Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/CTjK2Bvi4zzXvWgdAsxUiv9i9JU.roa
File: CTjK2Bvi4zzXvWgdAsxUiv9i9JU.roa (raw, json)
Hash identifier: p5j9V4ANV7QQ5gI+PPK+h2onM4kQV+1AG+KuL+8J+pA=
Subject key identifier: 09:38:CA:D8:1B:E2:E3:3C:D7:BD:68:1D:02:CC:54:8A:FF:62:F4:95
Certificate issuer: /CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Certificate serial: 0190DA344D027076B42943D630693AAD95A8
Authority key identifier: 4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/CTjK2Bvi4zzXvWgdAsxUiv9i9JU.roa
Signing time: Mon 22 Jul 2024 11:29:39 +0000
ROA not before: Mon 22 Jul 2024 11:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200356
IP address blocks: 62.182.100.0/23 maxlen: 24
193.84.18.0/24 maxlen: 24
2a02:4bb::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:34:4d:02:70:76:b4:29:43:d6:30:69:3a:ad:95:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Validity
Not Before: Jul 22 11:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0938cad81be2e33cd7bd681d02cc548aff62f495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c3:27:8c:d2:e6:a4:fa:6c:2e:58:cd:b0:7b:
0f:10:9a:96:d9:18:82:88:97:03:13:ba:cf:ac:8f:
83:d5:dc:62:76:41:8b:07:ec:53:4d:96:bb:7c:d0:
79:cc:b6:6f:f3:40:e0:92:89:58:6a:0b:0e:a3:1e:
33:44:5b:56:f2:60:7f:70:32:7a:68:20:cf:8e:d2:
ab:95:a6:56:52:65:f4:0d:5c:d2:50:ca:e0:23:4c:
c1:20:56:27:1e:7b:de:37:f6:4b:0d:ac:98:37:4d:
81:67:31:01:ea:f9:1b:4e:df:a0:fd:a3:31:2e:fa:
d3:0a:b4:5a:c5:03:93:cc:cc:dc:ab:93:b2:14:b6:
db:f5:c8:08:bf:b4:08:2d:36:8a:1c:b1:83:23:8b:
75:d5:96:60:8b:2c:f6:01:cc:d1:22:11:9f:e4:a2:
bc:ba:f0:cb:a0:9e:70:c9:ba:b8:51:f4:dd:c1:39:
6f:d6:bb:dd:e8:44:61:2c:2d:07:ad:51:9a:e4:69:
f9:42:b1:3b:89:36:1f:57:c0:3e:6f:71:1e:8a:16:
7c:56:42:1c:a3:7a:c0:aa:f8:9c:a2:f8:0f:8e:e0:
59:d4:6f:cc:e9:f3:4e:fb:fa:81:17:44:29:94:2e:
5b:17:88:99:8d:f6:24:05:ca:24:31:c4:33:c6:3a:
40:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:38:CA:D8:1B:E2:E3:3C:D7:BD:68:1D:02:CC:54:8A:FF:62:F4:95
X509v3 Authority Key Identifier:
keyid:4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/CTjK2Bvi4zzXvWgdAsxUiv9i9JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.100.0/23
193.84.18.0/24
IPv6:
2a02:4bb::/32
Signature Algorithm: sha256WithRSAEncryption
ba:9d:8b:7b:9b:e2:e8:e3:28:63:40:0c:f9:3e:be:6f:dd:b7:
e0:61:0a:0b:ca:2c:ff:5b:99:c2:22:27:b8:f0:91:3c:d3:49:
b9:a8:d0:4b:72:10:94:79:b7:af:85:0a:00:8a:01:26:a6:5c:
58:b0:ad:ef:ad:a5:4e:ce:ff:ba:3b:fe:60:98:cc:81:36:c6:
c9:7d:3a:7c:02:d1:90:42:b9:a2:f5:7a:f8:ee:54:48:89:a5:
86:17:c5:84:cf:03:3a:60:7c:e6:bc:5b:cd:0c:5f:ec:3e:ba:
5c:05:1f:37:73:26:c3:65:3e:25:41:a9:d4:e2:cf:07:9b:b4:
ce:08:77:43:91:cc:61:40:95:3c:76:c8:65:92:9b:0b:74:e2:
ef:e7:07:65:ee:67:51:29:bd:19:40:a8:33:da:9b:84:39:75:
32:ca:90:aa:c2:91:17:da:24:95:d7:5b:50:17:18:61:66:fe:
b9:95:03:d8:c5:f2:d5:cf:2d:1f:28:ff:e3:ce:a2:54:fd:d7:
99:e2:aa:28:ae:7f:f4:74:26:68:f0:73:75:44:94:8b:0e:db:
ac:23:86:ff:d3:e4:20:c7:d1:75:9b:47:9e:7f:3f:4f:c8:9c:
d5:bc:b5:9b:bb:f0:67:0d:2c:be:11:b7:29:ad:4f:bd:c9:46:
8e:e8:44:52
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZDaNE0CcHa0KUPWMGk6rZWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzY4M2Q2ZWE1MzlmZWYxYjZiNmRiZGQ3NGEzMWQwNWU1
ZjBhMjMwHhcNMjQwNzIyMTEyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTM4Y2FkODFiZTJlMzNjZDdiZDY4MWQwMmNjNTQ4YWZmNjJmNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxcMnjNLmpPpsLljNsHsPEJqW2RiC
iJcDE7rPrI+D1dxidkGLB+xTTZa7fNB5zLZv80DgkolYagsOox4zRFtW8mB/cDJ6
aCDPjtKrlaZWUmX0DVzSUMrgI0zBIFYnHnveN/ZLDayYN02BZzEB6vkbTt+g/aMx
LvrTCrRaxQOTzMzcq5OyFLbb9cgIv7QILTaKHLGDI4t11ZZgiyz2AczRIhGf5KK8
uvDLoJ5wybq4UfTdwTlv1rvd6ERhLC0HrVGa5Gn5QrE7iTYfV8A+b3EeihZ8VkIc
o3rAqvicovgPjuBZ1G/M6fNO+/qBF0QplC5bF4iZjfYkBcokMcQzxjpA6wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAk4ytgb4uM8171oHQLMVIr/YvSVMB8GA1UdIwQY
MBaAFE12g9bqU5/vG2ttvddKMdBeXwojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQt
NjhiMzc2OGY1MGRjLzEvQ1RqSzJCdmk0enpYdldnZEFzeFVpdjlpOUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQtNjhiMzc2OGY1MGRj
LzEvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBPrZkAwQA
wVQSMA0EAgACMAcDBQAqAgS7MA0GCSqGSIb3DQEBCwUAA4IBAQC6nYt7m+Lo4yhj
QAz5Pr5v3bfgYQoLyiz/W5nCIie48JE800m5qNBLchCUebevhQoAigEmplxYsK3v
raVOzv+6O/5gmMyBNsbJfTp8AtGQQrmi9Xr47lRIiaWGF8WEzwM6YHzmvFvNDF/s
PrpcBR83cybDZT4lQanU4s8Hm7TOCHdDkcxhQJU8dshlkpsLdOLv5wdl7mdRKb0Z
QKgz2puEOXUyypCqwpEX2iSV11tQFxhhZv65lQPYxfLVzy0fKP/jzqJU/deZ4qoo
rn/0dCZo8HN1RJSLDtusI4b/0+Qgx9F1m0eefz9PyJzVvLWbu/BnDSy+EbcprU+9
yUaO6ERS
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:33:23 2025 by rpki-client