Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/Ar-7fKuP2AUq3AYmZRpGOIGF3Rk.roa
File: Ar-7fKuP2AUq3AYmZRpGOIGF3Rk.roa (raw, json)
Hash identifier: IVRYiYmcL/X/x6kO4D9e1uoAN7hbCICUrq2rUzW2Kvc=
Subject key identifier: 02:BF:BB:7C:AB:8F:D8:05:2A:DC:06:26:65:1A:46:38:81:85:DD:19
Certificate issuer: /CN=79d0d856764a3fee64be14f0a49f59a6865285d1
Certificate serial: 0190BC52150AA4250A0BC9FF5CC842BFA4F5
Authority key identifier: 79:D0:D8:56:76:4A:3F:EE:64:BE:14:F0:A4:9F:59:A6:86:52:85:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edDYVnZKP-5kvhTwpJ9ZpoZShdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/Ar-7fKuP2AUq3AYmZRpGOIGF3Rk.roa
Signing time: Tue 16 Jul 2024 16:13:34 +0000
ROA not before: Tue 16 Jul 2024 16:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208964
IP address blocks: 193.28.243.0/24 maxlen: 24
193.28.249.0/24 maxlen: 24
194.124.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 14:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bc:52:15:0a:a4:25:0a:0b:c9:ff:5c:c8:42:bf:a4:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d0d856764a3fee64be14f0a49f59a6865285d1
Validity
Not Before: Jul 16 16:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02bfbb7cab8fd8052adc0626651a46388185dd19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:29:99:b1:a0:d0:3b:84:58:60:f2:43:29:4d:
f9:be:fd:eb:18:a9:a5:39:66:a3:cf:20:4c:ee:17:
d8:ea:8f:5e:db:fa:dd:a2:7b:2b:ca:12:fb:7f:9c:
3f:e8:e3:de:d2:e0:42:01:89:58:5f:58:d3:4c:34:
79:3a:05:ef:5f:73:c3:65:8c:dc:6b:92:19:05:93:
85:b0:13:f9:c7:37:80:04:c0:2f:ec:0b:49:ce:dd:
60:a5:fe:29:49:9c:fe:ca:b3:08:07:bc:83:72:1e:
f7:6d:ea:06:d7:5a:c1:46:71:fb:98:76:0b:c5:c7:
e2:e6:b1:3a:0b:1b:56:e0:f6:1a:67:36:4f:b0:b0:
4e:cd:a5:2d:5a:57:7b:52:c4:29:0c:24:e2:94:72:
28:1f:58:41:24:6d:18:b3:41:63:49:e0:a4:ca:4a:
fc:ff:42:7e:8b:32:8a:82:6a:1b:ae:97:e4:61:01:
de:9e:80:01:99:3a:b5:cd:c1:84:f4:ca:f3:6d:d7:
18:8f:df:5e:30:0b:95:c5:93:1f:10:1e:dd:ae:89:
20:62:95:54:d7:2d:9f:0d:6d:81:28:3a:fd:75:74:
6b:2a:61:96:30:3d:2b:f4:2c:38:a0:16:70:44:64:
3e:8c:c6:d6:e6:fc:69:ac:86:4c:a8:20:73:e0:b8:
31:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BF:BB:7C:AB:8F:D8:05:2A:DC:06:26:65:1A:46:38:81:85:DD:19
X509v3 Authority Key Identifier:
keyid:79:D0:D8:56:76:4A:3F:EE:64:BE:14:F0:A4:9F:59:A6:86:52:85:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edDYVnZKP-5kvhTwpJ9ZpoZShdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/Ar-7fKuP2AUq3AYmZRpGOIGF3Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/edDYVnZKP-5kvhTwpJ9ZpoZShdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.243.0/24
193.28.249.0/24
194.124.62.0/24
Signature Algorithm: sha256WithRSAEncryption
60:d4:aa:03:8a:b5:f7:c8:3d:fe:75:0f:22:96:ef:4a:68:b7:
68:c7:16:b1:48:d7:98:ab:1b:b2:c7:d4:d2:80:2f:30:fc:bb:
61:35:7b:01:7b:ac:8d:3a:49:1a:ff:b3:5f:15:c3:19:de:8c:
3a:e1:53:d8:f1:4f:f1:4a:e3:6f:e9:1b:90:eb:b0:eb:16:77:
fe:5c:16:88:97:e9:f9:66:35:47:d3:4e:49:fd:2f:23:0b:33:
e1:b6:0f:be:38:01:1d:c3:70:74:a5:d8:11:a9:44:f2:cf:f4:
2e:96:cd:21:b8:0d:af:92:3c:ea:92:9c:51:68:27:69:ff:9c:
76:91:e5:ba:02:d5:21:80:ac:76:4d:ee:75:69:7a:fd:4e:4a:
b8:22:31:ef:93:a4:c9:11:5c:35:bd:37:18:63:40:a6:50:68:
d5:0a:a1:12:c5:bf:2d:a9:90:5d:11:3b:ac:87:7b:4b:2a:81:
d0:75:df:33:4c:c5:cf:15:8f:34:f9:55:62:78:a4:a1:67:fd:
c6:34:7b:d0:d5:ed:d7:e4:a8:c6:fd:73:83:a3:d6:4c:c9:d6:
cf:9b:42:65:ad:bc:76:74:d7:ae:4c:1d:3b:48:7c:68:a1:be:
b9:b3:97:e6:3e:b4:fe:ae:02:ae:6c:93:88:b2:6a:e6:08:a4:
f9:ad:eb:7d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZC8UhUKpCUKC8n/XMhCv6T1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDBkODU2NzY0YTNmZWU2NGJlMTRmMGE0OWY1OWE2ODY1
Mjg1ZDEwHhcNMjQwNzE2MTYxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmJmYmI3Y2FiOGZkODA1MmFkYzA2MjY2NTFhNDYzODgxODVkZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiimZsaDQO4RYYPJDKU35vv3rGKml
OWajzyBM7hfY6o9e2/rdonsryhL7f5w/6OPe0uBCAYlYX1jTTDR5OgXvX3PDZYzc
a5IZBZOFsBP5xzeABMAv7AtJzt1gpf4pSZz+yrMIB7yDch73beoG11rBRnH7mHYL
xcfi5rE6CxtW4PYaZzZPsLBOzaUtWld7UsQpDCTilHIoH1hBJG0Ys0FjSeCkykr8
/0J+izKKgmobrpfkYQHenoABmTq1zcGE9MrzbdcYj99eMAuVxZMfEB7drokgYpVU
1y2fDW2BKDr9dXRrKmGWMD0r9Cw4oBZwRGQ+jMbW5vxprIZMqCBz4LgxYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAK/u3yrj9gFKtwGJmUaRjiBhd0ZMB8GA1UdIwQY
MBaAFHnQ2FZ2Sj/uZL4U8KSfWaaGUoXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWREWVZuWktQLTVrdmhUd3BKOVpwb1pTaGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80M2UzMDktNzVjNS00ZjQwLTlkYjMt
ZjJiYjY5ZTc1ZTc0LzEvQXItN2ZLdVAyQVVxM0FZbVpScEdPSUdGM1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80M2UzMDktNzVjNS00ZjQwLTlkYjMtZjJiYjY5ZTc1ZTc0
LzEvZWREWVZuWktQLTVrdmhUd3BKOVpwb1pTaGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRzzAwQA
wRz5AwQAwnw+MA0GCSqGSIb3DQEBCwUAA4IBAQBg1KoDirX3yD3+dQ8ilu9KaLdo
xxaxSNeYqxuyx9TSgC8w/LthNXsBe6yNOkka/7NfFcMZ3ow64VPY8U/xSuNv6RuQ
67DrFnf+XBaIl+n5ZjVH005J/S8jCzPhtg++OAEdw3B0pdgRqUTyz/Quls0huA2v
kjzqkpxRaCdp/5x2keW6AtUhgKx2Te51aXr9Tkq4IjHvk6TJEVw1vTcYY0CmUGjV
CqESxb8tqZBdETush3tLKoHQdd8zTMXPFY80+VVieKShZ/3GNHvQ1e3X5KjG/XOD
o9ZMydbPm0Jlrbx2dNeuTB07SHxoob65s5fmPrT+rgKubJOIsmrmCKT5ret9
-----END CERTIFICATE-----
Generated at Thu Oct 24 17:28:41 2024 by rpki-client on console-fra.rpki-client.org