Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/2T6R1fmSlabnlwau83XRetBhKY0.roa
File: 2T6R1fmSlabnlwau83XRetBhKY0.roa (raw, json)
Hash identifier: SpyBSJH3+jIT27K+LbjwTkn04bf5qZnwvbrCFw1F0oo=
Subject key identifier: D9:3E:91:D5:F9:92:95:A6:E7:97:06:AE:F3:75:D1:7A:D0:61:29:8D
Certificate issuer: /CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Certificate serial: 018CC3B6E3463B28A6ED2A23179A5D192609
Authority key identifier: 8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/2T6R1fmSlabnlwau83XRetBhKY0.roa
Signing time: Mon 01 Jan 2024 06:29:52 +0000
ROA not before: Mon 01 Jan 2024 06:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 193.8.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 Feb 2024 12:24:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e3:46:3b:28:a6:ed:2a:23:17:9a:5d:19:26:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aa47d08fc85213df4fda2cf9561b8e68bc273dc
Validity
Not Before: Jan 1 06:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d93e91d5f99295a6e79706aef375d17ad061298d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4a:f8:0a:5a:29:a5:eb:fc:61:35:bc:d0:3d:
2a:53:fd:06:2b:4e:70:70:a3:c4:49:00:f8:7c:75:
bd:41:b1:d1:22:c0:5e:2e:a3:03:93:a7:ba:f9:0b:
8c:ac:0a:21:02:62:8a:22:c6:ea:a0:85:37:aa:1c:
2c:e2:db:a7:d7:de:f4:70:b7:a3:26:5d:9e:bc:4a:
e2:1e:75:80:4e:68:64:f1:f4:9a:46:75:e1:ac:96:
9c:6b:b4:d6:cb:d7:98:bc:c0:97:ac:bd:75:7a:fc:
ba:01:7a:8f:f8:0c:a4:84:ec:25:6c:8e:75:4f:73:
34:67:d8:d8:85:4c:6c:14:92:71:fc:30:1d:8e:56:
17:7f:04:7b:7b:61:0d:63:5f:68:cc:6d:5a:e9:67:
2c:10:29:48:b4:0f:ca:17:ec:0d:63:b8:d5:c8:b2:
1b:cc:aa:4c:fe:7d:c5:84:10:20:5f:95:0a:e1:77:
da:b4:13:25:76:b6:74:51:ac:ca:bc:70:69:2b:e6:
e5:c3:91:06:ae:7a:f8:b1:2e:59:17:65:7b:88:dd:
42:8c:45:6a:65:ae:38:6e:77:ec:a6:7e:e8:9e:14:
46:ae:be:a3:61:23:5e:f9:1b:f4:63:bd:5d:e2:15:
62:48:fb:0f:30:c9:10:28:14:21:61:4d:f9:9e:7f:
4d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3E:91:D5:F9:92:95:A6:E7:97:06:AE:F3:75:D1:7A:D0:61:29:8D
X509v3 Authority Key Identifier:
keyid:8A:A4:7D:08:FC:85:21:3D:F4:FD:A2:CF:95:61:B8:E6:8B:C2:73:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqR9CPyFIT30_aLPlWG45ovCc9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/2T6R1fmSlabnlwau83XRetBhKY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/a1f0a0-439d-4266-a3db-e6b1e986f95f/1/iqR9CPyFIT30_aLPlWG45ovCc9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.230.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:25:ac:0e:c9:32:d8:ec:6c:af:67:ec:2c:4f:d1:32:50:85:
f2:18:ee:2d:8d:4b:e4:f7:79:77:cc:fa:ee:96:a8:10:96:c2:
b8:99:5b:64:b2:77:f5:f8:cc:13:4a:73:4e:2a:d7:9c:3d:1b:
72:b7:a2:fb:0c:41:be:33:7d:48:b6:6f:2f:a2:11:e0:63:93:
6e:08:7c:16:85:5d:70:8e:c4:a6:3c:9b:e2:ec:15:53:3b:60:
08:00:3e:57:e9:8a:c3:81:6f:85:5c:90:49:dd:28:15:ae:76:
04:a6:f6:15:63:d4:4a:5f:0e:d5:8b:e1:0e:bc:5c:aa:e1:44:
b1:55:62:6c:df:9a:8a:76:d5:9b:88:76:eb:4a:4a:eb:a3:3a:
43:82:29:e7:53:53:84:e1:e3:55:0c:e0:29:05:a1:d4:28:a7:
0f:1b:c4:80:10:43:70:96:24:21:92:5b:48:e2:96:dc:5f:d7:
74:3b:1c:89:ee:fa:ec:63:01:a8:22:a7:dc:a1:be:10:0b:95:
f7:79:f5:5f:38:42:7d:44:22:38:24:b2:82:65:03:2d:dc:0f:
31:bf:8b:31:66:2e:4a:96:e4:bf:e1:d6:29:cc:7c:3a:ac:31:
6a:a1:11:c4:e3:46:cf:cb:f3:f1:62:12:61:d9:ae:ef:4e:39:
d0:ef:81:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtuNGOyim7SojF5pdGSYJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTQ3ZDA4ZmM4NTIxM2RmNGZkYTJjZjk1NjFiOGU2OGJj
MjczZGMwHhcNMjQwMTAxMDYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNlOTFkNWY5OTI5NWE2ZTc5NzA2YWVmMzc1ZDE3YWQwNjEyOThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEr4Cloppev8YTW80D0qU/0GK05w
cKPESQD4fHW9QbHRIsBeLqMDk6e6+QuMrAohAmKKIsbqoIU3qhws4tun1970cLej
Jl2evEriHnWATmhk8fSaRnXhrJaca7TWy9eYvMCXrL11evy6AXqP+AykhOwlbI51
T3M0Z9jYhUxsFJJx/DAdjlYXfwR7e2ENY19ozG1a6WcsEClItA/KF+wNY7jVyLIb
zKpM/n3FhBAgX5UK4XfatBMldrZ0UazKvHBpK+blw5EGrnr4sS5ZF2V7iN1CjEVq
Za44bnfspn7onhRGrr6jYSNe+Rv0Y71d4hViSPsPMMkQKBQhYU35nn9NgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNk+kdX5kpWm55cGrvN10XrQYSmNMB8GA1UdIwQY
MBaAFIqkfQj8hSE99P2iz5VhuOaLwnPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGIt
ZTZiMWU5ODZmOTVmLzEvMlQ2UjFmbVNsYWJubHdhdTgzWFJldEJoS1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9hMWYwYTAtNDM5ZC00MjY2LWEzZGItZTZiMWU5ODZmOTVm
LzEvaXFSOUNQeUZJVDMwX2FMUGxXRzQ1b3ZDYzl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQjmMA0G
CSqGSIb3DQEBCwUAA4IBAQBLJawOyTLY7GyvZ+wsT9EyUIXyGO4tjUvk93l3zPru
lqgQlsK4mVtksnf1+MwTSnNOKtecPRtyt6L7DEG+M31Itm8vohHgY5NuCHwWhV1w
jsSmPJvi7BVTO2AIAD5X6YrDgW+FXJBJ3SgVrnYEpvYVY9RKXw7Vi+EOvFyq4USx
VWJs35qKdtWbiHbrSkrrozpDginnU1OE4eNVDOApBaHUKKcPG8SAEENwliQhkltI
4pbcX9d0OxyJ7vrsYwGoIqfcob4QC5X3efVfOEJ9RCI4JLKCZQMt3A8xv4sxZi5K
luS/4dYpzHw6rDFqoRHE40bPy/PxYhJh2a7vTjnQ74Gn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:43 2025 by rpki-client