Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/P5mtrVJDPm9fdIJNhgKCQGL6dXQ.roa
File: P5mtrVJDPm9fdIJNhgKCQGL6dXQ.roa (raw, json)
Hash identifier: 198UWcrKzHDaasABC7rV4S/OYKmK+T1PJH6ysGj2bP4=
Subject key identifier: 3F:99:AD:AD:52:43:3E:6F:5F:74:82:4D:86:02:82:40:62:FA:75:74
Certificate issuer: /CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Certificate serial: 019368316D9273556E3BCEBE3B2C7BC138EA
Authority key identifier: 80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/P5mtrVJDPm9fdIJNhgKCQGL6dXQ.roa
Signing time: Tue 26 Nov 2024 11:18:09 +0000
ROA not before: Tue 26 Nov 2024 11:18:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 193.19.196.0/24 maxlen: 24
193.19.197.0/24 maxlen: 24
194.125.246.0/24 maxlen: 24
194.125.247.0/24 maxlen: 24
195.22.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:31:6d:92:73:55:6e:3b:ce:be:3b:2c:7b:c1:38:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Validity
Not Before: Nov 26 11:18:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f99adad52433e6f5f74824d8602824062fa7574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b4:e9:10:f0:0d:25:44:67:06:31:33:cf:7c:
af:7a:20:06:12:ec:5d:65:49:d9:c6:13:16:97:b3:
48:38:4d:b7:0e:c1:af:33:86:0e:26:c3:5d:00:df:
85:46:30:3d:57:6b:05:2a:b4:aa:40:27:26:ef:d7:
98:02:c9:36:c7:94:9a:83:c8:4b:25:a2:d5:d4:57:
b3:98:15:24:bd:7f:4b:a4:c9:b9:4e:a5:da:7e:b3:
fc:97:e0:20:df:de:52:f0:e8:d4:1a:68:5a:fa:20:
69:1f:08:07:0f:45:34:d8:aa:02:96:37:be:94:7c:
42:03:46:99:a7:f7:0e:7c:91:f0:9b:8d:0e:9f:0f:
78:fd:5d:33:c6:2d:04:6a:4a:2d:eb:a4:47:37:72:
32:1c:0b:34:79:58:43:59:07:3a:1a:4c:09:52:08:
cb:d4:87:80:e2:4a:b4:bb:c5:da:a3:b6:84:af:3e:
3a:73:6f:84:d7:dd:3e:1f:dd:e8:11:cc:31:3f:f7:
22:a9:da:a0:ac:38:7b:f7:27:15:0c:3b:b1:50:e4:
4c:48:b5:a6:d8:7d:b9:26:2b:d3:a1:f4:b2:7b:4f:
16:1b:dd:2f:b7:73:1a:e0:67:d1:fe:57:31:88:8d:
f2:2f:a1:2f:71:17:32:00:a7:74:33:09:d7:40:36:
3e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:99:AD:AD:52:43:3E:6F:5F:74:82:4D:86:02:82:40:62:FA:75:74
X509v3 Authority Key Identifier:
keyid:80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/P5mtrVJDPm9fdIJNhgKCQGL6dXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.196.0/23
194.125.246.0/23
195.22.158.0/24
Signature Algorithm: sha256WithRSAEncryption
74:67:bb:34:63:07:3d:f2:ac:36:39:5a:a5:ed:86:ea:6e:b9:
7c:0c:3b:25:d3:ee:12:a2:ff:f7:f5:27:0d:ab:a4:82:84:2d:
53:ed:3c:a6:f6:75:09:71:98:93:ab:3b:0f:5a:50:c1:04:8a:
82:0f:2a:70:bb:9b:85:c4:f0:9c:32:f1:ad:90:95:2c:b1:88:
e9:6b:1f:bb:9e:4f:b1:44:65:f8:75:4b:99:75:e6:4d:04:6e:
79:9b:ce:91:1b:77:36:58:97:26:a1:78:7c:fc:1f:4c:8f:0d:
36:dc:51:c1:dd:59:83:5a:84:cf:79:ff:63:82:41:a1:04:eb:
81:f7:d7:e8:26:30:d0:2a:2a:07:4f:5a:9b:39:24:e2:b0:98:
5e:aa:38:be:5f:49:76:5c:09:cc:c4:ca:57:a0:4d:84:f2:f3:
f5:57:ef:3f:59:41:49:0e:7c:99:82:08:00:15:18:12:12:d2:
2d:95:eb:e3:a7:9d:01:05:6e:bc:ca:bf:8a:f9:74:7f:13:ef:
6b:fb:7d:c5:8b:7d:d2:da:72:cc:3f:9d:c1:3a:9e:c4:74:15:
66:1e:1a:ad:7e:69:3d:75:cf:85:95:82:e3:cc:52:82:0f:02:
64:a5:36:8d:6a:83:79:b9:12:8d:06:88:79:30:3f:03:14:e9:
d8:1a:11:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNoMW2Sc1VuO86+Oyx7wTjqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzlhZmNiYTVhODc2MmZiNzlmNGU1ZTBkN2EzNWVlODRj
ZDNkZjQwHhcNMjQxMTI2MTExODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjk5YWRhZDUyNDMzZTZmNWY3NDgyNGQ4NjAyODI0MDYyZmE3NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbTpEPANJURnBjEzz3yveiAGEuxd
ZUnZxhMWl7NIOE23DsGvM4YOJsNdAN+FRjA9V2sFKrSqQCcm79eYAsk2x5Sag8hL
JaLV1FezmBUkvX9LpMm5TqXafrP8l+Ag395S8OjUGmha+iBpHwgHD0U02KoClje+
lHxCA0aZp/cOfJHwm40Onw94/V0zxi0Eakot66RHN3IyHAs0eVhDWQc6GkwJUgjL
1IeA4kq0u8Xao7aErz46c2+E190+H93oEcwxP/ciqdqgrDh79ycVDDuxUORMSLWm
2H25JivTofSye08WG90vt3Ma4GfR/lcxiI3yL6EvcRcyAKd0MwnXQDY+0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD+Zra1SQz5vX3SCTYYCgkBi+nV0MB8GA1UdIwQY
MBaAFIB5r8ulqHYvt59OXg16Ne6EzT30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMt
ZDJlMTBjOTc2NDVmLzEvUDVtdHJWSkRQbTlmZElKTmhnS0NRR0w2ZFhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMtZDJlMTBjOTc2NDVm
LzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwRPEAwQB
wn32AwQAwxaeMA0GCSqGSIb3DQEBCwUAA4IBAQB0Z7s0Ywc98qw2OVql7Ybqbrl8
DDsl0+4Sov/39ScNq6SChC1T7Tym9nUJcZiTqzsPWlDBBIqCDypwu5uFxPCcMvGt
kJUssYjpax+7nk+xRGX4dUuZdeZNBG55m86RG3c2WJcmoXh8/B9Mjw023FHB3VmD
WoTPef9jgkGhBOuB99foJjDQKioHT1qbOSTisJheqji+X0l2XAnMxMpXoE2E8vP1
V+8/WUFJDnyZgggAFRgSEtItlevjp50BBW68yr+K+XR/E+9r+33Fi33S2nLMP53B
Op7EdBVmHhqtfmk9dc+FlYLjzFKCDwJkpTaNaoN5uRKNBoh5MD8DFOnYGhGJ
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:11:17 2025 by rpki-client