Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/6hbOp_nUpqC4I4HDLOZuH29JJA0.roa
File: 6hbOp_nUpqC4I4HDLOZuH29JJA0.roa (raw, json)
Hash identifier: eUz5bCRPhMhguVCIj4AlDj7iuPlHYMsF2IzGkVZvGuU=
Subject key identifier: EA:16:CE:A7:F9:D4:A6:A0:B8:23:81:C3:2C:E6:6E:1F:6F:49:24:0D
Certificate issuer: /CN=f2aeebe41d0518284aba3a4f5e5da05cfabd6f76
Certificate serial: 018CC5DD34237FBF24778CD0F2FAD7C06457
Authority key identifier: F2:AE:EB:E4:1D:05:18:28:4A:BA:3A:4F:5E:5D:A0:5C:FA:BD:6F:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8q7r5B0FGChKujpPXl2gXPq9b3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/6hbOp_nUpqC4I4HDLOZuH29JJA0.roa
Signing time: Mon 01 Jan 2024 16:30:57 +0000
ROA not before: Mon 01 Jan 2024 16:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42643
IP address blocks: 193.142.210.0/24 maxlen: 24
193.200.46.0/23 maxlen: 23
193.200.46.0/24 maxlen: 24
193.200.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:34:23:7f:bf:24:77:8c:d0:f2:fa:d7:c0:64:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2aeebe41d0518284aba3a4f5e5da05cfabd6f76
Validity
Not Before: Jan 1 16:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea16cea7f9d4a6a0b82381c32ce66e1f6f49240d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d2:77:0a:ee:4c:5d:0f:5c:a0:81:5c:8a:a6:
0e:da:e4:97:73:32:80:4a:af:1c:43:e9:ce:5e:c0:
9d:11:60:12:fd:ae:98:5f:c0:fe:11:0e:f4:0d:ed:
8f:e0:c7:73:36:5c:fc:07:57:cc:42:e3:57:7d:b4:
e1:59:30:e7:00:c9:47:83:6e:d6:47:2e:ba:5a:0f:
51:88:a8:ab:57:4a:aa:2e:a4:e2:b7:c6:a1:30:2a:
10:10:0e:15:73:78:52:54:e8:66:3b:7f:06:97:7c:
d5:dd:bb:c9:7b:3e:54:1f:a6:3c:21:e1:d2:17:fc:
c0:98:f4:80:7e:6c:78:19:b4:45:23:1f:d2:ab:65:
16:09:3c:ed:61:3e:18:ac:70:0d:11:0a:bb:e9:c7:
42:64:44:73:59:56:e8:db:4b:db:6a:48:6b:19:08:
01:c3:8e:4b:f3:ad:6f:13:40:07:c6:0d:89:4f:f0:
ad:20:de:6c:b9:0e:38:f1:70:1a:00:ad:cd:ca:4a:
8f:5f:65:1b:b0:4b:ed:4e:a5:b0:e4:78:1d:a7:91:
a5:4e:05:93:62:1d:e8:16:a5:30:aa:e2:4c:e9:83:
fb:fe:7c:6c:bc:ab:a0:2a:ad:8e:68:ef:31:a1:af:
b2:d1:d8:85:e0:ea:7f:b9:89:26:26:b6:af:ca:e8:
e4:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:16:CE:A7:F9:D4:A6:A0:B8:23:81:C3:2C:E6:6E:1F:6F:49:24:0D
X509v3 Authority Key Identifier:
keyid:F2:AE:EB:E4:1D:05:18:28:4A:BA:3A:4F:5E:5D:A0:5C:FA:BD:6F:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8q7r5B0FGChKujpPXl2gXPq9b3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/6hbOp_nUpqC4I4HDLOZuH29JJA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/cfc1ba-9c78-4c3d-8ec3-c0ad74ca5d9b/1/8q7r5B0FGChKujpPXl2gXPq9b3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.210.0/24
193.200.46.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:b5:d4:72:7e:94:12:90:70:89:19:1e:21:9a:43:98:96:99:
4d:15:68:f9:81:f1:d8:04:32:12:5c:f0:6d:0f:bb:56:6d:32:
f9:38:8e:2f:9f:4c:69:05:84:de:a1:e5:7d:1c:26:20:b8:1f:
ba:36:2c:97:72:a4:d6:c4:aa:8b:fe:11:89:6f:6f:11:1d:c4:
c5:fe:c3:82:3b:f2:be:54:45:63:92:2b:27:e4:56:70:06:8e:
ea:b4:28:4f:3c:88:1c:d6:0a:5b:15:4d:97:e0:4e:41:f8:10:
e2:74:81:bc:62:34:4a:a0:fd:66:f7:f0:c4:9c:87:78:d5:7c:
36:59:30:cb:d1:22:c8:46:3b:f1:cb:fb:db:09:fe:81:0c:0e:
9f:ae:65:8a:84:8a:18:5e:ad:68:62:ce:a3:7d:ab:4d:2e:bb:
aa:f5:9e:f8:9d:ce:9e:ec:dd:d5:77:ae:15:22:4d:06:7c:b4:
22:e2:58:f1:40:61:2f:c2:f1:c6:68:02:ba:7a:6d:c4:de:e2:
eb:cc:ff:ba:fe:14:c1:92:60:56:7b:f2:5e:16:6c:98:05:80:
45:b8:81:d9:49:16:6d:2f:dc:7b:0e:b4:7c:b6:24:67:14:59:
44:63:8b:6f:20:a1:b8:84:12:dd:8b:f5:7e:58:37:73:62:ea:
01:c9:48:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3TQjf78kd4zQ8vrXwGRXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYWVlYmU0MWQwNTE4Mjg0YWJhM2E0ZjVlNWRhMDVjZmFi
ZDZmNzYwHhcNMjQwMTAxMTYzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTE2Y2VhN2Y5ZDRhNmEwYjgyMzgxYzMyY2U2NmUxZjZmNDkyNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9J3Cu5MXQ9coIFciqYO2uSXczKA
Sq8cQ+nOXsCdEWAS/a6YX8D+EQ70De2P4MdzNlz8B1fMQuNXfbThWTDnAMlHg27W
Ry66Wg9RiKirV0qqLqTit8ahMCoQEA4Vc3hSVOhmO38Gl3zV3bvJez5UH6Y8IeHS
F/zAmPSAfmx4GbRFIx/Sq2UWCTztYT4YrHANEQq76cdCZERzWVbo20vbakhrGQgB
w45L861vE0AHxg2JT/CtIN5suQ448XAaAK3NykqPX2UbsEvtTqWw5Hgdp5GlTgWT
Yh3oFqUwquJM6YP7/nxsvKugKq2OaO8xoa+y0diF4Op/uYkmJravyujkpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOoWzqf51KaguCOBwyzmbh9vSSQNMB8GA1UdIwQY
MBaAFPKu6+QdBRgoSro6T15doFz6vW92MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHE3cjVCMEZHQ2hLdWpwUFhsMmdYUHE5YjNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jZmMxYmEtOWM3OC00YzNkLThlYzMt
YzBhZDc0Y2E1ZDliLzEvNmhiT3BfblVwcUM0STRIRExPWnVIMjlKSkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jZmMxYmEtOWM3OC00YzNkLThlYzMtYzBhZDc0Y2E1ZDli
LzEvOHE3cjVCMEZHQ2hLdWpwUFhsMmdYUHE5YjNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwY7SAwQB
wcguMA0GCSqGSIb3DQEBCwUAA4IBAQDStdRyfpQSkHCJGR4hmkOYlplNFWj5gfHY
BDISXPBtD7tWbTL5OI4vn0xpBYTeoeV9HCYguB+6NiyXcqTWxKqL/hGJb28RHcTF
/sOCO/K+VEVjkisn5FZwBo7qtChPPIgc1gpbFU2X4E5B+BDidIG8YjRKoP1m9/DE
nId41Xw2WTDL0SLIRjvxy/vbCf6BDA6frmWKhIoYXq1oYs6jfatNLruq9Z74nc6e
7N3Vd64VIk0GfLQi4ljxQGEvwvHGaAK6em3E3uLrzP+6/hTBkmBWe/JeFmyYBYBF
uIHZSRZtL9x7DrR8tiRnFFlEY4tvIKG4hBLdi/V+WDdzYuoByUiN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:19 2025 by rpki-client