Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/eUdy7KWpufFzxsXNRQs3ciPIDnQ.roa
File: eUdy7KWpufFzxsXNRQs3ciPIDnQ.roa (raw, json)
Hash identifier: mjXry/l0S1KWpNK5SlXku9zYS1c0IEG1+CP+Sh5Y0Y0=
Subject key identifier: 79:47:72:EC:A5:A9:B9:F1:73:C6:C5:CD:45:0B:37:72:23:C8:0E:74
Certificate issuer: /CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Certificate serial: 018CC94DA848B38BE30EE08F262A70C541BD
Authority key identifier: 75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/eUdy7KWpufFzxsXNRQs3ciPIDnQ.roa
Signing time: Tue 02 Jan 2024 08:32:38 +0000
ROA not before: Tue 02 Jan 2024 08:32:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.151.94.0/24 maxlen: 24
195.8.103.0/24 maxlen: 24
91.240.19.0/24 maxlen: 24
91.240.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:a8:48:b3:8b:e3:0e:e0:8f:26:2a:70:c5:41:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Validity
Not Before: Jan 2 08:32:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=794772eca5a9b9f173c6c5cd450b377223c80e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:55:af:64:c0:ee:e1:22:37:a3:03:dc:44:cc:
49:56:2d:ef:77:29:50:f2:e1:ae:3f:74:1b:4c:4d:
a2:0a:0e:11:f5:50:6c:b8:41:8b:6c:17:f9:77:d2:
03:d9:dd:35:51:f7:9c:f0:ed:37:52:ff:b9:93:cd:
da:9a:e0:28:9c:dc:6f:18:11:83:ad:36:dd:0e:f7:
95:8e:de:5c:51:b0:63:7b:78:e5:cd:6e:12:99:58:
0e:46:38:b1:d1:11:0a:e8:3e:47:cb:d6:f5:e7:7f:
10:20:91:e4:2d:e8:94:54:40:96:89:ad:1e:3f:6c:
fd:fb:85:57:84:a4:0f:dc:2f:19:a5:13:d7:aa:d2:
c4:93:a4:0b:b9:3e:a6:56:e8:68:a5:35:ad:ac:59:
29:4e:62:5f:19:0f:cc:65:c3:7c:92:a0:2b:ea:4d:
88:0f:69:5a:f1:75:1b:ef:72:a2:09:cb:50:3e:62:
ab:89:2d:27:2d:18:69:33:10:a4:1e:56:4d:01:5c:
55:81:50:3a:76:c9:3d:61:34:7f:ba:10:c6:fd:f3:
50:f3:d7:96:8f:d7:c0:c5:26:80:23:e1:f6:d7:63:
37:77:51:93:b5:03:f8:4f:18:e1:a0:bf:62:23:7e:
3b:d9:16:b9:20:ea:6d:50:c5:ff:5b:04:a9:99:c3:
cd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:47:72:EC:A5:A9:B9:F1:73:C6:C5:CD:45:0B:37:72:23:C8:0E:74
X509v3 Authority Key Identifier:
keyid:75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/eUdy7KWpufFzxsXNRQs3ciPIDnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.18.0/23
193.151.94.0/24
195.8.103.0/24
Signature Algorithm: sha256WithRSAEncryption
16:39:f2:25:44:e7:fb:96:f5:fa:df:82:ee:8f:9b:c0:9a:96:
0e:f7:aa:7d:4c:a9:a8:b8:86:61:09:6e:2a:5a:1f:98:23:f4:
6b:5e:54:aa:fe:68:24:5a:11:ec:1f:9f:a3:12:b1:c4:93:58:
09:1e:df:4f:5c:b1:4f:d0:d6:18:37:8a:d0:cb:d5:b5:55:38:
8c:76:35:b4:f1:a0:48:49:19:0b:9e:43:54:4c:1a:19:61:7c:
40:f8:be:a6:ce:4b:42:49:af:6b:93:f0:1b:70:45:cd:7e:ff:
e0:da:d1:8e:85:ac:9c:b3:b9:ec:64:6b:e9:dd:eb:d8:06:46:
1b:ad:44:e4:30:3f:01:79:62:a8:d2:8e:34:58:9c:f9:1a:d2:
8e:4c:f8:fd:2b:a1:63:4f:7e:e4:7c:72:b2:3d:fe:a4:47:e6:
b9:4e:13:96:22:58:62:d5:32:c9:02:14:ca:5c:84:e8:f6:c6:
50:39:13:d7:a4:98:67:53:ab:e0:53:80:5b:a9:cb:08:f6:88:
4e:1d:5d:c3:92:30:80:82:9e:20:bd:98:03:70:5e:9d:ba:0f:
22:b4:64:28:f1:1a:78:3b:f2:d3:b9:a6:c3:1a:a7:31:c8:28:
96:f5:cf:05:41:4e:4e:a6:7f:c0:77:1a:93:10:47:0a:5b:19:
cc:4c:68:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJTahIs4vjDuCPJipwxUG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZGNjNzc2YjJiZjU5NWJmNGIzZTYwYmJhNDI0NWYwMTIw
YTIxNzYwHhcNMjQwMTAyMDgzMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTQ3NzJlY2E1YTliOWYxNzNjNmM1Y2Q0NTBiMzc3MjIzYzgwZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFWvZMDu4SI3owPcRMxJVi3vdylQ
8uGuP3QbTE2iCg4R9VBsuEGLbBf5d9ID2d01Ufec8O03Uv+5k83amuAonNxvGBGD
rTbdDveVjt5cUbBje3jlzW4SmVgORjix0REK6D5Hy9b1538QIJHkLeiUVECWia0e
P2z9+4VXhKQP3C8ZpRPXqtLEk6QLuT6mVuhopTWtrFkpTmJfGQ/MZcN8kqAr6k2I
D2la8XUb73KiCctQPmKriS0nLRhpMxCkHlZNAVxVgVA6dsk9YTR/uhDG/fNQ89eW
j9fAxSaAI+H212M3d1GTtQP4TxjhoL9iI3472Ra5IOptUMX/WwSpmcPN9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHlHcuylqbnxc8bFzUULN3IjyA50MB8GA1UdIwQY
MBaAFHXcx3ayv1lb9LPmC7pCRfASCiF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQt
NjQ1NDAyMDVlY2Y0LzEvZVVkeTdLV3B1ZkZ6eHNYTlJRczNjaVBJRG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQtNjQ1NDAyMDVlY2Y0
LzEvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW/ASAwQA
wZdeAwQAwwhnMA0GCSqGSIb3DQEBCwUAA4IBAQAWOfIlROf7lvX634Luj5vAmpYO
96p9TKmouIZhCW4qWh+YI/RrXlSq/mgkWhHsH5+jErHEk1gJHt9PXLFP0NYYN4rQ
y9W1VTiMdjW08aBISRkLnkNUTBoZYXxA+L6mzktCSa9rk/AbcEXNfv/g2tGOhayc
s7nsZGvp3evYBkYbrUTkMD8BeWKo0o40WJz5GtKOTPj9K6FjT37kfHKyPf6kR+a5
ThOWIlhi1TLJAhTKXITo9sZQORPXpJhnU6vgU4BbqcsI9ohOHV3DkjCAgp4gvZgD
cF6dug8itGQo8Rp4O/LTuabDGqcxyCiW9c8FQU5Opn/AdxqTEEcKWxnMTGi3
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:24:23 2025 by rpki-client