Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/M8D2oWoLzCo50h7HrDot1bF5bAo.roa
File: M8D2oWoLzCo50h7HrDot1bF5bAo.roa (raw, json)
Hash identifier: EIrlUtOWD7Fb/1whKOk42NdU2qs74s+uzlzQPeYk1D8=
Subject key identifier: 33:C0:F6:A1:6A:0B:CC:2A:39:D2:1E:C7:AC:3A:2D:D5:B1:79:6C:0A
Certificate issuer: /CN=64aec8024caa103a8412696c7e72f77803cd8695
Certificate serial: 018CC86F0CDD5F65059C7586F6B05BE37755
Authority key identifier: 64:AE:C8:02:4C:AA:10:3A:84:12:69:6C:7E:72:F7:78:03:CD:86:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/M8D2oWoLzCo50h7HrDot1bF5bAo.roa
Signing time: Tue 02 Jan 2024 04:29:29 +0000
ROA not before: Tue 02 Jan 2024 04:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15525
IP address blocks: 193.43.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:0c:dd:5f:65:05:9c:75:86:f6:b0:5b:e3:77:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64aec8024caa103a8412696c7e72f77803cd8695
Validity
Not Before: Jan 2 04:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33c0f6a16a0bcc2a39d21ec7ac3a2dd5b1796c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ca:08:44:09:12:d6:dc:80:46:bf:51:c7:51:
a1:ea:50:c8:16:86:24:3f:62:18:a9:3d:2f:83:e7:
dd:cf:2f:88:bc:e2:a1:8e:91:14:e9:fd:da:4f:71:
6f:ec:8c:5c:a0:0f:71:38:04:43:c0:0b:f9:c1:9d:
23:c7:1a:2f:e0:ba:da:46:c7:1a:5e:11:16:5a:5e:
01:8b:83:0a:4a:bb:2d:2c:b8:ae:ce:54:c0:eb:c7:
ca:dc:0c:51:22:8a:c0:85:1b:db:d0:45:e1:bd:36:
78:f6:37:bc:ff:8a:e2:04:1e:e8:54:a7:97:36:4b:
95:b1:97:5d:17:71:f4:41:1c:3d:48:b0:d4:70:8e:
07:73:a3:aa:f8:06:63:9a:c0:c2:52:83:79:a3:61:
97:da:13:c5:81:54:3a:5a:c7:e5:73:2c:3b:46:e4:
74:2f:0b:af:42:58:0f:57:0f:3a:50:1b:b8:3d:b4:
c8:1a:5f:94:95:c6:a5:4e:c9:4f:05:49:9b:06:f2:
5e:b6:7e:d4:8d:69:86:25:7d:69:8a:f3:6a:44:63:
94:90:8c:03:5d:f5:3b:99:3e:b5:8b:41:11:eb:a8:
15:8c:74:41:b9:5e:2f:3e:2c:b5:35:13:f3:ad:9d:
36:56:96:11:83:f9:37:9c:07:39:54:be:cd:ba:5b:
cc:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C0:F6:A1:6A:0B:CC:2A:39:D2:1E:C7:AC:3A:2D:D5:B1:79:6C:0A
X509v3 Authority Key Identifier:
keyid:64:AE:C8:02:4C:AA:10:3A:84:12:69:6C:7E:72:F7:78:03:CD:86:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/M8D2oWoLzCo50h7HrDot1bF5bAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.40.0/24
Signature Algorithm: sha256WithRSAEncryption
54:6d:7d:76:9f:ee:8e:a5:26:3e:c1:85:28:43:c8:36:86:ee:
77:5b:c9:60:02:7b:09:b8:88:8b:6b:25:23:87:d7:54:15:15:
0f:9d:d2:40:c3:4f:2c:15:3a:ab:03:d8:53:d6:dc:2e:51:e6:
73:da:00:0d:f3:72:35:68:9f:b1:f6:b6:53:d7:20:a7:9a:a1:
6e:34:df:80:d2:54:c8:63:ca:e3:e4:cd:ef:81:82:65:55:59:
21:66:0f:51:26:05:d8:58:06:67:ba:be:46:c9:ee:b9:6f:10:
80:c6:13:d0:e3:d6:07:d8:c4:5a:08:30:b3:53:df:ad:ab:02:
73:35:89:57:a3:48:5a:59:58:4d:18:23:f1:d2:d0:17:c8:2b:
4f:70:ac:69:35:61:f3:22:e3:e6:b6:a7:62:8f:af:ff:50:40:
d2:1a:81:e3:c0:94:68:2e:f1:bf:a9:67:8c:37:3c:03:13:7e:
20:3c:72:14:17:8b:94:61:95:e6:e5:c8:94:26:87:9b:c5:81:
d7:7a:fd:7e:aa:aa:01:82:37:ec:6e:a2:b5:fb:45:a0:f9:90:
06:22:a9:e8:64:c2:ac:ae:bb:c5:ca:0a:ef:73:fc:1b:31:2b:
ad:7f:5d:2a:df:25:f1:f0:f5:f4:a9:14:26:ef:31:38:48:9c:
2c:24:54:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbwzdX2UFnHWG9rBb43dVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YWVjODAyNGNhYTEwM2E4NDEyNjk2YzdlNzJmNzc4MDNj
ZDg2OTUwHhcNMjQwMTAyMDQyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2MwZjZhMTZhMGJjYzJhMzlkMjFlYzdhYzNhMmRkNWIxNzk2YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsoIRAkS1tyARr9Rx1Gh6lDIFoYk
P2IYqT0vg+fdzy+IvOKhjpEU6f3aT3Fv7IxcoA9xOARDwAv5wZ0jxxov4LraRsca
XhEWWl4Bi4MKSrstLLiuzlTA68fK3AxRIorAhRvb0EXhvTZ49je8/4riBB7oVKeX
NkuVsZddF3H0QRw9SLDUcI4Hc6Oq+AZjmsDCUoN5o2GX2hPFgVQ6Wsflcyw7RuR0
LwuvQlgPVw86UBu4PbTIGl+UlcalTslPBUmbBvJetn7UjWmGJX1pivNqRGOUkIwD
XfU7mT61i0ER66gVjHRBuV4vPiy1NRPzrZ02VpYRg/k3nAc5VL7NulvM/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPA9qFqC8wqOdIex6w6LdWxeWwKMB8GA1UdIwQY
MBaAFGSuyAJMqhA6hBJpbH5y93gDzYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWks3SUFreXFFRHFFRW1sc2ZuTDNlQVBOaHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8wZjI0ZGQtZWY0YS00ZGJmLWIyMGQt
YjAzOWMyNGI5OWNhLzEvTThEMm9Xb0x6Q281MGg3SHJEb3QxYkY1YkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8wZjI0ZGQtZWY0YS00ZGJmLWIyMGQtYjAzOWMyNGI5OWNh
LzEvWks3SUFreXFFRHFFRW1sc2ZuTDNlQVBOaHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSsoMA0G
CSqGSIb3DQEBCwUAA4IBAQBUbX12n+6OpSY+wYUoQ8g2hu53W8lgAnsJuIiLayUj
h9dUFRUPndJAw08sFTqrA9hT1twuUeZz2gAN83I1aJ+x9rZT1yCnmqFuNN+A0lTI
Y8rj5M3vgYJlVVkhZg9RJgXYWAZnur5Gye65bxCAxhPQ49YH2MRaCDCzU9+tqwJz
NYlXo0haWVhNGCPx0tAXyCtPcKxpNWHzIuPmtqdij6//UEDSGoHjwJRoLvG/qWeM
NzwDE34gPHIUF4uUYZXm5ciUJoebxYHXev1+qqoBgjfsbqK1+0Wg+ZAGIqnoZMKs
rrvFygrvc/wbMSutf10q3yXx8PX0qRQm7zE4SJwsJFRY
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:17 2025 by rpki-client