Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8gr7yHRhwQsMgLj8INje7WMm7us.roa
File: 8gr7yHRhwQsMgLj8INje7WMm7us.roa (raw, json)
Hash identifier: ychHHWk5ncNLrHEgdIvVlmucVqpBHfADCJcc8RI6vVo=
Subject key identifier: F2:0A:FB:C8:74:61:C1:0B:0C:80:B8:FC:20:D8:DE:ED:63:26:EE:EB
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0193ADDFC15CC055FAED569C0398D62284A0
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8gr7yHRhwQsMgLj8INje7WMm7us.roa
Signing time: Tue 10 Dec 2024 00:02:22 +0000
ROA not before: Tue 10 Dec 2024 00:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 207.244.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Dec 2024 15:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ad:df:c1:5c:c0:55:fa:ed:56:9c:03:98:d6:22:84:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Dec 10 00:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f20afbc87461c10b0c80b8fc20d8deed6326eeeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:df:a5:5a:69:ee:83:ef:9d:db:36:b3:86:c8:
76:26:89:f0:f5:05:56:bb:fc:fa:06:49:3f:ef:2f:
16:61:73:bd:d1:ea:74:3b:d9:4e:81:40:60:c5:d0:
52:c8:1c:62:42:32:b5:45:4e:ca:b8:8f:95:a2:09:
6a:c2:c0:66:fc:f8:b1:9f:de:8d:4f:32:95:20:b8:
5f:c7:f1:c6:38:34:3f:f2:1d:f4:ab:4d:80:35:b0:
6e:4a:31:f5:17:d1:4d:55:96:3f:d1:47:9c:5c:0d:
b7:3e:05:94:9d:01:9b:8a:59:32:95:2b:d0:be:f3:
60:f1:7c:1d:29:25:04:80:51:fe:7b:73:e2:08:7d:
a2:3b:cb:eb:2e:2c:a2:72:e1:18:ec:d3:54:fb:8c:
92:6e:a7:f9:b8:a8:1a:17:13:01:4d:a3:1a:62:a8:
08:40:5b:57:96:11:c8:25:ea:f8:57:4b:38:55:b4:
e8:d7:24:48:ee:6e:db:de:43:64:68:42:af:5d:03:
fc:93:b7:19:d4:10:f3:ba:5d:95:b7:a0:37:ba:48:
83:cf:ba:c5:22:50:c9:e3:91:52:b0:ae:1a:4e:6a:
d1:14:f6:68:1d:e7:d5:9a:b1:00:f4:e7:2c:0d:8b:
c8:f1:c7:f9:97:58:11:a6:c3:3a:e5:c2:4a:2c:df:
2a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0A:FB:C8:74:61:C1:0B:0C:80:B8:FC:20:D8:DE:ED:63:26:EE:EB
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/8gr7yHRhwQsMgLj8INje7WMm7us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.244.196.0/24
Signature Algorithm: sha256WithRSAEncryption
75:21:30:9e:c2:c8:2e:20:c0:f0:93:77:23:54:81:44:2e:b0:
41:eb:1a:0f:33:1d:cc:7e:eb:bf:1b:50:24:fb:90:f2:de:5d:
e7:d4:65:f1:9f:ad:11:af:df:5b:d7:60:62:4e:65:d6:1c:7c:
3f:71:d4:1b:84:5a:ec:6e:05:b5:65:01:02:a6:b4:ab:f1:03:
f1:7d:4a:2f:93:02:f8:79:88:47:5b:25:4d:20:c2:d4:81:13:
b7:26:26:84:c8:4d:40:98:05:ee:9a:36:49:24:3e:95:c1:47:
95:86:91:24:2f:c6:e4:62:32:29:d2:a6:1e:cc:33:b2:54:53:
fe:3a:f2:4c:44:df:66:fc:ba:89:fc:ba:bf:b4:83:36:64:ba:
7f:81:68:6e:61:d8:dd:80:48:e0:0b:2b:10:55:2f:dd:32:70:
6c:e6:be:ee:59:d4:34:f0:9a:f4:36:27:40:30:0f:20:22:38:
72:2a:95:a7:a2:40:78:ec:62:4d:2b:e3:68:fc:68:fc:51:b1:
ab:e7:4e:c8:2d:1d:bb:5f:a0:13:e4:49:e1:2d:2b:54:ac:d4:
d6:19:53:ce:a4:12:98:47:c9:04:a8:8a:d7:c9:35:fe:dd:a2:
e0:69:33:67:9e:03:44:42:54:b2:00:af:2b:25:bf:39:dc:b7:
4b:a1:92:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOt38FcwFX67VacA5jWIoSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMjEwMDAwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjBhZmJjODc0NjFjMTBiMGM4MGI4ZmMyMGQ4ZGVlZDYzMjZlZWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzt+lWmnug++d2zazhsh2Jonw9QVW
u/z6Bkk/7y8WYXO90ep0O9lOgUBgxdBSyBxiQjK1RU7KuI+VoglqwsBm/Pixn96N
TzKVILhfx/HGODQ/8h30q02ANbBuSjH1F9FNVZY/0UecXA23PgWUnQGbilkylSvQ
vvNg8XwdKSUEgFH+e3PiCH2iO8vrLiyicuEY7NNU+4ySbqf5uKgaFxMBTaMaYqgI
QFtXlhHIJer4V0s4VbTo1yRI7m7b3kNkaEKvXQP8k7cZ1BDzul2Vt6A3ukiDz7rF
IlDJ45FSsK4aTmrRFPZoHefVmrEA9OcsDYvI8cf5l1gRpsM65cJKLN8qewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIK+8h0YcELDIC4/CDY3u1jJu7rMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvOGdyN3lIUmh3UXNNZ0xqOElOamU3V01tN3VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAz/TEMA0G
CSqGSIb3DQEBCwUAA4IBAQB1ITCewsguIMDwk3cjVIFELrBB6xoPMx3Mfuu/G1Ak
+5Dy3l3n1GXxn60Rr99b12BiTmXWHHw/cdQbhFrsbgW1ZQECprSr8QPxfUovkwL4
eYhHWyVNIMLUgRO3JiaEyE1AmAXumjZJJD6VwUeVhpEkL8bkYjIp0qYezDOyVFP+
OvJMRN9m/LqJ/Lq/tIM2ZLp/gWhuYdjdgEjgCysQVS/dMnBs5r7uWdQ08Jr0NidA
MA8gIjhyKpWnokB47GJNK+No/Gj8UbGr507ILR27X6AT5EnhLStUrNTWGVPOpBKY
R8kEqIrXyTX+3aLgaTNnngNEQlSyAK8rJb853LdLoZKB
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:47:12 2025 by rpki-client