Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/vn8c2dOQ-6-r-DCWHbprUAVUNM4.roa
File: vn8c2dOQ-6-r-DCWHbprUAVUNM4.roa (raw, json)
Hash identifier: 341h+d4mJY0vTQFiCwszBSqkth6gqLwitAnSQTHBx8E=
Subject key identifier: BE:7F:1C:D9:D3:90:FB:AF:AB:F8:30:96:1D:BA:6B:50:05:54:34:CE
Certificate issuer: /CN=fab6ba0a660aa88fa54ef8d746ea7e527781fc3c
Certificate serial: 018CC2DB04BDF2E2B3BE30B54C50C9D3DFA4
Authority key identifier: FA:B6:BA:0A:66:0A:A8:8F:A5:4E:F8:D7:46:EA:7E:52:77:81:FC:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ra6CmYKqI-lTvjXRup-UneB_Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/vn8c2dOQ-6-r-DCWHbprUAVUNM4.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207861
IP address blocks: 193.57.21.0/24 maxlen: 24
193.56.247.0/24 maxlen: 24
193.57.4.0/24 maxlen: 24
193.57.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:04:bd:f2:e2:b3:be:30:b5:4c:50:c9:d3:df:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fab6ba0a660aa88fa54ef8d746ea7e527781fc3c
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be7f1cd9d390fbafabf830961dba6b50055434ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bc:48:b8:7d:08:66:16:a5:c4:5e:cf:79:9d:
05:74:85:4b:12:b5:d9:df:b2:c4:6e:95:7b:1d:77:
f9:f1:d5:3c:2d:a6:6e:9f:21:08:91:50:2f:3f:4a:
87:aa:b7:4e:63:b8:7c:9c:31:03:82:5a:f6:70:9d:
06:7f:89:63:9b:36:dd:0c:b2:14:3a:47:97:e3:d9:
3e:35:9a:e0:bb:e8:18:b9:5f:aa:b2:3c:a0:2f:ef:
91:56:9b:56:e1:f5:f9:dd:f6:0a:ba:39:fc:d1:fd:
44:08:33:90:4b:45:32:bb:b2:98:f2:70:41:d3:de:
c1:a1:e3:a6:39:69:39:21:6b:0b:f4:f1:af:d7:5c:
00:2c:9e:46:7f:95:d4:53:62:96:a0:56:d7:79:c7:
12:28:af:0d:12:c1:3e:6d:cc:f4:29:d3:bc:0a:6d:
4c:7a:ee:51:d9:88:b7:49:06:e7:14:ae:3c:e1:53:
25:c0:dc:05:aa:86:58:4a:f0:5b:96:02:2c:13:26:
38:83:3d:06:80:80:e1:ee:41:29:83:a6:95:ec:48:
62:43:af:94:30:9f:c5:83:a3:c0:9f:a5:8e:dc:6c:
73:62:9e:c4:e5:c1:f6:9f:a1:be:8a:8d:a8:c4:e4:
65:19:65:87:95:69:7e:62:b1:93:0c:a5:80:49:8e:
1b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:7F:1C:D9:D3:90:FB:AF:AB:F8:30:96:1D:BA:6B:50:05:54:34:CE
X509v3 Authority Key Identifier:
keyid:FA:B6:BA:0A:66:0A:A8:8F:A5:4E:F8:D7:46:EA:7E:52:77:81:FC:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ra6CmYKqI-lTvjXRup-UneB_Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/vn8c2dOQ-6-r-DCWHbprUAVUNM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/1-ra6CmYKqI-lTvjXRup-UneB_Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.247.0/24
193.57.4.0/24
193.57.7.0/24
193.57.21.0/24
Signature Algorithm: sha256WithRSAEncryption
95:dd:9d:a7:10:f2:c3:85:44:e3:96:fb:50:db:5e:8f:88:15:
97:f3:06:45:c3:4a:22:07:9c:b7:47:a5:ae:b3:09:52:fc:17:
9b:93:9b:d4:39:52:ef:5a:46:1b:a0:3a:cb:8c:88:f9:16:00:
34:3f:39:5e:17:13:ce:46:39:46:7d:b0:1a:80:49:0d:17:8b:
43:ef:ee:e9:e8:61:4b:5f:6e:b2:f7:b4:56:01:75:52:99:20:
7b:e5:7f:92:58:2f:3c:88:d7:59:e0:a8:3f:46:50:c1:9b:53:
61:57:24:9c:74:65:70:c8:56:82:b0:81:09:5f:c4:6c:67:00:
1e:aa:a1:e9:72:e7:1a:44:98:fa:6b:3a:d2:6f:f8:26:b8:8a:
42:9a:9b:2e:d2:00:b7:2a:af:72:d5:ed:00:64:a6:f1:28:84:
2b:13:9d:ba:38:70:2e:5b:d9:6d:37:63:b8:a0:01:2c:97:f3:
51:ce:51:55:8b:19:64:d6:68:73:08:6d:0e:9b:24:08:b0:71:
c4:df:ad:65:57:a6:93:cf:89:b5:84:c5:ed:c6:fe:08:a3:6d:
81:9d:61:95:3a:64:10:36:f3:47:92:a2:42:df:c8:18:81:77:
87:c8:37:2e:b0:01:29:24:b9:b3:53:d0:a9:ab:85:b4:5d:a8:
34:12:88:72
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzC2wS98uKzvjC1TFDJ09+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYjZiYTBhNjYwYWE4OGZhNTRlZjhkNzQ2ZWE3ZTUyNzc4
MWZjM2MwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTdmMWNkOWQzOTBmYmFmYWJmODMwOTYxZGJhNmI1MDA1NTQzNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrxIuH0IZhalxF7PeZ0FdIVLErXZ
37LEbpV7HXf58dU8LaZunyEIkVAvP0qHqrdOY7h8nDEDglr2cJ0Gf4ljmzbdDLIU
OkeX49k+NZrgu+gYuV+qsjygL++RVptW4fX53fYKujn80f1ECDOQS0Uyu7KY8nBB
097BoeOmOWk5IWsL9PGv11wALJ5Gf5XUU2KWoFbXeccSKK8NEsE+bcz0KdO8Cm1M
eu5R2Yi3SQbnFK484VMlwNwFqoZYSvBblgIsEyY4gz0GgIDh7kEpg6aV7EhiQ6+U
MJ/Fg6PAn6WO3GxzYp7E5cH2n6G+io2oxORlGWWHlWl+YrGTDKWASY4b+QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL5/HNnTkPuvq/gwlh26a1AFVDTOMB8GA1UdIwQY
MBaAFPq2ugpmCqiPpU7410bqflJ3gfw8MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1yYTZDbVlLcUktbFR2alhSdXAtVW5lQl9Edy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEvMTU3NzNlLWZmMWMtNDBlZS1iYTBi
LTJhMWJhNDg4OTYzNS8xL3ZuOGMyZE9RLTYtci1EQ1dIYnByVUFWVU5NNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWEvMTU3NzNlLWZmMWMtNDBlZS1iYTBiLTJhMWJhNDg4OTYz
NS8xLzEtcmE2Q21ZS3FJLWxUdmpYUnVwLVVuZUJfRHcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBADBOPcD
BADBOQQDBADBOQcDBADBORUwDQYJKoZIhvcNAQELBQADggEBAJXdnacQ8sOFROOW
+1DbXo+IFZfzBkXDSiIHnLdHpa6zCVL8F5uTm9Q5Uu9aRhugOsuMiPkWADQ/OV4X
E85GOUZ9sBqASQ0Xi0Pv7unoYUtfbrL3tFYBdVKZIHvlf5JYLzyI11ngqD9GUMGb
U2FXJJx0ZXDIVoKwgQlfxGxnAB6qoely5xpEmPprOtJv+Ca4ikKamy7SALcqr3LV
7QBkpvEohCsTnbo4cC5b2W03Y7igASyX81HOUVWLGWTWaHMIbQ6bJAiwccTfrWVX
ppPPibWExe3G/gijbYGdYZU6ZBA280eSokLfyBiBd4fINy6wASkkubNT0KmrhbRd
qDQSiHI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:47 2025 by rpki-client