Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/CMQROoK8uWSPRdeDCZTUZSQ5jC4.roa
File: CMQROoK8uWSPRdeDCZTUZSQ5jC4.roa (raw, json)
Hash identifier: p5q+rGbv7GItjcJHu7U1a39ynGzqBiInWp0O6HwVpkI=
Subject key identifier: 08:C4:11:3A:82:BC:B9:64:8F:45:D7:83:09:94:D4:65:24:39:8C:2E
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 0193795761926D571EFD3CD16FF5CCB23BE1
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/CMQROoK8uWSPRdeDCZTUZSQ5jC4.roa
Signing time: Fri 29 Nov 2024 19:13:09 +0000
ROA not before: Fri 29 Nov 2024 19:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20860
IP address blocks: 193.37.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:79:57:61:92:6d:57:1e:fd:3c:d1:6f:f5:cc:b2:3b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Nov 29 19:13:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08c4113a82bcb9648f45d7830994d46524398c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:30:59:35:29:39:1b:96:85:01:eb:b4:30:af:
94:03:25:60:b8:3e:e2:8d:0b:c4:fe:de:cb:ae:73:
55:eb:15:84:60:8a:17:c4:33:2a:cb:49:2b:1c:45:
66:f2:42:a3:70:2a:21:01:87:90:d0:19:f9:61:7d:
c3:dd:16:0f:ef:4b:18:d0:5b:ab:7c:d8:0a:b6:13:
7a:58:b8:7f:83:57:ad:e5:f3:33:c0:63:9c:5c:60:
0d:31:10:a1:2d:fc:d5:cc:7c:25:d5:7c:b8:55:38:
91:ff:4f:70:aa:56:ad:ed:3f:0d:3b:f4:b8:3c:ac:
a4:8c:06:ba:24:0f:42:b3:7a:08:a9:d8:c3:48:60:
f2:2d:41:80:d0:30:48:ae:7e:35:f0:3d:7b:42:56:
79:77:55:5b:40:55:41:5b:8d:74:2b:6e:f6:8e:84:
d6:57:58:71:20:93:07:91:08:4f:54:56:62:59:27:
c5:87:8d:35:bc:af:73:3e:72:aa:eb:3c:77:e6:a1:
9f:c8:2a:e5:8c:61:14:4b:2c:78:bf:ea:ec:d0:0a:
f9:25:86:38:4b:44:ab:45:c2:30:08:5a:03:84:d0:
ae:44:a7:0b:8e:e6:e1:49:5b:3d:6b:43:f3:2e:9e:
fb:2d:4e:fe:1e:a6:13:41:90:ff:47:1b:d4:b5:b2:
3f:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C4:11:3A:82:BC:B9:64:8F:45:D7:83:09:94:D4:65:24:39:8C:2E
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/CMQROoK8uWSPRdeDCZTUZSQ5jC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.72.0/22
Signature Algorithm: sha256WithRSAEncryption
d6:c3:ca:2a:a2:5c:bb:90:b2:45:1c:e8:a5:96:12:bb:ea:3e:
b6:55:a9:13:ea:87:7c:db:f1:9f:2f:be:3b:82:20:d5:25:b3:
ab:7e:f2:0a:7a:e3:f3:28:cb:ca:c2:28:56:43:0a:4c:43:cf:
d2:41:31:b3:e1:ca:09:3a:4d:ed:02:b4:fe:8d:e3:56:9f:56:
72:38:08:24:0d:54:60:51:0e:34:c3:d7:4a:8c:26:9a:3d:0a:
fc:68:62:31:c2:64:54:29:b3:78:4e:c9:b1:41:1a:79:76:b1:
fb:d6:bc:7b:38:f5:21:93:d4:8f:9b:9a:4f:de:40:04:0b:70:
07:55:12:19:41:35:0a:1f:f9:f4:46:1a:a1:75:88:38:b0:f3:
c0:81:8d:fd:6b:3d:a2:ea:dd:2f:58:d7:bc:ea:00:3e:fe:de:
41:e1:68:4a:bc:30:78:3c:ca:d7:af:ae:34:2d:68:26:a1:b9:
02:66:b3:a4:de:95:e0:78:b6:da:a9:b2:5e:50:22:2f:92:61:
1e:f1:c9:d4:58:15:23:12:be:87:c5:f3:9c:e5:52:0d:b6:57:
1b:3a:a5:5c:f0:8a:fe:db:81:73:a2:03:48:ba:34:db:04:b0:
b6:92:7f:82:0e:90:8c:a8:32:2d:9b:29:9c:bc:8c:6a:04:e5:
80:b5:d7:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZN5V2GSbVce/TzRb/XMsjvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQxMTI5MTkxMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGM0MTEzYTgyYmNiOTY0OGY0NWQ3ODMwOTk0ZDQ2NTI0Mzk4YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TBZNSk5G5aFAeu0MK+UAyVguD7i
jQvE/t7LrnNV6xWEYIoXxDMqy0krHEVm8kKjcCohAYeQ0Bn5YX3D3RYP70sY0Fur
fNgKthN6WLh/g1et5fMzwGOcXGANMRChLfzVzHwl1Xy4VTiR/09wqlat7T8NO/S4
PKykjAa6JA9Cs3oIqdjDSGDyLUGA0DBIrn418D17QlZ5d1VbQFVBW410K272joTW
V1hxIJMHkQhPVFZiWSfFh401vK9zPnKq6zx35qGfyCrljGEUSyx4v+rs0Ar5JYY4
S0SrRcIwCFoDhNCuRKcLjubhSVs9a0PzLp77LU7+HqYTQZD/RxvUtbI/vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjEETqCvLlkj0XXgwmU1GUkOYwuMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvQ01RUk9vSzh1V1NQUmRlRENaVFVaU1E1akM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSVIMA0G
CSqGSIb3DQEBCwUAA4IBAQDWw8oqoly7kLJFHOillhK76j62VakT6od82/GfL747
giDVJbOrfvIKeuPzKMvKwihWQwpMQ8/SQTGz4coJOk3tArT+jeNWn1ZyOAgkDVRg
UQ40w9dKjCaaPQr8aGIxwmRUKbN4TsmxQRp5drH71rx7OPUhk9SPm5pP3kAEC3AH
VRIZQTUKH/n0RhqhdYg4sPPAgY39az2i6t0vWNe86gA+/t5B4WhKvDB4PMrXr640
LWgmobkCZrOk3pXgeLbaqbJeUCIvkmEe8cnUWBUjEr6HxfOc5VINtlcbOqVc8Ir+
24FzogNIujTbBLC2kn+CDpCMqDItmymcvIxqBOWAtdeb
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:58:20 2025 by rpki-client