Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/4audOP1R1lrHU7yXBtM8gsuwtRQ.roa
File: 4audOP1R1lrHU7yXBtM8gsuwtRQ.roa (raw, json)
Hash identifier: 6GynTYegPROuUQO2t83RISkdttsXQDjDlt07hpUThlE=
Subject key identifier: E1:AB:9D:38:FD:51:D6:5A:C7:53:BC:97:06:D3:3C:82:CB:B0:B5:14
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348E81286E3244BB23F150272EA4FAE
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/4audOP1R1lrHU7yXBtM8gsuwtRQ.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212777
IP address blocks: 194.209.237.0/24 maxlen: 24
212.243.178.0/24 maxlen: 24
194.209.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e8:12:86:e3:24:4b:b2:3f:15:02:72:ea:4f:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1ab9d38fd51d65ac753bc9706d33c82cbb0b514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f2:f6:a5:f7:d6:b6:e0:67:d0:6a:44:75:84:
4b:55:84:31:74:bd:0a:c0:3b:8e:fc:27:d0:f9:85:
69:76:ab:74:de:82:93:90:06:fe:d9:80:f5:ea:c0:
2d:5b:32:ec:95:36:04:06:6f:2f:5f:68:3c:e2:bc:
ff:cf:43:a0:6f:96:ce:c0:f6:56:32:0b:ff:88:40:
17:b8:a3:8f:76:a7:6d:99:81:da:ec:7a:3e:75:04:
37:33:0e:62:b1:37:a4:2d:28:dd:55:bb:ca:f9:80:
6f:bf:37:7e:60:ba:02:b3:1b:94:b5:9f:15:d1:43:
3d:f6:a4:b3:6e:06:78:9e:20:87:d4:b8:02:da:d3:
86:5a:6a:0e:42:5e:1d:35:44:c0:34:b2:18:d1:ae:
02:74:c5:8c:3a:86:1f:d3:6a:55:b1:7f:52:f4:99:
9e:1e:15:a1:a9:03:88:da:db:53:53:f2:d9:3e:3c:
52:a5:c9:68:73:2b:09:39:db:15:09:c1:14:8e:89:
42:c7:3f:b9:4e:8b:c1:f3:80:f4:99:d8:3b:ff:43:
e8:35:9f:d1:43:80:52:7d:66:51:7a:9d:70:c9:03:
c4:de:ef:a6:6a:e3:95:f0:9d:80:ca:2f:c1:af:f2:
f1:73:5c:47:cf:c5:71:ed:62:0b:f8:87:05:4a:cd:
5b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:AB:9D:38:FD:51:D6:5A:C7:53:BC:97:06:D3:3C:82:CB:B0:B5:14
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/4audOP1R1lrHU7yXBtM8gsuwtRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.202.0/24
194.209.237.0/24
212.243.178.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:00:99:f7:1f:d3:b2:1d:bc:82:22:f5:cd:8a:7b:e2:08:28:
57:8a:5f:72:60:93:6d:0b:94:18:b4:db:51:12:a8:76:d6:eb:
db:d5:ec:36:dd:46:69:cb:6e:eb:4f:2b:fd:fa:fa:44:b2:18:
74:67:08:59:a2:47:63:50:7b:01:b7:c6:e6:18:f0:50:c9:4c:
45:0f:57:07:54:fb:6e:42:66:65:02:a9:4e:fb:9b:3a:05:9b:
32:bd:c4:af:38:1b:75:16:aa:56:b2:d2:87:2a:04:23:0e:aa:
09:3e:04:d5:89:6e:4c:30:8f:20:ed:18:ec:f0:bb:c0:50:ec:
23:61:5c:7d:ac:8a:ec:53:a5:d7:9a:e1:fa:f6:56:78:5f:70:
21:0e:4d:fe:16:dd:0a:09:43:1e:be:27:ad:d4:fd:a2:7d:e4:
01:da:75:e7:ce:bc:52:80:ec:2b:80:e9:20:4a:aa:04:f8:bb:
5c:c2:21:1e:b9:51:c5:c9:0a:84:1c:ca:3d:80:a0:75:75:e4:
02:bc:7e:e1:b7:4f:3e:9e:f4:f8:2c:dd:9a:32:be:94:6c:7c:
52:db:a5:39:24:34:92:d0:c5:ad:14:f9:68:53:e2:00:f4:7b:
d8:c0:38:a8:a0:40:10:2a:92:a1:b5:3e:7e:74:c1:30:f1:55:
57:c5:56:1e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSOgShuMkS7I/FQJy6k+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWFiOWQzOGZkNTFkNjVhYzc1M2JjOTcwNmQzM2M4MmNiYjBiNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPL2pffWtuBn0GpEdYRLVYQxdL0K
wDuO/CfQ+YVpdqt03oKTkAb+2YD16sAtWzLslTYEBm8vX2g84rz/z0Ogb5bOwPZW
Mgv/iEAXuKOPdqdtmYHa7Ho+dQQ3Mw5isTekLSjdVbvK+YBvvzd+YLoCsxuUtZ8V
0UM99qSzbgZ4niCH1LgC2tOGWmoOQl4dNUTANLIY0a4CdMWMOoYf02pVsX9S9Jme
HhWhqQOI2ttTU/LZPjxSpclocysJOdsVCcEUjolCxz+5TovB84D0mdg7/0PoNZ/R
Q4BSfWZRep1wyQPE3u+mauOV8J2Ayi/Br/Lxc1xHz8Vx7WIL+IcFSs1bBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOGrnTj9UdZax1O8lwbTPILLsLUUMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvNGF1ZE9QMVIxbHJIVTd5WEJ0TThnc3V3dFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwtHKAwQA
wtHtAwQA1POyMA0GCSqGSIb3DQEBCwUAA4IBAQAfAJn3H9OyHbyCIvXNinviCChX
il9yYJNtC5QYtNtREqh21uvb1ew23UZpy27rTyv9+vpEshh0ZwhZokdjUHsBt8bm
GPBQyUxFD1cHVPtuQmZlAqlO+5s6BZsyvcSvOBt1FqpWstKHKgQjDqoJPgTViW5M
MI8g7Rjs8LvAUOwjYVx9rIrsU6XXmuH69lZ4X3AhDk3+Ft0KCUMeviet1P2ifeQB
2nXnzrxSgOwrgOkgSqoE+LtcwiEeuVHFyQqEHMo9gKB1deQCvH7ht08+nvT4LN2a
Mr6UbHxS26U5JDSS0MWtFPloU+IA9HvYwDiooEAQKpKhtT5+dMEw8VVXxVYe
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:28 2025 by rpki-client