Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/tGD4W0Va4_yXvyG_6XnwBQwn-cM.roa
File: tGD4W0Va4_yXvyG_6XnwBQwn-cM.roa (raw, json)
Hash identifier: kCenl+g6lTduw60NmNdCq+skSRkJaPb2xG7FdxGZKHM=
Subject key identifier: B4:60:F8:5B:45:5A:E3:FC:97:BF:21:BF:E9:79:F0:05:0C:27:F9:C3
Certificate issuer: /CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Certificate serial: 0194236A3E39D1FD72F68D57686A8C48D7BE
Authority key identifier: 65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/tGD4W0Va4_yXvyG_6XnwBQwn-cM.roa
Signing time: Wed 01 Jan 2025 19:49:12 +0000
ROA not before: Wed 01 Jan 2025 19:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51964
IP address blocks: 193.38.190.0/24 maxlen: 24
193.38.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 12:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:3e:39:d1:fd:72:f6:8d:57:68:6a:8c:48:d7:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Validity
Not Before: Jan 1 19:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b460f85b455ae3fc97bf21bfe979f0050c27f9c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2b:c2:eb:69:7c:0a:d9:cd:cc:9b:53:56:56:
ef:3b:1e:a1:82:f0:11:31:27:3a:e1:eb:f4:17:25:
8d:17:4d:64:87:4d:14:ba:11:64:e5:05:4e:f5:85:
f0:54:1e:02:33:02:1b:92:c2:22:e0:f9:db:8b:2a:
74:7e:a3:dd:88:88:08:29:de:34:d3:1e:b5:db:e0:
20:67:7c:4b:7f:b6:ce:e9:df:68:47:d5:a8:24:af:
db:1f:34:17:23:7e:5d:f8:cc:4e:89:d8:31:8e:fd:
2c:ef:bd:b6:00:36:d7:d5:37:14:29:ff:f0:6d:f3:
45:73:6b:e7:60:d6:ce:3c:f1:08:b4:64:8d:34:2f:
2f:1d:79:be:7b:7d:c1:ce:c6:7b:ef:66:60:39:ef:
d0:ba:64:40:ce:5c:d2:7c:c2:61:cb:d1:93:4b:a0:
18:17:08:00:b1:97:9f:0e:e0:df:27:4f:37:a6:c5:
91:b2:2c:b5:88:7c:d1:4f:8d:d7:c5:19:d1:8e:04:
c8:52:b3:3a:c4:8e:ae:88:71:79:d2:0f:a9:19:2e:
e5:1a:53:b2:98:9d:5a:42:df:c2:d0:2d:92:30:f9:
e9:3d:2b:44:ff:ca:0c:e0:3b:16:15:06:25:82:ac:
7b:e5:bf:d6:95:f4:ab:be:60:e8:8d:c3:c1:18:8f:
fe:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:60:F8:5B:45:5A:E3:FC:97:BF:21:BF:E9:79:F0:05:0C:27:F9:C3
X509v3 Authority Key Identifier:
keyid:65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/tGD4W0Va4_yXvyG_6XnwBQwn-cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.190.0/23
Signature Algorithm: sha256WithRSAEncryption
65:5e:8e:a1:13:78:b0:9b:31:07:55:53:29:b3:71:43:cf:da:
f6:df:8d:88:4a:07:64:cf:38:df:bf:15:67:7c:1f:ac:6a:8f:
91:cf:e0:fe:d5:2c:ab:93:b7:69:02:5a:18:2f:86:a7:84:af:
e4:14:77:5e:f1:27:f9:fd:66:b0:79:83:6e:2d:53:51:d2:0a:
34:4c:55:d3:26:a8:c2:ae:8a:ab:5d:90:82:e5:50:8f:1f:cc:
36:28:ec:45:bc:72:1c:97:50:91:cf:db:ef:eb:12:2d:16:00:
8c:92:5a:47:c2:81:4f:35:02:ab:d6:ca:6e:7b:6d:82:80:c6:
83:3b:fe:32:b2:9d:9d:66:c9:cb:ba:97:70:2f:45:be:0b:59:
06:e9:50:6c:f9:2a:54:b8:72:28:ca:a0:0e:ad:fc:52:0d:69:
2a:ad:ff:ab:49:01:d8:88:4b:c7:6b:56:b6:f3:7a:88:d7:ab:
fa:15:6e:54:2f:f8:49:d2:af:6f:a2:06:1e:c4:c7:ae:ed:68:
6e:6d:2a:09:8b:8a:fa:82:dd:cb:43:72:40:eb:aa:20:d9:06:
b4:e6:2b:71:29:3c:3f:80:b5:aa:8b:bb:59:34:27:d2:61:af:
bd:bf:99:41:fb:7f:f7:ac:cd:4c:a2:4e:fb:7a:c9:1d:17:f5:
44:6f:72:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaj450f1y9o1XaGqMSNe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWMzNTY2MzMzODhlOWJkODk3ZDAwMGEzZjM4YmMxZTU0
NmVmNGEwHhcNMjUwMTAxMTk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDYwZjg1YjQ1NWFlM2ZjOTdiZjIxYmZlOTc5ZjAwNTBjMjdmOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSvC62l8CtnNzJtTVlbvOx6hgvAR
MSc64ev0FyWNF01kh00UuhFk5QVO9YXwVB4CMwIbksIi4Pnbiyp0fqPdiIgIKd40
0x612+AgZ3xLf7bO6d9oR9WoJK/bHzQXI35d+MxOidgxjv0s7722ADbX1TcUKf/w
bfNFc2vnYNbOPPEItGSNNC8vHXm+e33BzsZ772ZgOe/QumRAzlzSfMJhy9GTS6AY
FwgAsZefDuDfJ083psWRsiy1iHzRT43XxRnRjgTIUrM6xI6uiHF50g+pGS7lGlOy
mJ1aQt/C0C2SMPnpPStE/8oM4DsWFQYlgqx75b/WlfSrvmDojcPBGI/+vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRg+FtFWuP8l78hv+l58AUMJ/nDMB8GA1UdIwQY
MBaAFGWcNWYzOI6b2JfQAKPzi8HlRu9KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTkt
M2M3ZTRmOTNlNDJiLzEvdEdENFcwVmE0X3lYdnlHXzZYbndCUXduLWNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTktM2M3ZTRmOTNlNDJi
LzEvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSa+MA0G
CSqGSIb3DQEBCwUAA4IBAQBlXo6hE3iwmzEHVVMps3FDz9r2342ISgdkzzjfvxVn
fB+sao+Rz+D+1Syrk7dpAloYL4anhK/kFHde8Sf5/WaweYNuLVNR0go0TFXTJqjC
roqrXZCC5VCPH8w2KOxFvHIcl1CRz9vv6xItFgCMklpHwoFPNQKr1spue22CgMaD
O/4ysp2dZsnLupdwL0W+C1kG6VBs+SpUuHIoyqAOrfxSDWkqrf+rSQHYiEvHa1a2
83qI16v6FW5UL/hJ0q9vogYexMeu7WhubSoJi4r6gt3LQ3JA66og2Qa05itxKTw/
gLWqi7tZNCfSYa+9v5lB+3/3rM1Mok77eskdF/VEb3L5
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:44:04 2025 by rpki-client