Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/0Er9s7Bc0J2DOZ574fhWA1fzlps.roa
File: 0Er9s7Bc0J2DOZ574fhWA1fzlps.roa (raw, json)
Hash identifier: pdxoUCoNsa/F/XwA9k3cCx2kQcSUVaXtRAbN0Jx9wHs=
Subject key identifier: D0:4A:FD:B3:B0:5C:D0:9D:83:39:9E:7B:E1:F8:56:03:57:F3:96:9B
Certificate issuer: /CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Certificate serial: 018CC727326D63D534EC75015428A50D1835
Authority key identifier: 9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/0Er9s7Bc0J2DOZ574fhWA1fzlps.roa
Signing time: Mon 01 Jan 2024 22:31:23 +0000
ROA not before: Mon 01 Jan 2024 22:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 194.115.212.0/22 maxlen: 22
193.98.156.0/24 maxlen: 24
193.102.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:32:6d:63:d5:34:ec:75:01:54:28:a5:0d:18:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bc6fd3f32ca4594c96075659a7089b27ae3fef3
Validity
Not Before: Jan 1 22:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d04afdb3b05cd09d83399e7be1f8560357f3969b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:db:21:16:aa:7b:9a:1c:66:23:de:25:5f:54:
aa:a3:01:47:f6:cf:fc:6d:ac:e1:38:46:57:9b:18:
ce:7e:ed:6f:fc:1c:38:84:74:87:c1:5d:7c:55:f2:
8f:8e:66:29:64:16:7f:e6:0a:b4:ea:6e:5b:b2:40:
c9:cb:a7:ec:2c:3a:eb:d1:f7:53:5b:3b:5d:c5:4f:
28:3a:32:7c:69:7d:a6:87:19:48:29:d8:69:2e:61:
ed:41:48:b0:9e:3a:f0:66:64:12:b3:0c:87:8b:0f:
5c:d9:ee:c5:27:4d:6a:83:ce:6c:db:29:1e:f7:a0:
91:30:1a:35:f0:e2:54:5b:dc:52:52:d7:7c:6d:da:
46:1a:72:26:27:d1:71:cd:cb:14:05:20:83:0e:4f:
0d:42:ab:75:cb:04:9c:59:bf:f2:eb:ab:b6:cf:56:
ea:89:5e:18:23:7d:50:a5:7b:e9:e5:62:05:0b:e1:
dc:b7:c3:2a:de:7a:9d:8e:95:3a:77:53:dc:89:bb:
00:c4:e6:e8:fb:5f:80:48:4f:1b:d6:e4:6f:22:55:
2a:d4:9c:39:32:a2:90:29:06:87:e4:9d:c4:49:00:
1d:52:4b:b1:08:65:53:15:2f:ab:fc:35:d1:f4:5a:
82:4e:e3:8f:6d:b7:ee:ea:22:c5:a2:2c:28:fb:d2:
f1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4A:FD:B3:B0:5C:D0:9D:83:39:9E:7B:E1:F8:56:03:57:F3:96:9B
X509v3 Authority Key Identifier:
keyid:9B:C6:FD:3F:32:CA:45:94:C9:60:75:65:9A:70:89:B2:7A:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m8b9PzLKRZTJYHVlmnCJsnrj_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/0Er9s7Bc0J2DOZ574fhWA1fzlps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/da2447-b252-4b6a-a82f-dcbe53da7860/1/m8b9PzLKRZTJYHVlmnCJsnrj_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.98.156.0/24
193.102.132.0/24
194.115.212.0/22
Signature Algorithm: sha256WithRSAEncryption
48:cc:14:d7:dc:9a:2c:27:ac:1f:13:5c:9f:e4:0b:d6:fb:d7:
f9:62:9a:f2:8f:43:9f:ce:62:fe:34:68:f6:9a:9e:49:18:28:
70:dd:48:28:46:65:77:ca:61:83:ec:19:bb:6c:01:c4:d9:5a:
37:de:92:c6:89:11:97:3f:fb:d0:b4:1f:70:18:3d:d7:20:6e:
0e:5e:ea:6a:1b:1b:e6:11:67:01:78:c2:b0:ad:6a:90:20:ef:
21:7d:39:14:d8:e6:91:1a:ed:91:19:5e:8c:e8:a4:74:9e:9f:
f9:95:a2:a2:da:f5:2d:aa:f3:70:5c:26:3b:77:3b:93:35:e8:
86:3e:05:9f:16:e9:c3:06:d2:ae:54:03:ab:b8:61:51:e3:7a:
0b:b4:23:c9:81:ce:cf:a8:90:33:f8:e9:ca:1f:b2:94:43:f9:
0e:73:7f:bd:bd:ea:7c:00:ed:77:cc:33:c0:82:78:38:42:cc:
47:1a:4e:6d:6b:72:83:ed:e0:b7:b0:e4:ea:41:27:a8:36:17:
23:d0:83:b1:2f:aa:e7:c7:2f:ca:c4:ea:b4:52:01:8e:66:b9:
4b:0a:7d:48:aa:0c:f7:2a:09:88:7b:e9:23:79:37:cc:9b:89:
7e:44:0a:18:73:48:99:38:c9:b5:68:ab:e7:bd:50:99:57:df:
b0:8f:8a:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJzJtY9U07HUBVCilDRg1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYzZmZDNmMzJjYTQ1OTRjOTYwNzU2NTlhNzA4OWIyN2Fl
M2ZlZjMwHhcNMjQwMTAxMjIzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDRhZmRiM2IwNWNkMDlkODMzOTllN2JlMWY4NTYwMzU3ZjM5NjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNshFqp7mhxmI94lX1SqowFH9s/8
bazhOEZXmxjOfu1v/Bw4hHSHwV18VfKPjmYpZBZ/5gq06m5bskDJy6fsLDrr0fdT
WztdxU8oOjJ8aX2mhxlIKdhpLmHtQUiwnjrwZmQSswyHiw9c2e7FJ01qg85s2yke
96CRMBo18OJUW9xSUtd8bdpGGnImJ9FxzcsUBSCDDk8NQqt1ywScWb/y66u2z1bq
iV4YI31QpXvp5WIFC+Hct8Mq3nqdjpU6d1PcibsAxObo+1+ASE8b1uRvIlUq1Jw5
MqKQKQaH5J3ESQAdUkuxCGVTFS+r/DXR9FqCTuOPbbfu6iLFoiwo+9Lx7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNBK/bOwXNCdgzmee+H4VgNX85abMB8GA1UdIwQY
MBaAFJvG/T8yykWUyWB1ZZpwibJ64/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYt
ZGNiZTUzZGE3ODYwLzEvMEVyOXM3QmMwSjJET1o1NzRmaFdBMWZ6bHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kYTI0NDctYjI1Mi00YjZhLWE4MmYtZGNiZTUzZGE3ODYw
LzEvbThiOVB6TEtSWlRKWUhWbG1uQ0pzbnJqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwWKcAwQA
wWaEAwQCwnPUMA0GCSqGSIb3DQEBCwUAA4IBAQBIzBTX3JosJ6wfE1yf5AvW+9f5
Ypryj0OfzmL+NGj2mp5JGChw3UgoRmV3ymGD7Bm7bAHE2Vo33pLGiRGXP/vQtB9w
GD3XIG4OXupqGxvmEWcBeMKwrWqQIO8hfTkU2OaRGu2RGV6M6KR0np/5laKi2vUt
qvNwXCY7dzuTNeiGPgWfFunDBtKuVAOruGFR43oLtCPJgc7PqJAz+OnKH7KUQ/kO
c3+9vep8AO13zDPAgng4QsxHGk5ta3KD7eC3sOTqQSeoNhcj0IOxL6rnxy/KxOq0
UgGOZrlLCn1Iqgz3KgmIe+kjeTfMm4l+RAoYc0iZOMm1aKvnvVCZV9+wj4rR
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:06:47 2025 by rpki-client