Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/taf8aJVUMV6mac07U8_6aKp1U8U.roa
File: taf8aJVUMV6mac07U8_6aKp1U8U.roa (raw, json)
Hash identifier: 4FT8jf6HBdyCQmEMSDx72ph3gFr+/vQwRw8yLiChx6I=
Subject key identifier: B5:A7:FC:68:95:54:31:5E:A6:69:CD:3B:53:CF:FA:68:AA:75:53:C5
Certificate issuer: /CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Certificate serial: 018CC501345FE74CBA44AAC94E924BEEFB4D
Authority key identifier: 65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/taf8aJVUMV6mac07U8_6aKp1U8U.roa
Signing time: Mon 01 Jan 2024 12:30:39 +0000
ROA not before: Mon 01 Jan 2024 12:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 193.38.178.0/24 maxlen: 24
193.38.179.0/24 maxlen: 24
193.38.180.0/24 maxlen: 24
193.38.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:34:5f:e7:4c:ba:44:aa:c9:4e:92:4b:ee:fb:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Validity
Not Before: Jan 1 12:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5a7fc689554315ea669cd3b53cffa68aa7553c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:33:e3:19:9a:51:0d:65:7d:d5:ae:53:99:f7:
96:54:86:1b:21:02:37:1e:a1:1b:66:19:d4:a4:8b:
08:26:f0:e2:2a:20:12:a0:ee:15:75:2b:bc:0f:20:
c0:dd:a9:b7:8d:27:d0:ab:74:da:99:4a:67:f8:01:
2d:23:42:62:a4:3e:44:ed:b9:9f:43:81:39:80:21:
cf:de:fa:8a:d9:a5:5d:24:de:68:00:64:c5:99:75:
e4:e9:6b:34:3a:d9:b7:db:13:9e:b6:00:81:89:a8:
bd:9c:a9:9f:9f:0c:4a:86:f8:f1:11:66:46:d4:2c:
8b:95:1c:cb:48:e3:26:96:93:3d:51:15:52:77:5f:
5d:3b:cb:fc:e9:68:44:44:de:e6:13:ac:b5:f2:7d:
ac:ef:96:02:2e:bb:a3:99:f7:98:5c:40:40:ed:ad:
9d:a5:08:f9:4f:ac:b3:b8:ac:1d:68:b1:fd:53:a4:
b2:d0:46:1e:db:12:91:61:ac:38:32:e2:6f:ca:ff:
19:07:84:4d:de:16:55:1b:1a:9c:64:dc:6f:34:05:
b9:e0:2a:16:57:8a:14:42:43:e4:da:b3:b7:e9:ff:
f1:9d:88:b1:cb:05:84:58:ce:8e:c7:7c:c0:d7:21:
86:2b:bf:31:06:d5:9d:02:0a:f2:0f:1c:7d:cf:a6:
b4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A7:FC:68:95:54:31:5E:A6:69:CD:3B:53:CF:FA:68:AA:75:53:C5
X509v3 Authority Key Identifier:
keyid:65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/taf8aJVUMV6mac07U8_6aKp1U8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.178.0-193.38.181.255
Signature Algorithm: sha256WithRSAEncryption
87:b9:8e:58:a5:d9:36:87:9a:19:88:ec:eb:be:d7:89:18:3b:
08:6e:e0:fd:f1:7b:b5:7c:6c:2c:15:6b:c6:e7:18:49:b7:a5:
f4:bd:8a:cf:e1:63:00:99:aa:e2:a3:67:9e:43:6d:8d:ae:7a:
bc:5b:76:b4:96:f3:f0:5f:22:76:3d:cb:27:d5:65:80:56:cb:
2d:b1:ba:59:7b:ff:97:ba:3e:a7:53:74:7d:17:da:3d:80:e9:
38:81:63:47:ee:24:b6:e7:9b:af:35:e3:f9:dc:a7:63:cd:50:
9e:30:a9:5f:75:23:49:30:17:75:d1:4a:c0:7e:e7:15:ba:2e:
4c:b8:1f:3f:59:c2:ae:0f:69:94:13:f4:d4:2a:15:c7:69:5d:
45:69:4a:3c:e1:28:1d:b4:53:05:7c:4a:2c:92:4c:b7:11:2e:
46:fd:68:98:2d:68:d9:24:1c:ea:44:ef:3e:05:ed:6b:7c:48:
8f:92:ef:7a:28:1e:fd:c9:3d:10:9b:a8:a3:d5:e0:44:b1:5e:
1b:ec:40:dd:17:05:cc:3c:8a:83:14:f7:8a:25:81:32:2a:a7:
8e:af:89:3f:e3:8b:40:3a:5c:88:72:a3:c3:77:83:de:f0:9f:
6a:45:34:e6:10:a6:ae:f7:a8:c7:12:82:f3:bc:21:70:02:e3:
f4:05:3d:22
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzFATRf50y6RKrJTpJL7vtNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWMzNTY2MzMzODhlOWJkODk3ZDAwMGEzZjM4YmMxZTU0
NmVmNGEwHhcNMjQwMTAxMTIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE3ZmM2ODk1NTQzMTVlYTY2OWNkM2I1M2NmZmE2OGFhNzU1M2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTPjGZpRDWV91a5TmfeWVIYbIQI3
HqEbZhnUpIsIJvDiKiASoO4VdSu8DyDA3am3jSfQq3TamUpn+AEtI0JipD5E7bmf
Q4E5gCHP3vqK2aVdJN5oAGTFmXXk6Ws0Otm32xOetgCBiai9nKmfnwxKhvjxEWZG
1CyLlRzLSOMmlpM9URVSd19dO8v86WhERN7mE6y18n2s75YCLrujmfeYXEBA7a2d
pQj5T6yzuKwdaLH9U6Sy0EYe2xKRYaw4MuJvyv8ZB4RN3hZVGxqcZNxvNAW54CoW
V4oUQkPk2rO36f/xnYixywWEWM6Ox3zA1yGGK78xBtWdAgryDxx9z6a08QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLWn/GiVVDFepmnNO1PP+miqdVPFMB8GA1UdIwQY
MBaAFGWcNWYzOI6b2JfQAKPzi8HlRu9KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTkt
M2M3ZTRmOTNlNDJiLzEvdGFmOGFKVlVNVjZtYWMwN1U4XzZhS3AxVThVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTktM2M3ZTRmOTNlNDJi
LzEvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHBJrID
BAHBJrQwDQYJKoZIhvcNAQELBQADggEBAIe5jlil2TaHmhmI7Ou+14kYOwhu4P3x
e7V8bCwVa8bnGEm3pfS9is/hYwCZquKjZ55DbY2uerxbdrSW8/BfInY9yyfVZYBW
yy2xull7/5e6PqdTdH0X2j2A6TiBY0fuJLbnm6814/ncp2PNUJ4wqV91I0kwF3XR
SsB+5xW6Lky4Hz9Zwq4PaZQT9NQqFcdpXUVpSjzhKB20UwV8SiySTLcRLkb9aJgt
aNkkHOpE7z4F7Wt8SI+S73ooHv3JPRCbqKPV4ESxXhvsQN0XBcw8ioMU94olgTIq
p46viT/ji0A6XIhyo8N3g97wn2pFNOYQpq73qMcSgvO8IXAC4/QFPSI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:22:34 2025 by rpki-client