91:9c:ce:bf:4f:d3:e1:dc:be:8e:36:9b:ec:
ba:8c:1e:b7:01:5b:25:0a:52:d4:8b:ba:29:08:c5:94:45:48:
07:47:e7:ad:79:2c:f7:07:cf:6c:e5:df:61:56:7b:9c:a4:1a:
5a:b7:b9:6e:5d:45:b7:91:5b:49:ae:09:e8:00:3b:ec:25:df:
4b:ec:64:0d:8c:7c:bb:60:4d:05:83:91:e2:a6:66:35:65:56:
98:d7:f7:64:ba:63:04:44:41:56:90:f1:97:c4:b3:9d:a5:64:
89:99:84:3d:cc:c3:ab:0d:e7:5d:b7:e5:7b:c5:25:cb:d3:d9:
a8:a8:41:34:94:b7:99:40:52:aa:91:93:d0:b9:7d:0c:c6:2a:
54:1f:b4:69:75:bc:53:35:64:e5:37:42:48:76:df:11:da:ff:
6c:3e:7a:e9:d1:93:2b:c0:d3:a1:8e:d5:1b:85:1f:06:0a:73:
25:1e:28:c3:63:60:92:b2:f5:db:fb:ab:2e:19:a8:69:41:b3:
4b:58:8c:42:80:66:19:56:e3:c6:39:ef:14:a7:e5:a9:e3:28:
3a:a4:3b:52:10:b4:ea:a9:ae:66:22:82:1a:d4:a2:ea:89:6c:
18:dd:4d:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJRN7YzGSr8TcSNk1bQhEhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkN2NiOTdiNTIzYzczZjE0MDZkNjNjNzY3YzczZDljOTU3
ZDQzM2IwHhcNMjQxMDAzMDcxMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWFlMTc1MTAzNjBkODJhOWVhYmQxY2IyYzhlN2QyYTQ5ZmJmZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0DM5mZTAt6xa/M1IdMIMTr/uyXL
kJcGo0h019TbfBTdTpVTGVMT04wvRzHIVxhWfqnIISq6htWbfg8e882z5zr9RqS0
bcyi1zxpjXnpSg64VpX5tdQwpmW3PJVOtSZC20TpQgaPXbAdfdLwA4NI+Xoq2+Po
lNSJqryXiOzvfUSP/bik6fOe+a0eqfD9F+4Pij6rBk9Za0j5Np+t1eCYYUbuJOQA
/D0HAxIRJ5SrlmhlsWf0sHCoLyWBSINlvG29ss1rOZM41re8jxkG/W41n0My6pPA
Y/ID7OauAMW5lthsS8JvnW/YX7DyLjS8r2gPRdosgD92VCB3lYyL1U6FhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWuF1EDYNgqnqvRyyyOfSpJ+/7EMB8GA1UdIwQY
MBaAFM18uXtSPHPxQG1jx2fHPZyVfUM7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelh5NWUxSThjX0ZBYldQSFo4YzluSlY5UXpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9jMmUxOGMtYzYzZi00ZGQzLTg5MjEt
MDUxMTZjOWY4YWVmLzEvaGE0WFVRTmcyQ3FlcTlITExJNTlLa243X3NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9jMmUxOGMtYzYzZi00ZGQzLTg5MjEtMDUxMTZjOWY4YWVm
LzEvelh5NWUxSThjX0ZBYldQSFo4YzluSlY5UXpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwaPgMA0G
CSqGSIb3DQEBCwUAA4IBAQCFUY74u29eujpDyqNE7xeylf/i/OlgZJGczr9P0+Hc
vo42m+y6jB63AVslClLUi7opCMWURUgHR+eteSz3B89s5d9hVnucpBpat7luXUW3
kVtJrgnoADvsJd9L7GQNjHy7YE0Fg5HipmY1ZVaY1/dkumMEREFWkPGXxLOdpWSJ
mYQ9zMOrDeddt+V7xSXL09moqEE0lLeZQFKqkZPQuX0MxipUH7RpdbxTNWTlN0JI
dt8R2v9sPnrp0ZMrwNOhjtUbhR8GCnMlHijDY2CSsvXb+6suGahpQbNLWIxCgGYZ
VuPGOe8Up+Wp4yg6pDtSELTqqa5mIoIa1KLqiWwY3U06
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:46 2025 by rpki-client