Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a73f09-1b9d-4c26-b01d-0e8a9485a9a2/1/kjFwlZYFRVAAnWDYxe9WW8_2vd8.roa
File: kjFwlZYFRVAAnWDYxe9WW8_2vd8.roa (raw, json)
Hash identifier: F9sJUMwO4F1e6A45eWsSNqdcRJSZMkL/O4F27BoHpLA=
Subject key identifier: 92:31:70:95:96:05:45:50:00:9D:60:D8:C5:EF:56:5B:CF:F6:BD:DF
Certificate issuer: /CN=1aaaba7da7c8f36c8b275ca738491cedccb5e312
Certificate serial: 018CC56DF00BBDC7EE87EF42367D469DD619
Authority key identifier: 1A:AA:BA:7D:A7:C8:F3:6C:8B:27:5C:A7:38:49:1C:ED:CC:B5:E3:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gqq6fafI82yLJ1ynOEkc7cy14xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a73f09-1b9d-4c26-b01d-0e8a9485a9a2/1/kjFwlZYFRVAAnWDYxe9WW8_2vd8.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196722
IP address blocks: 193.5.181.0/24 maxlen: 24
193.5.185.0/24 maxlen: 24
193.5.182.0/24 maxlen: 24
193.5.186.0/24 maxlen: 24
193.5.180.0/24 maxlen: 24
193.5.188.0/24 maxlen: 24
193.5.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f0:0b:bd:c7:ee:87:ef:42:36:7d:46:9d:d6:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aaaba7da7c8f36c8b275ca738491cedccb5e312
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9231709596054550009d60d8c5ef565bcff6bddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ca:d6:f3:2f:fa:70:a4:cb:dd:18:69:c1:f5:
60:95:0d:b5:ec:ae:28:3d:49:8a:7a:be:25:dd:2d:
5a:87:9e:19:c5:e6:e3:6c:a4:5e:8b:d5:7b:a3:c6:
65:92:72:40:e2:bf:f3:89:b6:b9:3c:8f:90:c0:3f:
c8:b1:76:ed:9f:6b:87:ba:5b:e7:bc:03:51:1b:b7:
8a:6e:b8:4b:7c:85:bd:d6:b8:3c:3d:47:f0:a6:9d:
27:2d:59:66:f6:df:a8:82:c4:b6:23:33:6f:9b:6a:
8d:76:92:35:15:54:25:2b:70:af:7f:89:be:94:03:
ea:84:db:26:f9:2a:a1:b8:98:17:66:b3:2d:2b:1b:
48:75:d1:d1:87:a6:42:e4:30:24:52:3e:8a:8c:95:
1d:19:4e:70:49:e8:56:0e:9d:f7:39:b2:75:08:13:
87:44:e0:65:a6:95:f3:85:82:69:fc:b1:65:3b:0c:
50:af:6c:3f:2c:13:7c:37:50:1d:52:a7:67:56:30:
5a:7a:d0:39:45:fc:d5:cb:ee:ee:eb:5d:31:4b:83:
24:88:43:c5:75:19:a9:e4:36:83:43:d4:3a:b4:7f:
3e:a8:c6:36:93:77:36:17:36:af:da:4d:31:47:29:
33:69:02:ff:e3:19:62:4b:5e:32:eb:a3:e3:e2:6b:
3b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:31:70:95:96:05:45:50:00:9D:60:D8:C5:EF:56:5B:CF:F6:BD:DF
X509v3 Authority Key Identifier:
keyid:1A:AA:BA:7D:A7:C8:F3:6C:8B:27:5C:A7:38:49:1C:ED:CC:B5:E3:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gqq6fafI82yLJ1ynOEkc7cy14xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a73f09-1b9d-4c26-b01d-0e8a9485a9a2/1/kjFwlZYFRVAAnWDYxe9WW8_2vd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a73f09-1b9d-4c26-b01d-0e8a9485a9a2/1/Gqq6fafI82yLJ1ynOEkc7cy14xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.180.0-193.5.182.255
193.5.185.0-193.5.188.255
Signature Algorithm: sha256WithRSAEncryption
7f:34:50:31:50:a0:82:88:c3:17:92:f2:e1:60:db:aa:ae:66:
61:37:72:fd:db:d6:d0:8f:cf:97:8c:bb:a3:73:d5:a7:c4:17:
06:ae:40:e2:82:e7:3e:88:5c:43:7c:9a:d8:f9:18:05:6d:90:
15:e9:bf:04:28:39:37:e6:1f:a3:d3:b8:67:84:79:79:67:fc:
c6:5b:9d:f7:96:bb:77:52:bf:6b:fb:b2:1c:51:0e:f5:9f:f2:
ba:42:46:6c:57:01:fb:c2:22:13:d5:23:a3:67:76:a9:6f:f2:
ae:76:7c:28:21:86:e3:f9:2c:30:7d:65:98:2f:17:89:e2:45:
0e:e4:9b:b7:bf:94:e5:83:89:3f:31:5a:1c:ba:ee:4a:81:3d:
1e:7f:6c:8f:89:b2:e6:78:43:ef:c3:21:63:26:9b:1a:93:24:
7d:8c:1d:91:bb:0e:6c:82:9a:39:34:1f:19:9c:a5:54:b3:6f:
ff:c4:57:05:6a:03:09:37:07:14:03:12:5c:d2:f0:0c:e3:26:
dd:a0:82:1e:d6:71:8b:7d:34:d5:7a:10:cd:52:40:54:c3:cb:
51:b2:56:a0:36:53:84:94:13:af:71:5b:a4:d8:04:59:b8:d0:
7c:21:58:19:f1:79:3a:76:a1:47:7e:1a:03:fa:7a:da:39:97:
2e:4e:ca:c6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzFbfALvcfuh+9CNn1GndYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYWFiYTdkYTdjOGYzNmM4YjI3NWNhNzM4NDkxY2VkY2Ni
NWUzMTIwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjMxNzA5NTk2MDU0NTUwMDA5ZDYwZDhjNWVmNTY1YmNmZjZiZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcrW8y/6cKTL3RhpwfVglQ217K4o
PUmKer4l3S1ah54ZxebjbKRei9V7o8ZlknJA4r/ziba5PI+QwD/IsXbtn2uHulvn
vANRG7eKbrhLfIW91rg8PUfwpp0nLVlm9t+ogsS2IzNvm2qNdpI1FVQlK3Cvf4m+
lAPqhNsm+SqhuJgXZrMtKxtIddHRh6ZC5DAkUj6KjJUdGU5wSehWDp33ObJ1CBOH
ROBlppXzhYJp/LFlOwxQr2w/LBN8N1AdUqdnVjBaetA5RfzVy+7u610xS4MkiEPF
dRmp5DaDQ9Q6tH8+qMY2k3c2Fzav2k0xRykzaQL/4xliS14y66Pj4ms7FQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJIxcJWWBUVQAJ1g2MXvVlvP9r3fMB8GA1UdIwQY
MBaAFBqqun2nyPNsiydcpzhJHO3MteMSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3FxNmZhZkk4MnlMSjF5bk9Fa2M3Y3kxNHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hNzNmMDktMWI5ZC00YzI2LWIwMWQt
MGU4YTk0ODVhOWEyLzEva2pGd2xaWUZSVkFBbldEWXhlOVdXOF8ydmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hNzNmMDktMWI5ZC00YzI2LWIwMWQtMGU4YTk0ODVhOWEy
LzEvR3FxNmZhZkk4MnlMSjF5bk9Fa2M3Y3kxNHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBALBBbQD
BADBBbYwDAMEAMEFuQMEAMEFvDANBgkqhkiG9w0BAQsFAAOCAQEAfzRQMVCggojD
F5Ly4WDbqq5mYTdy/dvW0I/Pl4y7o3PVp8QXBq5A4oLnPohcQ3ya2PkYBW2QFem/
BCg5N+Yfo9O4Z4R5eWf8xlud95a7d1K/a/uyHFEO9Z/yukJGbFcB+8IiE9Ujo2d2
qW/yrnZ8KCGG4/ksMH1lmC8XieJFDuSbt7+U5YOJPzFaHLruSoE9Hn9sj4my5nhD
78MhYyabGpMkfYwdkbsObIKaOTQfGZylVLNv/8RXBWoDCTcHFAMSXNLwDOMm3aCC
HtZxi3001XoQzVJAVMPLUbJWoDZThJQTr3FbpNgEWbjQfCFYGfF5OnahR34aA/p6
2jmXLk7Kxg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:43 2025 by rpki-client