Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/Kcgv9sOVMfeIM6OzoP33SFMGwN8.roa
File: Kcgv9sOVMfeIM6OzoP33SFMGwN8.roa (raw, json)
Hash identifier: S3NH0gxjEQzow+oOMRPpYJ+ra/nD6iVaPtF9O4RjxtE=
Subject key identifier: 29:C8:2F:F6:C3:95:31:F7:88:33:A3:B3:A0:FD:F7:48:53:06:C0:DF
Certificate issuer: /CN=9863354a111af6d5e1ad10da38ad8144b6be868e
Certificate serial: 0194228D208B604AD7F7D4179BBE4D67EC71
Authority key identifier: 98:63:35:4A:11:1A:F6:D5:E1:AD:10:DA:38:AD:81:44:B6:BE:86:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/Kcgv9sOVMfeIM6OzoP33SFMGwN8.roa
Signing time: Wed 01 Jan 2025 15:47:41 +0000
ROA not before: Wed 01 Jan 2025 15:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212368
IP address blocks: 193.134.253.0/24 maxlen: 24
193.135.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 10:34:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:20:8b:60:4a:d7:f7:d4:17:9b:be:4d:67:ec:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9863354a111af6d5e1ad10da38ad8144b6be868e
Validity
Not Before: Jan 1 15:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29c82ff6c39531f78833a3b3a0fdf7485306c0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:14:9c:d5:57:f6:75:6c:aa:22:47:0e:4d:ca:
7a:df:7a:72:13:62:54:b8:db:d8:f3:bc:54:ad:9a:
59:0d:7d:f5:68:5a:47:1e:58:63:10:e8:d4:1e:ec:
7d:7a:a2:3b:2e:dd:ab:cc:6e:2c:73:93:6b:cb:88:
24:61:0b:a5:c4:8b:a6:e4:05:1c:f2:20:ea:ce:89:
96:f2:8d:51:8a:1e:ee:78:b1:77:7b:dd:7e:06:04:
e3:ff:39:24:6c:e4:fd:b6:2a:5d:a8:a5:38:24:04:
c0:7a:55:9d:12:78:22:1a:87:b2:4e:88:9c:8d:93:
70:b2:ce:af:58:2a:06:21:a4:7f:8c:ff:4e:ff:62:
38:3f:6a:96:35:b2:52:f0:8d:75:34:44:20:ca:d9:
d7:b6:a6:64:fd:82:c6:44:fd:a2:0e:3c:f3:e0:ab:
80:28:40:fd:df:fe:b3:bf:f7:f3:82:03:c9:3a:72:
fd:17:5f:8b:23:38:82:eb:d5:e0:f1:db:67:f2:6d:
9d:ec:35:fc:21:60:82:31:37:c2:ca:dc:18:ec:b3:
97:f2:c1:63:4a:07:33:f6:ae:77:64:44:19:37:de:
3e:4c:1d:79:69:56:69:4b:10:76:65:8f:a8:9f:8b:
eb:05:ad:a1:78:43:63:86:8c:19:d4:cb:07:04:03:
1c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:C8:2F:F6:C3:95:31:F7:88:33:A3:B3:A0:FD:F7:48:53:06:C0:DF
X509v3 Authority Key Identifier:
keyid:98:63:35:4A:11:1A:F6:D5:E1:AD:10:DA:38:AD:81:44:B6:BE:86:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/Kcgv9sOVMfeIM6OzoP33SFMGwN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/mGM1ShEa9tXhrRDaOK2BRLa-ho4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.253.0/24
193.135.101.0/24
Signature Algorithm: sha256WithRSAEncryption
80:53:e9:0d:b8:e0:41:50:d0:09:5b:b5:43:27:23:6c:2e:9c:
11:d4:4a:a8:a7:f8:c5:ee:0f:61:89:63:0b:5b:bb:dd:10:a9:
e5:92:33:a0:0b:7a:a2:7e:60:0f:dc:47:87:13:93:bf:96:eb:
6d:95:2f:50:1b:25:71:55:3e:05:ae:aa:1d:e0:db:15:9c:65:
ca:82:b2:7f:9d:b8:c5:90:32:d4:78:2c:7c:57:61:5b:1a:6f:
67:54:ae:49:a1:0a:08:66:b8:9f:7c:1f:d4:e4:e0:5a:8f:05:
10:2c:44:5a:1d:85:e6:e7:ba:85:81:28:d6:09:2f:49:22:6d:
da:e0:78:d8:a3:8e:d3:ea:6c:b7:3e:1f:1d:07:95:08:7d:82:
77:cc:4e:81:af:04:3a:82:12:49:7c:ac:4a:29:09:a2:b7:d8:
ba:bf:13:d8:92:83:d5:37:92:fd:0b:43:13:9d:37:8e:9c:1a:
37:3f:5c:34:df:95:a5:3b:d6:cf:81:23:97:77:17:56:c4:4b:
c1:e9:77:81:6d:d0:95:2f:e6:b1:b0:9a:e9:53:37:9e:e0:ae:
b7:1e:24:20:e1:05:05:72:8c:61:60:a1:01:7d:70:3b:34:77:
97:16:a2:0b:9c:c2:a5:28:28:bc:72:9a:81:af:75:15:17:7a:
b9:43:39:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijSCLYErX99QXm75NZ+xxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjMzNTRhMTExYWY2ZDVlMWFkMTBkYTM4YWQ4MTQ0YjZi
ZTg2OGUwHhcNMjUwMTAxMTU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWM4MmZmNmMzOTUzMWY3ODgzM2EzYjNhMGZkZjc0ODUzMDZjMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BSc1Vf2dWyqIkcOTcp633pyE2JU
uNvY87xUrZpZDX31aFpHHlhjEOjUHux9eqI7Lt2rzG4sc5Nry4gkYQulxIum5AUc
8iDqzomW8o1Rih7ueLF3e91+BgTj/zkkbOT9tipdqKU4JATAelWdEngiGoeyToic
jZNwss6vWCoGIaR/jP9O/2I4P2qWNbJS8I11NEQgytnXtqZk/YLGRP2iDjzz4KuA
KED93/6zv/fzggPJOnL9F1+LIziC69Xg8dtn8m2d7DX8IWCCMTfCytwY7LOX8sFj
Sgcz9q53ZEQZN94+TB15aVZpSxB2ZY+on4vrBa2heENjhowZ1MsHBAMcqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnIL/bDlTH3iDOjs6D990hTBsDfMB8GA1UdIwQY
MBaAFJhjNUoRGvbV4a0Q2jitgUS2voaOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdNMVNoRWE5dFhoclJEYU9LMkJSTGEtaG80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZWE4NDctYTc4My00ODlkLWFlNGIt
NTNmNTc1MDRlZjM1LzEvS2NndjlzT1ZNZmVJTTZPem9QMzNTRk1Hd044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZWE4NDctYTc4My00ODlkLWFlNGItNTNmNTc1MDRlZjM1
LzEvbUdNMVNoRWE5dFhoclJEYU9LMkJSTGEtaG80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwYb9AwQA
wYdlMA0GCSqGSIb3DQEBCwUAA4IBAQCAU+kNuOBBUNAJW7VDJyNsLpwR1Eqop/jF
7g9hiWMLW7vdEKnlkjOgC3qifmAP3EeHE5O/luttlS9QGyVxVT4Frqod4NsVnGXK
grJ/nbjFkDLUeCx8V2FbGm9nVK5JoQoIZriffB/U5OBajwUQLERaHYXm57qFgSjW
CS9JIm3a4HjYo47T6my3Ph8dB5UIfYJ3zE6BrwQ6ghJJfKxKKQmit9i6vxPYkoPV
N5L9C0MTnTeOnBo3P1w035WlO9bPgSOXdxdWxEvB6XeBbdCVL+axsJrpUzee4K63
HiQg4QUFcoxhYKEBfXA7NHeXFqILnMKlKCi8cpqBr3UVF3q5Qzmh
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:11:46 2025 by rpki-client