Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/NerLrZt9Lq9zP4s7cJ4tPVlB3c4.roa
File: NerLrZt9Lq9zP4s7cJ4tPVlB3c4.roa (raw, json)
Hash identifier: womxj+y0OFAmcQo5HtagzzNyhnQX3dUh33XLVx8fXsQ=
Subject key identifier: 35:EA:CB:AD:9B:7D:2E:AF:73:3F:8B:3B:70:9E:2D:3D:59:41:DD:CE
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 019374E2A25433BC5BBDEB10A694A3B0C0D1
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/NerLrZt9Lq9zP4s7cJ4tPVlB3c4.roa
Signing time: Thu 28 Nov 2024 22:27:09 +0000
ROA not before: Thu 28 Nov 2024 22:27:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47447
IP address blocks: 193.160.223.0/24 maxlen: 24
193.168.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:74:e2:a2:54:33:bc:5b:bd:eb:10:a6:94:a3:b0:c0:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Nov 28 22:27:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35eacbad9b7d2eaf733f8b3b709e2d3d5941ddce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f2:90:97:1c:d1:46:b0:3b:77:63:bd:4c:2d:
3b:1b:1e:8c:a5:a1:78:c3:fd:e8:58:ea:9d:01:d1:
a7:68:11:23:a1:74:a4:ba:57:b5:c1:16:31:20:d0:
57:ff:6a:25:ca:fc:8a:6e:f1:98:a1:71:21:dc:25:
95:82:52:7a:3e:72:d3:3d:17:b1:9a:31:a7:bc:0e:
9b:e0:ed:01:34:41:3f:74:ef:1f:c7:d3:55:c5:83:
80:43:af:c1:3a:bd:f9:ca:4d:e9:55:bf:70:fb:4c:
ee:5f:a2:64:77:b1:61:fc:f4:28:af:ad:dc:2d:67:
10:7b:39:ea:87:29:01:d5:63:70:b7:40:fe:5d:10:
a6:ba:56:70:90:91:89:16:13:e8:c8:3b:2c:80:a2:
47:6b:ac:13:a7:c0:3b:cb:57:35:79:63:46:87:8e:
fe:11:c0:e0:ed:44:25:12:ad:cb:f0:6a:6f:59:34:
12:61:51:03:4e:00:de:19:64:36:d5:01:a6:86:11:
8a:0f:4a:52:27:94:a5:29:6e:fb:d7:45:1a:81:ff:
0f:09:5e:ea:1d:85:b7:7d:fd:c9:ed:64:53:e2:92:
30:33:d4:d2:12:1b:b8:53:6d:f2:1e:92:e5:3a:6e:
49:81:f9:90:e2:80:f4:59:cc:73:16:22:19:26:a2:
e9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:EA:CB:AD:9B:7D:2E:AF:73:3F:8B:3B:70:9E:2D:3D:59:41:DD:CE
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/NerLrZt9Lq9zP4s7cJ4tPVlB3c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.223.0/24
193.168.201.0/24
Signature Algorithm: sha256WithRSAEncryption
29:55:fd:9f:6b:b4:8d:5e:b2:bd:9e:66:f5:78:f7:9f:02:b3:
b2:9a:92:cf:df:0a:b6:80:7b:8e:4b:7a:1d:69:d3:2c:9b:9a:
09:d4:26:8a:0d:f3:7c:53:53:b9:b7:38:16:3e:78:db:f6:cf:
06:25:02:47:ab:70:1a:60:ff:ad:81:24:14:e0:4e:52:6e:84:
ef:fd:61:c0:c3:46:dc:ae:97:f3:c7:68:77:fc:d8:95:15:b7:
94:b6:5a:fb:eb:b5:1f:1a:b5:52:f6:ab:0f:b6:6b:86:8c:95:
ab:5e:3e:9d:06:d1:5b:83:5d:92:74:97:f6:58:75:0d:67:96:
ab:7d:85:c3:9a:02:eb:7d:93:74:d6:dd:91:0b:8d:e2:d1:93:
c4:0c:25:eb:45:ba:3b:43:d5:58:56:bb:80:4f:0e:56:27:2f:
72:28:45:8c:0c:3a:15:43:32:5d:03:4a:3f:5b:b2:d5:9d:d8:
e0:d7:f5:ce:6f:e1:b4:5f:22:7f:70:6a:e9:7e:e9:b3:03:47:
f5:28:cf:96:d0:29:68:93:67:a6:d4:74:07:9e:db:92:94:92:
98:06:2d:af:0c:c9:07:f6:67:16:61:48:d7:a3:f0:65:91:c2:
fe:8b:a0:5b:96:02:4a:bf:fa:f1:c2:16:30:e9:e1:9e:65:f2:
19:79:6b:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZN04qJUM7xbvesQppSjsMDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQxMTI4MjIyNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWVhY2JhZDliN2QyZWFmNzMzZjhiM2I3MDllMmQzZDU5NDFkZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvKQlxzRRrA7d2O9TC07Gx6MpaF4
w/3oWOqdAdGnaBEjoXSkule1wRYxINBX/2olyvyKbvGYoXEh3CWVglJ6PnLTPRex
mjGnvA6b4O0BNEE/dO8fx9NVxYOAQ6/BOr35yk3pVb9w+0zuX6Jkd7Fh/PQor63c
LWcQeznqhykB1WNwt0D+XRCmulZwkJGJFhPoyDssgKJHa6wTp8A7y1c1eWNGh47+
EcDg7UQlEq3L8GpvWTQSYVEDTgDeGWQ21QGmhhGKD0pSJ5SlKW7710Uagf8PCV7q
HYW3ff3J7WRT4pIwM9TSEhu4U23yHpLlOm5JgfmQ4oD0WcxzFiIZJqLpjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDXqy62bfS6vcz+LO3CeLT1ZQd3OMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvTmVyTHJadDlMcTl6UDRzN2NKNHRQVmxCM2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwaDfAwQA
wajJMA0GCSqGSIb3DQEBCwUAA4IBAQApVf2fa7SNXrK9nmb1ePefArOympLP3wq2
gHuOS3odadMsm5oJ1CaKDfN8U1O5tzgWPnjb9s8GJQJHq3AaYP+tgSQU4E5SboTv
/WHAw0bcrpfzx2h3/NiVFbeUtlr767UfGrVS9qsPtmuGjJWrXj6dBtFbg12SdJf2
WHUNZ5arfYXDmgLrfZN01t2RC43i0ZPEDCXrRbo7Q9VYVruATw5WJy9yKEWMDDoV
QzJdA0o/W7LVndjg1/XOb+G0XyJ/cGrpfumzA0f1KM+W0Clok2em1HQHntuSlJKY
Bi2vDMkH9mcWYUjXo/BlkcL+i6BblgJKv/rxwhYw6eGeZfIZeWuz
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:29:24 2025 by rpki-client