Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/aDtPnv6BLLYyqJnT6aX9E6Sp3EI.roa
File: aDtPnv6BLLYyqJnT6aX9E6Sp3EI.roa (raw, json)
Hash identifier: veBW9I89nfw1W4ybAbPugPT4ZNF08aDCZZf0Ko6iMH4=
Subject key identifier: 68:3B:4F:9E:FE:81:2C:B6:32:A8:99:D3:E9:A5:FD:13:A4:A9:DC:42
Certificate issuer: /CN=706d64134faa746293c0384edac0371950f3b224
Certificate serial: 018CC348B885ACAE9E7F3F55FBF152E1A79B
Authority key identifier: 70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/aDtPnv6BLLYyqJnT6aX9E6Sp3EI.roa
Signing time: Mon 01 Jan 2024 04:29:32 +0000
ROA not before: Mon 01 Jan 2024 04:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203231
IP address blocks: 193.218.161.0/24 maxlen: 24
193.218.160.0/24 maxlen: 24
193.218.160.0/20 maxlen: 20
2a0a:5180::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b8:85:ac:ae:9e:7f:3f:55:fb:f1:52:e1:a7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d64134faa746293c0384edac0371950f3b224
Validity
Not Before: Jan 1 04:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=683b4f9efe812cb632a899d3e9a5fd13a4a9dc42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8b:0e:da:69:45:20:f5:d2:9c:72:eb:6d:a1:
af:e9:48:1a:0b:01:92:f6:76:a5:74:68:1c:ef:b3:
5d:73:81:29:97:e8:1f:37:69:41:76:8f:af:a5:44:
60:5d:5a:a6:85:a0:5f:0a:d4:c3:67:3c:31:b8:ca:
4f:5d:0b:8b:69:28:e4:b5:00:9f:3c:db:c4:8c:6e:
04:4b:4c:3b:d3:7a:52:60:0b:65:71:4f:01:e3:a5:
51:cd:0f:5b:16:11:df:5a:9e:1a:c2:90:5d:b3:41:
87:32:d9:f3:40:f8:dc:5e:9f:54:4a:1a:5e:2a:f8:
c1:e4:58:2f:72:04:7a:e3:ca:ce:70:b0:dd:17:1c:
71:87:b2:65:0c:14:b5:a6:6c:93:02:44:21:65:61:
c7:8f:a0:0f:f3:20:95:41:18:4e:23:68:2e:eb:66:
6f:dd:00:b7:7f:96:07:b2:44:c9:ed:da:11:47:9b:
c6:50:cf:6f:e5:0f:81:cc:cc:45:4b:d8:6a:71:af:
54:e5:3a:11:a4:62:d7:ce:bb:63:14:d8:d7:2b:b0:
da:50:d9:9e:6f:38:01:25:fd:63:0d:9f:21:dc:c4:
4f:7f:99:47:a5:24:f3:af:62:af:57:6a:b9:79:29:
5b:10:7c:55:c6:da:f8:62:68:f9:79:db:52:11:d0:
56:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:3B:4F:9E:FE:81:2C:B6:32:A8:99:D3:E9:A5:FD:13:A4:A9:DC:42
X509v3 Authority Key Identifier:
keyid:70:6D:64:13:4F:AA:74:62:93:C0:38:4E:DA:C0:37:19:50:F3:B2:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/aDtPnv6BLLYyqJnT6aX9E6Sp3EI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3298e3-9a50-4cfb-84e6-d137ade166d1/1/cG1kE0-qdGKTwDhO2sA3GVDzsiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.160.0/20
IPv6:
2a0a:5180::/29
Signature Algorithm: sha256WithRSAEncryption
b4:88:43:4b:bd:01:24:0b:0a:8c:73:1e:ac:ae:7f:ab:7f:8a:
fe:5f:03:46:32:87:d5:cb:21:0f:3b:bb:87:25:8a:08:1f:61:
44:db:bd:bf:75:47:28:9e:83:a8:b5:b7:34:dc:3f:b9:2a:ca:
a2:1c:d6:27:ce:e0:6a:50:ad:0e:d9:d2:20:cd:f4:30:44:21:
ad:8b:60:61:50:3c:a4:0d:a3:8a:e5:fe:63:fb:2c:0c:f8:1d:
59:a7:23:eb:6c:c9:75:8f:0e:d4:94:5c:4f:c8:f5:5a:ab:d6:
54:88:bf:7b:1c:e2:2c:14:6d:43:b7:b3:dd:20:1b:5e:12:ab:
ad:ad:de:09:f3:cb:35:d0:34:7e:f8:94:f0:e7:a5:2a:8d:68:
75:d0:a7:62:1b:a4:68:b4:9f:01:eb:49:3c:3d:07:d7:78:28:
5a:82:0c:46:ca:b0:4d:ca:b9:c2:ca:5c:b1:b6:64:ce:85:a7:
8d:3c:2d:72:a9:4d:49:9c:0c:29:93:da:d3:8e:d4:e9:f1:8b:
fa:d1:99:ce:7c:98:be:fa:85:e0:91:15:0d:42:52:c9:18:5c:
ee:b8:f1:02:94:68:0f:ae:21:3a:0f:98:bd:af:7e:85:3f:31:
75:51:f6:d8:1f:90:0b:bd:a4:81:74:b7:2a:a4:de:e6:11:bc:
b4:ff:bc:56
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSLiFrK6efz9V+/FS4aebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQ2NDEzNGZhYTc0NjI5M2MwMzg0ZWRhYzAzNzE5NTBm
M2IyMjQwHhcNMjQwMTAxMDQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODNiNGY5ZWZlODEyY2I2MzJhODk5ZDNlOWE1ZmQxM2E0YTlkYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YsO2mlFIPXSnHLrbaGv6UgaCwGS
9naldGgc77Ndc4Epl+gfN2lBdo+vpURgXVqmhaBfCtTDZzwxuMpPXQuLaSjktQCf
PNvEjG4ES0w703pSYAtlcU8B46VRzQ9bFhHfWp4awpBds0GHMtnzQPjcXp9UShpe
KvjB5FgvcgR648rOcLDdFxxxh7JlDBS1pmyTAkQhZWHHj6AP8yCVQRhOI2gu62Zv
3QC3f5YHskTJ7doRR5vGUM9v5Q+BzMxFS9hqca9U5ToRpGLXzrtjFNjXK7DaUNme
bzgBJf1jDZ8h3MRPf5lHpSTzr2KvV2q5eSlbEHxVxtr4Ymj5edtSEdBW3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGg7T57+gSy2MqiZ0+ml/ROkqdxCMB8GA1UdIwQY
MBaAFHBtZBNPqnRik8A4TtrANxlQ87IkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cxa0UwLXFkR0tUd0RoTzJzQTNHVkR6c2lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zMjk4ZTMtOWE1MC00Y2ZiLTg0ZTYt
ZDEzN2FkZTE2NmQxLzEvYUR0UG52NkJMTFl5cUpuVDZhWDlFNlNwM0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zMjk4ZTMtOWE1MC00Y2ZiLTg0ZTYtZDEzN2FkZTE2NmQx
LzEvY0cxa0UwLXFkR0tUd0RoTzJzQTNHVkR6c2lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEwdqgMA0E
AgACMAcDBQMqClGAMA0GCSqGSIb3DQEBCwUAA4IBAQC0iENLvQEkCwqMcx6srn+r
f4r+XwNGMofVyyEPO7uHJYoIH2FE272/dUconoOotbc03D+5KsqiHNYnzuBqUK0O
2dIgzfQwRCGti2BhUDykDaOK5f5j+ywM+B1ZpyPrbMl1jw7UlFxPyPVaq9ZUiL97
HOIsFG1Dt7PdIBteEqutrd4J88s10DR++JTw56UqjWh10KdiG6RotJ8B60k8PQfX
eChaggxGyrBNyrnCylyxtmTOhaeNPC1yqU1JnAwpk9rTjtTp8Yv60ZnOfJi++oXg
kRUNQlLJGFzuuPEClGgPriE6D5i9r36FPzF1UfbYH5ALvaSBdLcqpN7mEby0/7xW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:32 2025 by rpki-client