Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/MK5baUOm_m3h_DTYbW29YFlvMOo.roa
File: MK5baUOm_m3h_DTYbW29YFlvMOo.roa (raw, json)
Hash identifier: v58mZexYqfLAeEUZgXNI5VsiXbQw/DIlG6AZn68PKOI=
Subject key identifier: 30:AE:5B:69:43:A6:FE:6D:E1:FC:34:D8:6D:6D:BD:60:59:6F:30:EA
Certificate issuer: /CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Certificate serial: 019368316EA2E9CAC62789B2BCF65CD23555
Authority key identifier: 80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/MK5baUOm_m3h_DTYbW29YFlvMOo.roa
Signing time: Tue 26 Nov 2024 11:18:10 +0000
ROA not before: Tue 26 Nov 2024 11:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 193.19.196.0/24 maxlen: 24
193.19.197.0/24 maxlen: 24
194.125.246.0/24 maxlen: 24
194.125.247.0/24 maxlen: 24
195.22.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:31:6e:a2:e9:ca:c6:27:89:b2:bc:f6:5c:d2:35:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Validity
Not Before: Nov 26 11:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30ae5b6943a6fe6de1fc34d86d6dbd60596f30ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:8f:bc:dc:f0:01:86:03:34:07:15:35:05:7d:
a8:b3:7d:9d:00:c7:09:04:40:c3:88:51:1d:6a:32:
66:b0:4d:9d:8b:f4:91:ff:30:ec:1c:66:8b:e1:f7:
d6:b4:22:06:59:d2:40:74:3a:90:aa:7e:b3:0a:0a:
7c:1c:5b:22:d4:9e:81:bd:31:17:06:db:f8:58:01:
99:8f:db:0b:de:39:3e:93:4e:d2:54:ef:47:64:5f:
01:9e:25:23:33:60:aa:23:69:3e:09:3f:48:56:f2:
b6:e0:a7:db:34:aa:e5:bd:3d:b6:cd:23:24:fe:92:
c7:86:d1:09:a7:78:cf:9d:81:3e:92:c9:37:22:fd:
b7:db:55:49:eb:6f:0a:2b:ad:9f:c1:7e:1f:e9:5c:
01:d6:84:33:bb:9b:51:df:37:0f:08:74:e0:a4:df:
d0:06:65:d1:16:d4:e3:bd:f6:4e:ff:e0:e6:cc:d2:
ef:3d:1b:de:c9:31:3b:30:7e:92:60:80:ac:65:f2:
85:1e:e3:d6:58:54:82:92:57:01:89:2b:a9:20:0f:
76:4e:b2:a1:0a:84:4f:d4:da:96:32:1a:14:e0:dc:
67:30:3a:70:4e:7e:68:11:7e:ee:3f:33:f8:5b:6b:
61:7e:36:69:03:2d:df:b3:39:f5:a7:29:36:9d:c0:
e7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AE:5B:69:43:A6:FE:6D:E1:FC:34:D8:6D:6D:BD:60:59:6F:30:EA
X509v3 Authority Key Identifier:
keyid:80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/MK5baUOm_m3h_DTYbW29YFlvMOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.196.0/23
194.125.246.0/23
195.22.158.0/24
Signature Algorithm: sha256WithRSAEncryption
81:2b:a6:85:03:ae:9c:77:4f:b0:a0:ea:4b:18:ca:a5:2e:07:
90:83:42:be:08:13:68:be:ac:08:47:b2:8a:ef:32:25:23:ae:
04:69:95:22:d2:a5:fc:a2:83:71:e8:ab:95:d2:2b:4e:0a:ac:
8d:4c:b4:7b:cb:4e:fc:79:db:3c:ed:3f:20:f4:7f:13:2e:1e:
5b:68:7f:d2:6a:f7:98:84:a9:dd:86:4c:46:0a:b9:61:8a:e9:
69:d0:d3:be:7d:b9:b8:eb:01:de:f4:b5:42:b4:a1:ce:cb:e8:
27:f9:c0:de:cd:99:65:1a:e8:6a:43:c6:95:dc:e8:3b:a7:ce:
f8:03:e5:4a:ba:e5:24:de:df:de:1c:fd:13:47:42:e9:41:6d:
a9:26:af:5d:0f:5d:6c:00:4b:67:31:77:bd:41:a4:ed:fa:ea:
8c:4b:c3:7a:33:36:bd:8b:2c:1b:0e:51:e9:cf:5f:d7:0c:4c:
01:56:87:71:e3:0b:fb:1e:aa:04:68:fd:a1:e4:7b:06:3d:69:
c1:4a:ee:f9:a2:70:e1:48:73:c7:3b:ba:c5:f0:f2:df:de:40:
4c:a7:db:fb:c6:38:8d:29:e7:ba:74:79:bd:23:61:ac:e3:78:
b7:d7:09:58:f1:d7:0b:32:20:34:42:81:b9:64:04:0e:9b:31:
f8:64:5c:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNoMW6i6crGJ4myvPZc0jVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzlhZmNiYTVhODc2MmZiNzlmNGU1ZTBkN2EzNWVlODRj
ZDNkZjQwHhcNMjQxMTI2MTExODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFlNWI2OTQzYTZmZTZkZTFmYzM0ZDg2ZDZkYmQ2MDU5NmYzMGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4+83PABhgM0BxU1BX2os32dAMcJ
BEDDiFEdajJmsE2di/SR/zDsHGaL4ffWtCIGWdJAdDqQqn6zCgp8HFsi1J6BvTEX
Btv4WAGZj9sL3jk+k07SVO9HZF8BniUjM2CqI2k+CT9IVvK24KfbNKrlvT22zSMk
/pLHhtEJp3jPnYE+ksk3Iv2321VJ628KK62fwX4f6VwB1oQzu5tR3zcPCHTgpN/Q
BmXRFtTjvfZO/+DmzNLvPRveyTE7MH6SYICsZfKFHuPWWFSCklcBiSupIA92TrKh
CoRP1NqWMhoU4NxnMDpwTn5oEX7uPzP4W2thfjZpAy3fszn1pyk2ncDniQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDCuW2lDpv5t4fw02G1tvWBZbzDqMB8GA1UdIwQY
MBaAFIB5r8ulqHYvt59OXg16Ne6EzT30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMt
ZDJlMTBjOTc2NDVmLzEvTUs1YmFVT21fbTNoX0RUWWJXMjlZRmx2TU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMtZDJlMTBjOTc2NDVm
LzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwRPEAwQB
wn32AwQAwxaeMA0GCSqGSIb3DQEBCwUAA4IBAQCBK6aFA66cd0+woOpLGMqlLgeQ
g0K+CBNovqwIR7KK7zIlI64EaZUi0qX8ooNx6KuV0itOCqyNTLR7y078eds87T8g
9H8TLh5baH/SaveYhKndhkxGCrlhiulp0NO+fbm46wHe9LVCtKHOy+gn+cDezZll
GuhqQ8aV3Og7p874A+VKuuUk3t/eHP0TR0LpQW2pJq9dD11sAEtnMXe9QaTt+uqM
S8N6Mza9iywbDlHpz1/XDEwBVodx4wv7HqoEaP2h5HsGPWnBSu75onDhSHPHO7rF
8PLf3kBMp9v7xjiNKee6dHm9I2Gs43i31wlY8dcLMiA0QoG5ZAQOmzH4ZFxM
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:06:57 2025 by rpki-client