Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/M3YRQvLAlgd-9YUXYo8FvA5gPDU.roa
File: M3YRQvLAlgd-9YUXYo8FvA5gPDU.roa (raw, json)
Hash identifier: sEdm1D3CFwSbehBIuizUfExF738ZaDZ3ziOD6G6a24w=
Subject key identifier: 33:76:11:42:F2:C0:96:07:7E:F5:85:17:62:8F:05:BC:0E:60:3C:35
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 01947F62C4DFE123016B4451DF427EFCFE48
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/M3YRQvLAlgd-9YUXYo8FvA5gPDU.roa
Signing time: Sun 19 Jan 2025 16:26:06 +0000
ROA not before: Sun 19 Jan 2025 16:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 193.168.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 15:29:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:62:c4:df:e1:23:01:6b:44:51:df:42:7e:fc:fe:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Jan 19 16:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33761142f2c096077ef58517628f05bc0e603c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:98:52:04:6c:11:b9:8a:ce:1b:fa:83:c6:f4:
51:a4:4a:98:27:95:68:ad:f9:a1:8e:a1:89:be:a9:
50:0d:e4:41:a6:2f:14:92:85:97:8c:74:8b:9b:84:
6f:32:8e:4d:15:52:73:64:42:49:bd:71:20:f6:04:
a2:24:a0:80:9e:d9:e0:cb:ca:50:19:dc:dd:66:03:
ff:d5:de:47:46:ab:c9:62:8c:41:69:f6:8d:42:ce:
35:53:c6:b6:42:21:c9:4f:c2:68:82:7c:a1:af:5c:
2b:08:62:8b:5a:0d:20:59:2a:cd:bb:27:1a:bc:4c:
84:62:22:ce:c4:8f:6c:56:21:b6:cc:61:d6:d4:ab:
c8:1b:dd:3b:ec:1d:8e:0a:05:0b:74:7b:0e:2b:58:
30:6f:9f:ee:36:27:ed:9a:64:b0:75:c1:30:58:82:
6c:f1:29:1c:96:bc:cf:cb:23:65:04:96:2a:65:3c:
d1:d1:7e:39:de:16:19:39:d2:64:5c:06:20:da:6a:
98:27:9d:5c:e2:58:8e:24:c6:58:41:a5:21:a4:ad:
8b:ca:bc:6e:59:9d:c4:49:b5:e0:64:b0:a6:1b:f2:
68:08:ab:ba:fd:4c:48:7d:98:ce:58:b3:a1:8f:21:
fc:f5:f9:94:fa:c3:e7:0f:20:8d:cf:1e:23:e6:31:
e5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:76:11:42:F2:C0:96:07:7E:F5:85:17:62:8F:05:BC:0E:60:3C:35
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/M3YRQvLAlgd-9YUXYo8FvA5gPDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.203.0/24
Signature Algorithm: sha256WithRSAEncryption
01:ee:c9:8d:ca:ed:34:d2:b0:9f:7c:a8:02:6b:8e:ce:6b:c6:
b2:5f:f5:36:b8:a9:32:97:74:13:a9:67:96:6d:61:af:25:4b:
34:0d:be:dd:00:95:e1:21:ff:84:a7:c8:2a:8a:43:59:68:17:
97:15:6e:e2:56:70:7a:d3:a7:47:d5:1b:0f:1e:98:34:ca:72:
f3:3a:7f:4f:30:c2:49:ba:e5:53:98:13:58:6b:58:8c:8d:00:
27:4e:04:d9:60:d5:31:7c:66:0d:47:15:5a:39:d5:bd:5a:06:
82:7b:82:7a:f9:8c:b3:fe:fc:a3:80:cf:ec:69:bd:b1:1c:24:
2d:57:14:9d:c7:76:66:ed:84:d1:0f:0f:61:a1:b9:23:3b:ad:
aa:69:e3:53:f2:64:66:af:39:ea:5b:b6:91:71:3f:80:36:5e:
b7:14:05:0c:84:a6:89:f4:fc:06:37:8a:d5:f0:20:08:6d:cb:
01:15:2f:8a:3f:17:27:4e:25:15:a6:cd:2a:e7:1e:a8:1c:1a:
5e:e3:a6:66:07:1d:37:4d:11:76:cc:81:6d:24:74:76:78:6a:
50:7e:8e:64:66:d1:8a:91:3a:b5:68:76:5d:0f:a0:12:b3:81:
66:c2:54:34:63:58:bf:7a:55:db:99:04:9d:1d:69:83:a7:a9:
35:71:75:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR/YsTf4SMBa0RR30J+/P5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjUwMTE5MTYyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzc2MTE0MmYyYzA5NjA3N2VmNTg1MTc2MjhmMDViYzBlNjAzYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJhSBGwRuYrOG/qDxvRRpEqYJ5Vo
rfmhjqGJvqlQDeRBpi8UkoWXjHSLm4RvMo5NFVJzZEJJvXEg9gSiJKCAntngy8pQ
GdzdZgP/1d5HRqvJYoxBafaNQs41U8a2QiHJT8Jognyhr1wrCGKLWg0gWSrNuyca
vEyEYiLOxI9sViG2zGHW1KvIG9077B2OCgULdHsOK1gwb5/uNiftmmSwdcEwWIJs
8SkclrzPyyNlBJYqZTzR0X453hYZOdJkXAYg2mqYJ51c4liOJMZYQaUhpK2Lyrxu
WZ3ESbXgZLCmG/JoCKu6/UxIfZjOWLOhjyH89fmU+sPnDyCNzx4j5jHlpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDN2EULywJYHfvWFF2KPBbwOYDw1MB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvTTNZUlF2TEFsZ2QtOVlVWFlvOEZ2QTVnUERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwajLMA0G
CSqGSIb3DQEBCwUAA4IBAQAB7smNyu000rCffKgCa47Oa8ayX/U2uKkyl3QTqWeW
bWGvJUs0Db7dAJXhIf+Ep8gqikNZaBeXFW7iVnB606dH1RsPHpg0ynLzOn9PMMJJ
uuVTmBNYa1iMjQAnTgTZYNUxfGYNRxVaOdW9WgaCe4J6+Yyz/vyjgM/sab2xHCQt
VxSdx3Zm7YTRDw9hobkjO62qaeNT8mRmrznqW7aRcT+ANl63FAUMhKaJ9PwGN4rV
8CAIbcsBFS+KPxcnTiUVps0q5x6oHBpe46ZmBx03TRF2zIFtJHR2eGpQfo5kZtGK
kTq1aHZdD6ASs4FmwlQ0Y1i/elXbmQSdHWmDp6k1cXV/
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:22:37 2025 by rpki-client