Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/b9db98-c027-4e75-bbf9-5359509047bc/1/W03iCcCnKOn7sZzlXMwT2FOwSb4.roa
File: W03iCcCnKOn7sZzlXMwT2FOwSb4.roa (raw, json)
Hash identifier: yR/deMAlCZnwE1blpTOTt7VtHDxeDVJX7W8XPBlLhQw=
Subject key identifier: 5B:4D:E2:09:C0:A7:28:E9:FB:B1:9C:E5:5C:CC:13:D8:53:B0:49:BE
Certificate issuer: /CN=09bc3647e1b2124e96b88f736edd5ef8cad88fe3
Certificate serial: 018CC8018A1F9B61FDD3B3C1E86699C0E218
Authority key identifier: 09:BC:36:47:E1:B2:12:4E:96:B8:8F:73:6E:DD:5E:F8:CA:D8:8F:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cbw2R-GyEk6WuI9zbt1e-MrYj-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/b9db98-c027-4e75-bbf9-5359509047bc/1/W03iCcCnKOn7sZzlXMwT2FOwSb4.roa
Signing time: Tue 02 Jan 2024 02:29:53 +0000
ROA not before: Tue 02 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202328
IP address blocks: 193.56.220.0/24 maxlen: 24
193.56.220.0/22 maxlen: 22
193.56.223.0/24 maxlen: 24
193.56.222.0/24 maxlen: 24
193.56.221.0/24 maxlen: 24
2a0c:9040::/30 maxlen: 30
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:8a:1f:9b:61:fd:d3:b3:c1:e8:66:99:c0:e2:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09bc3647e1b2124e96b88f736edd5ef8cad88fe3
Validity
Not Before: Jan 2 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b4de209c0a728e9fbb19ce55ccc13d853b049be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2b:36:68:00:80:da:61:b8:3a:7d:1f:28:03:
42:ca:14:c0:b2:74:36:6f:4b:76:ef:bf:8a:97:be:
2d:23:f0:ed:32:04:44:7c:73:81:5f:0f:e6:29:b9:
7f:1d:ed:68:88:f0:df:2a:3b:e8:35:45:5e:1b:13:
09:1e:f2:31:b7:09:2d:28:8d:5b:46:39:e3:24:9e:
f8:39:7d:ca:fd:77:b1:d6:1c:98:c1:af:ad:87:4a:
12:7a:81:2a:ed:65:85:2d:f7:4d:73:93:fb:03:7a:
d9:d8:2f:db:88:ed:cf:50:1c:bd:68:d8:0c:af:58:
31:d4:81:e2:5e:97:39:51:21:ba:fa:6b:7f:20:74:
c0:6f:fd:9d:46:36:cf:a9:53:9c:7a:3d:79:ae:24:
7a:48:54:a5:bd:c5:0e:b9:52:fd:e4:35:a5:cf:dd:
52:28:05:0f:a0:19:84:a9:03:c3:4b:70:3a:f4:c7:
0f:e0:ac:28:f6:b7:ed:eb:4b:56:62:9a:db:3b:a4:
99:e4:1d:97:d2:94:5b:61:b5:12:21:5d:86:d8:b5:
4c:20:32:91:ac:f5:59:aa:ae:0a:44:a0:40:f5:70:
f2:d7:7d:6e:1e:38:03:3e:2a:6b:e7:48:46:2a:13:
9f:f1:7f:40:6f:99:09:72:6e:87:3f:5a:04:88:9f:
36:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4D:E2:09:C0:A7:28:E9:FB:B1:9C:E5:5C:CC:13:D8:53:B0:49:BE
X509v3 Authority Key Identifier:
keyid:09:BC:36:47:E1:B2:12:4E:96:B8:8F:73:6E:DD:5E:F8:CA:D8:8F:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cbw2R-GyEk6WuI9zbt1e-MrYj-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b9db98-c027-4e75-bbf9-5359509047bc/1/W03iCcCnKOn7sZzlXMwT2FOwSb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/b9db98-c027-4e75-bbf9-5359509047bc/1/Cbw2R-GyEk6WuI9zbt1e-MrYj-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.220.0/22
IPv6:
2a0c:9040::/30
Signature Algorithm: sha256WithRSAEncryption
23:f7:19:5b:d3:c1:cb:e3:c7:e5:d6:aa:07:d2:ad:d5:91:6f:
13:08:8e:d2:73:7c:c9:a3:57:07:b4:85:79:72:9b:d1:e5:56:
31:0d:fe:bd:d6:cf:c5:e3:37:81:af:a9:d5:bc:04:ca:6e:3a:
b6:57:88:1d:8d:57:7c:8e:a4:33:bf:c9:68:cd:eb:a2:59:0b:
b2:43:e9:24:36:ba:ab:d2:22:f0:08:a3:c2:50:ba:86:e7:e2:
72:03:34:87:4b:b9:eb:29:24:ca:ea:3b:2f:80:20:c1:c8:2e:
7b:b5:a2:9d:ec:3d:a8:3c:b1:5f:e7:0c:34:96:de:b6:af:b1:
1e:d1:05:6a:83:a7:ea:8a:0f:08:86:a8:c7:fc:a3:07:18:34:
86:b3:80:49:dd:db:a0:fd:94:1e:8c:ef:b8:2c:9e:9c:6a:19:
b8:52:ec:ac:b4:fa:b6:e0:d5:7d:e2:3e:d5:f2:37:85:bb:20:
5d:9a:89:80:cb:0f:86:1d:f6:93:9a:b8:7c:29:ec:d1:6e:fe:
c0:0f:81:b9:0f:2d:a4:93:27:e9:9f:d5:8e:f0:86:e2:c9:82:
6b:b0:74:c7:49:77:6d:dc:67:96:5e:99:30:51:0b:08:c5:f7:
82:d5:33:1a:c9:43:23:0b:c1:c2:63:9b:ea:df:ec:44:47:0b:
b0:5b:c7:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAYofm2H907PB6GaZwOIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YmMzNjQ3ZTFiMjEyNGU5NmI4OGY3MzZlZGQ1ZWY4Y2Fk
ODhmZTMwHhcNMjQwMTAyMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjRkZTIwOWMwYTcyOGU5ZmJiMTljZTU1Y2NjMTNkODUzYjA0OWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtys2aACA2mG4On0fKANCyhTAsnQ2
b0t277+Kl74tI/DtMgREfHOBXw/mKbl/He1oiPDfKjvoNUVeGxMJHvIxtwktKI1b
RjnjJJ74OX3K/Xex1hyYwa+th0oSeoEq7WWFLfdNc5P7A3rZ2C/biO3PUBy9aNgM
r1gx1IHiXpc5USG6+mt/IHTAb/2dRjbPqVOcej15riR6SFSlvcUOuVL95DWlz91S
KAUPoBmEqQPDS3A69McP4Kwo9rft60tWYprbO6SZ5B2X0pRbYbUSIV2G2LVMIDKR
rPVZqq4KRKBA9XDy131uHjgDPipr50hGKhOf8X9Ab5kJcm6HP1oEiJ82xQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFtN4gnApyjp+7Gc5VzME9hTsEm+MB8GA1UdIwQY
MBaAFAm8NkfhshJOlriPc27dXvjK2I/jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2J3MlItR3lFazZXdUk5emJ0MWUtTXJZai1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9iOWRiOTgtYzAyNy00ZTc1LWJiZjkt
NTM1OTUwOTA0N2JjLzEvVzAzaUNjQ25LT243c1p6bFhNd1QyRk93U2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9iOWRiOTgtYzAyNy00ZTc1LWJiZjktNTM1OTUwOTA0N2Jj
LzEvQ2J3MlItR3lFazZXdUk5emJ0MWUtTXJZai1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwTjcMA0E
AgACMAcDBQIqDJBAMA0GCSqGSIb3DQEBCwUAA4IBAQAj9xlb08HL48fl1qoH0q3V
kW8TCI7Sc3zJo1cHtIV5cpvR5VYxDf691s/F4zeBr6nVvATKbjq2V4gdjVd8jqQz
v8lozeuiWQuyQ+kkNrqr0iLwCKPCULqG5+JyAzSHS7nrKSTK6jsvgCDByC57taKd
7D2oPLFf5ww0lt62r7Ee0QVqg6fqig8IhqjH/KMHGDSGs4BJ3dug/ZQejO+4LJ6c
ahm4UuystPq24NV94j7V8jeFuyBdmomAyw+GHfaTmrh8KezRbv7AD4G5Dy2kkyfp
n9WO8IbiyYJrsHTHSXdt3GeWXpkwUQsIxfeC1TMayUMjC8HCY5vq3+xERwuwW8dZ
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:54:21 2025 by rpki-client