Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/072eA3yOXEA1OE2I6e2Pm4777BY.roa
File: 072eA3yOXEA1OE2I6e2Pm4777BY.roa (raw, json)
Hash identifier: 5sOCK4KzhcRVv2G0YND9ow3hkxkvrTwTiUF6vGGuUV4=
Subject key identifier: D3:BD:9E:03:7C:8E:5C:40:35:38:4D:88:E9:ED:8F:9B:8E:FB:EC:16
Certificate issuer: /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial: 0194266B8A57A28961BBFE2176BFFE2D6442
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/072eA3yOXEA1OE2I6e2Pm4777BY.roa
Signing time: Thu 02 Jan 2025 09:49:29 +0000
ROA not before: Thu 02 Jan 2025 09:49:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 193.160.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 13:23:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:8a:57:a2:89:61:bb:fe:21:76:bf:fe:2d:64:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Validity
Not Before: Jan 2 09:49:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3bd9e037c8e5c4035384d88e9ed8f9b8efbec16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:3e:61:25:b1:e6:fa:c2:80:3d:0c:7b:c0:0a:
6a:7d:fd:8c:2e:a3:54:a8:8f:5f:32:ae:2c:21:55:
a8:d9:63:ff:4e:a6:e7:8d:d8:66:07:df:c3:e2:ea:
2e:3c:c2:b5:73:a5:2a:99:97:db:7e:d7:e2:11:93:
6a:88:3d:cc:5e:d2:39:c5:63:5b:91:71:93:38:43:
d5:e4:81:f8:33:49:5d:d9:20:7a:20:9f:77:77:8c:
2a:89:25:c9:5c:1b:69:44:63:1e:0a:ef:50:db:70:
a7:8a:de:4d:a2:5b:62:27:19:78:88:43:90:0f:10:
83:23:7b:2b:06:c6:3f:6c:a3:f8:19:d6:d7:48:d4:
bc:a5:78:f9:54:b6:e1:23:a5:09:b1:cb:15:98:7e:
d9:f0:e6:60:85:80:f8:81:62:7e:a4:ec:49:68:63:
c4:26:a2:6f:e6:f1:d3:90:29:84:d4:39:fc:cc:91:
65:61:35:58:02:1e:e0:1a:3d:44:28:45:9c:70:9d:
f6:8f:cd:fa:5d:b2:69:b9:cd:4a:27:74:61:dc:6c:
7b:95:d2:b3:d3:28:bb:74:c4:98:8e:95:af:25:2d:
de:a2:2b:ee:9c:cb:79:5e:15:6a:91:04:3d:3e:62:
ae:c3:95:a3:65:8b:24:fa:af:65:82:0c:64:76:ba:
c2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:BD:9E:03:7C:8E:5C:40:35:38:4D:88:E9:ED:8F:9B:8E:FB:EC:16
X509v3 Authority Key Identifier:
keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/072eA3yOXEA1OE2I6e2Pm4777BY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.8.0/24
Signature Algorithm: sha256WithRSAEncryption
41:4f:45:05:1a:e0:74:96:ae:60:dd:49:48:56:99:3a:31:e0:
c4:b8:cb:e1:8a:f2:ff:00:35:5f:d1:7c:b6:e4:1a:e1:55:56:
c8:dc:17:c3:91:07:b1:95:b7:16:97:97:9d:5f:ae:45:74:c9:
7d:e8:ce:5f:ca:6a:f0:85:6f:53:9a:80:ee:56:a0:f1:2d:c9:
16:ba:57:73:06:86:a6:70:b8:3c:d9:53:a0:61:22:b1:2f:7a:
23:3b:2f:76:2b:ea:1d:f7:43:0d:5b:e3:3c:11:d3:01:a3:db:
13:de:a2:17:73:cd:4b:42:19:99:9d:dc:8a:71:f1:77:4a:a4:
d4:9b:fd:be:16:cb:fd:61:02:ba:7e:d4:40:a1:5b:25:dd:d3:
e8:f9:b2:1a:fc:c3:bf:be:07:98:b4:48:08:a2:51:c3:4d:10:
c1:80:19:f6:74:0e:95:39:80:78:e0:6f:96:99:27:5b:26:89:
b5:94:52:32:b3:73:10:ed:5a:6c:16:4e:77:08:1b:5e:3f:a9:
7b:0a:b8:93:22:3c:f9:42:09:2b:1b:91:e2:e4:a6:58:1f:2d:
48:27:5a:71:61:73:6a:d7:a8:66:01:2d:94:c8:b8:90:de:9f:
72:bd:19:9f:15:6e:5b:dc:d9:f8:e9:c5:c6:ef:b4:80:05:d3:
6a:05:f1:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma4pXoolhu/4hdr/+LWRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjUwMTAyMDk0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2JkOWUwMzdjOGU1YzQwMzUzODRkODhlOWVkOGY5YjhlZmJlYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7z5hJbHm+sKAPQx7wApqff2MLqNU
qI9fMq4sIVWo2WP/TqbnjdhmB9/D4uouPMK1c6UqmZfbftfiEZNqiD3MXtI5xWNb
kXGTOEPV5IH4M0ld2SB6IJ93d4wqiSXJXBtpRGMeCu9Q23Cnit5NoltiJxl4iEOQ
DxCDI3srBsY/bKP4GdbXSNS8pXj5VLbhI6UJscsVmH7Z8OZghYD4gWJ+pOxJaGPE
JqJv5vHTkCmE1Dn8zJFlYTVYAh7gGj1EKEWccJ32j836XbJpuc1KJ3Rh3Gx7ldKz
0yi7dMSYjpWvJS3eoivunMt5XhVqkQQ9PmKuw5WjZYsk+q9lggxkdrrCPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNO9ngN8jlxANThNiOntj5uO++wWMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvMDcyZUEzeU9YRUExT0UySTZlMlBtNDc3N0JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaAIMA0G
CSqGSIb3DQEBCwUAA4IBAQBBT0UFGuB0lq5g3UlIVpk6MeDEuMvhivL/ADVf0Xy2
5BrhVVbI3BfDkQexlbcWl5edX65FdMl96M5fymrwhW9TmoDuVqDxLckWuldzBoam
cLg82VOgYSKxL3ojOy92K+od90MNW+M8EdMBo9sT3qIXc81LQhmZndyKcfF3SqTU
m/2+Fsv9YQK6ftRAoVsl3dPo+bIa/MO/vgeYtEgIolHDTRDBgBn2dA6VOYB44G+W
mSdbJom1lFIys3MQ7VpsFk53CBteP6l7CriTIjz5QgkrG5Hi5KZYHy1IJ1pxYXNq
16hmAS2UyLiQ3p9yvRmfFW5b3Nn46cXG77SABdNqBfGA
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:32:47 2025 by rpki-client