Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/eb16eb-77f5-4003-b903-1c34afd9d50d/1/U-39f0iUUQP3QDyeb8YSslHfsaQ.roa
File: U-39f0iUUQP3QDyeb8YSslHfsaQ.roa (raw, json)
Hash identifier: LgtSZ3SVYAkBZpsRcEB12Jix6bi0apLYKyw4hYDeD34=
Subject key identifier: 53:ED:FD:7F:48:94:51:03:F7:40:3C:9E:6F:C6:12:B2:51:DF:B1:A4
Certificate issuer: /CN=1911a6583dc79a41551b17aeb4314db29311cbeb
Certificate serial: 018CC7272A16F61C4CE33DD44C62729A4749
Authority key identifier: 19:11:A6:58:3D:C7:9A:41:55:1B:17:AE:B4:31:4D:B2:93:11:CB:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRGmWD3HmkFVGxeutDFNspMRy-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/eb16eb-77f5-4003-b903-1c34afd9d50d/1/U-39f0iUUQP3QDyeb8YSslHfsaQ.roa
Signing time: Mon 01 Jan 2024 22:31:21 +0000
ROA not before: Mon 01 Jan 2024 22:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208060
IP address blocks: 193.43.30.0/23 maxlen: 24
193.43.32.0/23 maxlen: 24
2a0f:b880::/29 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:2a:16:f6:1c:4c:e3:3d:d4:4c:62:72:9a:47:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1911a6583dc79a41551b17aeb4314db29311cbeb
Validity
Not Before: Jan 1 22:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53edfd7f48945103f7403c9e6fc612b251dfb1a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:41:56:b4:32:77:29:5d:e8:25:d8:70:50:dd:
98:79:f0:c0:b7:9e:0c:33:7f:81:58:7d:78:1c:71:
0d:e7:6a:1d:bc:8c:21:bb:01:7d:73:dc:77:c2:e4:
11:58:29:f5:4f:8c:3a:a1:e6:ff:2f:af:03:70:a7:
05:e8:b8:33:e6:13:15:70:e5:5a:c4:1e:fb:66:db:
bf:66:8e:2a:0a:4a:66:04:bc:aa:b8:bf:02:c1:9b:
2a:a1:54:e4:09:41:34:6d:65:40:77:7d:9c:9b:12:
f6:e9:2d:ec:18:b5:e0:47:19:67:ab:d0:37:c1:ef:
97:21:9a:bc:7a:6a:28:4c:01:6b:cf:8e:c6:e4:4f:
c3:da:5c:11:4c:93:ab:64:bb:61:24:e4:47:d5:7e:
1c:85:6c:a7:53:d1:17:08:2c:c8:82:8e:6e:9a:ab:
02:db:31:6b:29:2e:8a:d9:98:0c:19:9b:b8:fb:65:
bc:2a:65:21:6f:26:e1:38:75:b9:bc:77:f0:17:a6:
f9:af:66:46:be:fb:51:63:04:86:49:00:3f:b6:16:
e8:54:dd:4a:2e:9b:e9:2f:1e:f9:22:67:ac:10:7e:
15:76:7d:d6:91:bc:e1:76:09:fb:7d:02:fc:3d:79:
90:45:87:0e:b9:f5:36:92:93:86:22:52:7f:32:a7:
83:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:ED:FD:7F:48:94:51:03:F7:40:3C:9E:6F:C6:12:B2:51:DF:B1:A4
X509v3 Authority Key Identifier:
keyid:19:11:A6:58:3D:C7:9A:41:55:1B:17:AE:B4:31:4D:B2:93:11:CB:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRGmWD3HmkFVGxeutDFNspMRy-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/eb16eb-77f5-4003-b903-1c34afd9d50d/1/U-39f0iUUQP3QDyeb8YSslHfsaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/eb16eb-77f5-4003-b903-1c34afd9d50d/1/GRGmWD3HmkFVGxeutDFNspMRy-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.30.0-193.43.33.255
IPv6:
2a0f:b880::/29
Signature Algorithm: sha256WithRSAEncryption
04:a5:aa:23:96:3a:54:1a:24:61:30:a7:9d:c4:2e:1b:1c:17:
e9:ca:91:18:55:51:f9:6f:82:53:9c:13:a6:9f:87:b9:ce:de:
f0:f3:e7:3d:6f:41:6e:ab:56:6b:e9:73:b2:aa:b2:94:f8:57:
ba:15:fb:8d:ca:5e:3d:a9:1f:60:29:50:a0:dc:67:c3:be:7a:
df:c9:9a:94:70:50:46:da:45:9b:6b:89:59:a7:26:83:2d:5d:
2d:3d:b0:6e:01:f5:be:31:90:0e:b8:b1:4b:04:30:16:ac:f4:
48:8a:03:cc:80:de:a9:cd:16:98:76:92:41:0d:86:1f:5c:2b:
2d:1e:95:69:a1:0c:76:0f:7b:cc:69:80:a0:2c:3d:2b:f3:e9:
31:d0:25:25:bc:6c:b9:55:e7:bc:5a:8f:ea:96:51:d8:87:a4:
e1:96:e6:38:6b:03:16:44:a9:69:03:11:e0:8c:a3:cb:53:d7:
f6:11:c9:17:c3:db:08:69:c6:f1:65:d1:7b:03:fc:25:d0:c3:
b1:79:df:bc:8c:47:8c:62:ba:0b:a8:c5:d6:87:97:65:f8:81:
d4:b3:34:98:7b:d4:33:49:b4:4c:3a:70:b4:c0:e4:d4:61:9a:
fe:74:f3:4b:d5:e0:96:7e:bb:fc:6e:77:4c:cc:ea:bb:5d:d2:
e2:b6:c5:8b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzHJyoW9hxM4z3UTGJymkdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTFhNjU4M2RjNzlhNDE1NTFiMTdhZWI0MzE0ZGIyOTMx
MWNiZWIwHhcNMjQwMTAxMjIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VkZmQ3ZjQ4OTQ1MTAzZjc0MDNjOWU2ZmM2MTJiMjUxZGZiMWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUFWtDJ3KV3oJdhwUN2YefDAt54M
M3+BWH14HHEN52odvIwhuwF9c9x3wuQRWCn1T4w6oeb/L68DcKcF6Lgz5hMVcOVa
xB77Ztu/Zo4qCkpmBLyquL8CwZsqoVTkCUE0bWVAd32cmxL26S3sGLXgRxlnq9A3
we+XIZq8emooTAFrz47G5E/D2lwRTJOrZLthJORH1X4chWynU9EXCCzIgo5umqsC
2zFrKS6K2ZgMGZu4+2W8KmUhbybhOHW5vHfwF6b5r2ZGvvtRYwSGSQA/thboVN1K
LpvpLx75ImesEH4Vdn3Wkbzhdgn7fQL8PXmQRYcOufU2kpOGIlJ/MqeDYwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFPt/X9IlFED90A8nm/GErJR37GkMB8GA1UdIwQY
MBaAFBkRplg9x5pBVRsXrrQxTbKTEcvrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JHbVdEM0hta0ZWR3hldXRERk5zcE1SeS1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lYjE2ZWItNzdmNS00MDAzLWI5MDMt
MWMzNGFmZDlkNTBkLzEvVS0zOWYwaVVVUVAzUUR5ZWI4WVNzbEhmc2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lYjE2ZWItNzdmNS00MDAzLWI5MDMtMWMzNGFmZDlkNTBk
LzEvR1JHbVdEM0hta0ZWR3hldXRERk5zcE1SeS1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAHBKx4D
BAHBKyAwDQQCAAIwBwMFAyoPuIAwDQYJKoZIhvcNAQELBQADggEBAASlqiOWOlQa
JGEwp53ELhscF+nKkRhVUflvglOcE6afh7nO3vDz5z1vQW6rVmvpc7KqspT4V7oV
+43KXj2pH2ApUKDcZ8O+et/JmpRwUEbaRZtriVmnJoMtXS09sG4B9b4xkA64sUsE
MBas9EiKA8yA3qnNFph2kkENhh9cKy0elWmhDHYPe8xpgKAsPSvz6THQJSW8bLlV
57xaj+qWUdiHpOGW5jhrAxZEqWkDEeCMo8tT1/YRyRfD2whpxvFl0XsD/CXQw7F5
37yMR4xiuguoxdaHl2X4gdSzNJh71DNJtEw6cLTA5NRhmv5080vV4JZ+u/xud0zM
6rtd0uK2xYs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:34 2025 by rpki-client