Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/a60f86-8b94-410a-bfd1-ff4c7183024f/1/slTDgJGgePj22_paILeoG59QckU.roa
File: slTDgJGgePj22_paILeoG59QckU.roa (raw, json)
Hash identifier: MDKxC8tJKoB9ixlqJ+ZHSG1jC7ZZNOtsZINiazW91mw=
Subject key identifier: B2:54:C3:80:91:A0:78:F8:F6:DB:FA:5A:20:B7:A8:1B:9F:50:72:45
Certificate issuer: /CN=0958b54bfee9896c4ada7dc18b3b7f9719da046b
Certificate serial: 018CC649E7E40CA955B6EBA2CA70420E39D8
Authority key identifier: 09:58:B5:4B:FE:E9:89:6C:4A:DA:7D:C1:8B:3B:7F:97:19:DA:04:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVi1S_7piWxK2n3Bizt_lxnaBGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/a60f86-8b94-410a-bfd1-ff4c7183024f/1/slTDgJGgePj22_paILeoG59QckU.roa
Signing time: Mon 01 Jan 2024 18:29:41 +0000
ROA not before: Mon 01 Jan 2024 18:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 193.0.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e7:e4:0c:a9:55:b6:eb:a2:ca:70:42:0e:39:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0958b54bfee9896c4ada7dc18b3b7f9719da046b
Validity
Not Before: Jan 1 18:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b254c38091a078f8f6dbfa5a20b7a81b9f507245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ef:1e:96:fd:fc:78:18:a7:60:42:fd:66:56:
bb:be:8b:c1:d4:6c:4a:f7:77:a9:5f:ab:29:6d:7e:
b9:d3:be:cf:30:02:e8:6a:93:99:db:74:a3:a8:10:
b0:41:8e:56:29:6e:10:23:5b:9c:2d:c5:a5:ec:39:
25:bd:e3:3f:21:c0:b3:0b:fa:a3:64:75:74:73:37:
e6:2a:c6:12:77:40:a7:dd:3e:57:0c:35:b8:9b:3b:
4f:f2:51:30:1f:82:fe:66:e2:29:78:b7:30:33:55:
65:46:76:d6:3e:ab:a4:c6:74:19:99:e8:62:c0:c2:
df:d4:00:c4:5b:10:c2:6d:f2:fe:d0:6d:3b:8d:58:
44:e5:61:fc:98:09:f1:33:49:a0:34:1d:49:0c:4a:
03:a2:98:12:ea:16:48:d4:f8:4b:2f:0b:c0:9d:57:
0b:1c:70:bd:08:fe:8e:fa:43:dd:6a:c3:e4:db:40:
15:6c:80:bd:73:9e:92:02:c2:6f:63:20:71:22:dd:
88:f5:78:e9:fa:43:8d:eb:ee:80:ba:11:96:c7:a1:
d8:30:5c:c3:05:15:49:3e:5d:32:ba:f9:0c:13:5b:
ee:5d:43:ae:47:8e:3b:a3:89:c3:2d:93:9c:e2:e3:
5e:c2:88:f1:8e:07:d4:fb:61:4e:d3:7b:09:dc:a4:
ce:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:54:C3:80:91:A0:78:F8:F6:DB:FA:5A:20:B7:A8:1B:9F:50:72:45
X509v3 Authority Key Identifier:
keyid:09:58:B5:4B:FE:E9:89:6C:4A:DA:7D:C1:8B:3B:7F:97:19:DA:04:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVi1S_7piWxK2n3Bizt_lxnaBGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/a60f86-8b94-410a-bfd1-ff4c7183024f/1/slTDgJGgePj22_paILeoG59QckU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/a60f86-8b94-410a-bfd1-ff4c7183024f/1/CVi1S_7piWxK2n3Bizt_lxnaBGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.237.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:12:f6:ba:74:1c:b7:d1:0c:73:0b:74:4d:d4:4d:23:79:fe:
37:6e:a2:8b:12:04:46:62:c1:ff:dd:d9:ad:c7:71:ca:51:a2:
f2:01:d8:8c:36:13:30:7e:2a:8f:68:64:81:20:99:90:e4:aa:
eb:04:7e:6e:d7:6e:2c:ec:c6:ce:7e:b5:57:37:b6:c5:0c:fb:
6e:17:07:00:47:51:c1:74:f2:ea:da:da:9c:52:61:34:d9:69:
b9:a3:b4:64:3e:25:78:fb:99:c3:c1:1e:d6:55:5e:a3:bd:5a:
a8:93:c7:62:6c:7c:16:34:8f:4b:4c:99:22:bf:de:cb:c2:a8:
ff:96:68:33:1b:6f:62:7f:b6:f4:61:80:eb:cd:0d:bb:99:c5:
16:2e:d8:0f:b9:48:33:9a:6d:23:36:f4:19:28:69:2f:af:b3:
74:a8:47:1f:d7:56:51:1f:1e:d7:37:70:4a:98:81:04:68:78:
66:1e:cf:90:d7:3c:f4:41:cd:f8:e6:99:85:31:fc:0a:c9:cc:
73:61:35:8b:d9:20:13:d1:b2:09:cb:40:f6:aa:79:9c:44:fa:
ed:8f:0b:2e:82:b9:67:e1:4e:43:99:17:33:54:7c:bf:ff:fa:
48:7a:d6:68:34:48:14:1e:50:63:ce:06:b8:90:38:4f:48:0a:
12:df:13:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSefkDKlVtuuiynBCDjnYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NThiNTRiZmVlOTg5NmM0YWRhN2RjMThiM2I3Zjk3MTlk
YTA0NmIwHhcNMjQwMTAxMTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjU0YzM4MDkxYTA3OGY4ZjZkYmZhNWEyMGI3YTgxYjlmNTA3MjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu8elv38eBinYEL9Zla7vovB1GxK
93epX6spbX65077PMALoapOZ23SjqBCwQY5WKW4QI1ucLcWl7DklveM/IcCzC/qj
ZHV0czfmKsYSd0Cn3T5XDDW4mztP8lEwH4L+ZuIpeLcwM1VlRnbWPqukxnQZmehi
wMLf1ADEWxDCbfL+0G07jVhE5WH8mAnxM0mgNB1JDEoDopgS6hZI1PhLLwvAnVcL
HHC9CP6O+kPdasPk20AVbIC9c56SAsJvYyBxIt2I9Xjp+kON6+6AuhGWx6HYMFzD
BRVJPl0yuvkME1vuXUOuR447o4nDLZOc4uNewojxjgfU+2FO03sJ3KTOmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJUw4CRoHj49tv6WiC3qBufUHJFMB8GA1UdIwQY
MBaAFAlYtUv+6YlsStp9wYs7f5cZ2gRrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZpMVNfN3BpV3hLMm4zQml6dF9seG5hQkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hNjBmODYtOGI5NC00MTBhLWJmZDEt
ZmY0YzcxODMwMjRmLzEvc2xURGdKR2dlUGoyMl9wYUlMZW9HNTlRY2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9hNjBmODYtOGI5NC00MTBhLWJmZDEtZmY0YzcxODMwMjRm
LzEvQ1ZpMVNfN3BpV3hLMm4zQml6dF9seG5hQkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQDtMA0G
CSqGSIb3DQEBCwUAA4IBAQBqEva6dBy30QxzC3RN1E0jef43bqKLEgRGYsH/3dmt
x3HKUaLyAdiMNhMwfiqPaGSBIJmQ5KrrBH5u124s7MbOfrVXN7bFDPtuFwcAR1HB
dPLq2tqcUmE02Wm5o7RkPiV4+5nDwR7WVV6jvVqok8dibHwWNI9LTJkiv97Lwqj/
lmgzG29if7b0YYDrzQ27mcUWLtgPuUgzmm0jNvQZKGkvr7N0qEcf11ZRHx7XN3BK
mIEEaHhmHs+Q1zz0Qc345pmFMfwKycxzYTWL2SAT0bIJy0D2qnmcRPrtjwsugrln
4U5DmRczVHy///pIetZoNEgUHlBjzga4kDhPSAoS3xNp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:16 2025 by rpki-client