Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f31be0-10e0-40ed-a6d7-41ecdc7a36f4/1/1-gxDH3wfbmmSIH_KAIPZ0xTKIKM.roa
File: 1-gxDH3wfbmmSIH_KAIPZ0xTKIKM.roa (raw, json)
Hash identifier: EXyxc9apCz26jZVGNY/TqY+IPi2myJqzbyKe475gHN0=
Subject key identifier: FA:0C:43:1F:7C:1F:6E:69:92:20:7F:CA:00:83:D9:D3:14:CA:20:A3
Certificate issuer: /CN=da52c38f0c7febae135d5dddd948cf26becef3bc
Certificate serial: 018CC72598962F48B3A4EF3F5C71B4C5E00B
Authority key identifier: DA:52:C3:8F:0C:7F:EB:AE:13:5D:5D:DD:D9:48:CF:26:BE:CE:F3:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lLDjwx_664TXV3d2UjPJr7O87w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f31be0-10e0-40ed-a6d7-41ecdc7a36f4/1/1-gxDH3wfbmmSIH_KAIPZ0xTKIKM.roa
Signing time: Mon 01 Jan 2024 22:29:38 +0000
ROA not before: Mon 01 Jan 2024 22:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24879
IP address blocks: 193.111.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:98:96:2f:48:b3:a4:ef:3f:5c:71:b4:c5:e0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da52c38f0c7febae135d5dddd948cf26becef3bc
Validity
Not Before: Jan 1 22:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa0c431f7c1f6e6992207fca0083d9d314ca20a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b5:0b:01:e4:59:70:2b:a8:81:67:04:83:26:
90:12:c9:74:10:0a:28:d7:ee:b6:a4:04:1b:c2:01:
75:8c:56:d6:f6:c9:4f:0b:a8:e7:51:6b:b5:cc:c1:
ae:f2:45:07:97:01:95:a9:e2:33:a5:7c:61:45:ad:
b9:7a:96:59:ba:ef:39:e9:71:fd:68:6c:11:9b:a9:
42:e3:07:52:4d:b7:49:26:95:04:15:a0:b7:a9:92:
4d:38:65:88:c8:10:54:98:8f:d8:14:79:2f:c5:75:
d6:1f:18:ed:3a:2c:39:b6:f8:c3:c5:c9:c0:42:d6:
43:cb:f1:1e:d1:82:3d:a7:d2:25:2a:65:4e:77:17:
5b:87:6a:1b:1e:f8:39:ec:3b:9a:bd:76:99:28:22:
50:45:85:d8:32:72:3a:75:cc:7f:ae:6f:fd:b3:06:
d3:e8:d3:9f:c7:0f:9c:7c:ae:0b:2f:45:3b:eb:20:
7a:1d:42:2f:79:d5:e7:1b:63:d3:3f:88:d2:e9:35:
c0:a2:b7:b6:0a:79:fd:02:c7:16:77:16:ce:e5:2a:
fd:54:60:a5:4c:1f:32:7f:16:d0:03:b9:c1:77:5d:
5d:fe:44:57:d7:ce:5c:eb:1e:74:ab:99:3f:29:ba:
a6:50:07:45:e9:7a:34:f0:11:68:96:1e:81:f1:31:
16:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0C:43:1F:7C:1F:6E:69:92:20:7F:CA:00:83:D9:D3:14:CA:20:A3
X509v3 Authority Key Identifier:
keyid:DA:52:C3:8F:0C:7F:EB:AE:13:5D:5D:DD:D9:48:CF:26:BE:CE:F3:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lLDjwx_664TXV3d2UjPJr7O87w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f31be0-10e0-40ed-a6d7-41ecdc7a36f4/1/1-gxDH3wfbmmSIH_KAIPZ0xTKIKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f31be0-10e0-40ed-a6d7-41ecdc7a36f4/1/2lLDjwx_664TXV3d2UjPJr7O87w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.166.0/24
Signature Algorithm: sha256WithRSAEncryption
13:9d:99:be:ae:ee:0f:ae:16:c7:8b:a3:24:35:f0:bb:5e:02:
a5:4f:09:42:0d:4c:15:0d:7d:af:37:d1:8b:43:e3:9b:a7:a1:
fa:8d:f0:92:67:fd:c6:ef:a3:74:ad:93:4e:ba:da:f2:34:28:
a7:dd:16:b8:7d:38:4f:c7:d8:ab:fc:20:5c:9d:27:f1:a8:d4:
d7:9a:53:f4:c0:93:6b:a2:4e:ed:ca:80:8d:d2:2d:4b:ae:c3:
51:5f:5a:b1:e1:ef:24:19:7a:f4:7e:b1:84:15:eb:a2:09:85:
d3:56:ac:b6:79:22:2a:8b:b1:b4:70:3b:c1:dd:1a:01:f5:d3:
26:c5:11:00:1f:4d:6d:37:68:a6:0b:1a:80:42:bc:bb:f6:23:
2f:7e:95:2b:4e:7e:85:db:5c:79:a1:9d:de:1f:37:3f:83:82:
d2:23:aa:a6:38:a9:57:67:7b:2f:c5:3a:1a:f0:e1:35:5d:dd:
ef:47:95:b5:ba:3e:0f:12:0e:24:3f:96:d0:5c:55:52:ac:d8:
b0:d9:23:b9:ea:94:7f:9f:c5:25:63:b1:e1:32:3a:bb:d8:6a:
5b:e5:f2:ae:a1:a0:d1:48:de:8a:cd:11:00:45:5a:8c:0e:03:
92:f3:5e:c0:93:ed:7d:de:b4:10:58:ea:e3:44:ec:84:09:83:
24:de:c0:66
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJZiWL0izpO8/XHG0xeALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTJjMzhmMGM3ZmViYWUxMzVkNWRkZGQ5NDhjZjI2YmVj
ZWYzYmMwHhcNMjQwMTAxMjIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBjNDMxZjdjMWY2ZTY5OTIyMDdmY2EwMDgzZDlkMzE0Y2EyMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLULAeRZcCuogWcEgyaQEsl0EAoo
1+62pAQbwgF1jFbW9slPC6jnUWu1zMGu8kUHlwGVqeIzpXxhRa25epZZuu856XH9
aGwRm6lC4wdSTbdJJpUEFaC3qZJNOGWIyBBUmI/YFHkvxXXWHxjtOiw5tvjDxcnA
QtZDy/Ee0YI9p9IlKmVOdxdbh2obHvg57DuavXaZKCJQRYXYMnI6dcx/rm/9swbT
6NOfxw+cfK4LL0U76yB6HUIvedXnG2PTP4jS6TXAore2Cnn9AscWdxbO5Sr9VGCl
TB8yfxbQA7nBd11d/kRX185c6x50q5k/KbqmUAdF6Xo08BFolh6B8TEWwQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoMQx98H25pkiB/ygCD2dMUyiCjMB8GA1UdIwQY
MBaAFNpSw48Mf+uuE11d3dlIzya+zvO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxMRGp3eF82NjRUWFYzZDJValBKcjdPODd3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mMzFiZTAtMTBlMC00MGVkLWE2ZDct
NDFlY2RjN2EzNmY0LzEvMS1neERIM3dmYm1tU0lIX0tBSVBaMHhUS0lLTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmUvZjMxYmUwLTEwZTAtNDBlZC1hNmQ3LTQxZWNkYzdhMzZm
NC8xLzJsTERqd3hfNjY0VFhWM2QyVWpQSnI3Tzg3dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFvpjAN
BgkqhkiG9w0BAQsFAAOCAQEAE52Zvq7uD64Wx4ujJDXwu14CpU8JQg1MFQ19rzfR
i0Pjm6eh+o3wkmf9xu+jdK2TTrra8jQop90WuH04T8fYq/wgXJ0n8ajU15pT9MCT
a6JO7cqAjdItS67DUV9aseHvJBl69H6xhBXrogmF01astnkiKouxtHA7wd0aAfXT
JsURAB9NbTdopgsagEK8u/YjL36VK05+hdtceaGd3h83P4OC0iOqpjipV2d7L8U6
GvDhNV3d70eVtbo+DxIOJD+W0FxVUqzYsNkjueqUf5/FJWOx4TI6u9hqW+XyrqGg
0Ujeis0RAEVajA4DkvNewJPtfd60EFjq40TshAmDJN7AZg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:20 2025 by rpki-client