Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/ed7cb2-e387-47bf-be4a-08f2263a413c/1/mNyN34cPJXATJ4ZGMmehBloZzN8.roa
File: mNyN34cPJXATJ4ZGMmehBloZzN8.roa (raw, json)
Hash identifier: /yttBn+9O/oncwtOyWfPCnCaX8cVzSO7g3kdyoZ52EY=
Subject key identifier: 98:DC:8D:DF:87:0F:25:70:13:27:86:46:32:67:A1:06:5A:19:CC:DF
Certificate issuer: /CN=ce94c31e15df4b7a60e5d40df3aac1852e8da74b
Certificate serial: 018CC348A2116D3479836543DB969689FC4D
Authority key identifier: CE:94:C3:1E:15:DF:4B:7A:60:E5:D4:0D:F3:AA:C1:85:2E:8D:A7:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpTDHhXfS3pg5dQN86rBhS6Np0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/ed7cb2-e387-47bf-be4a-08f2263a413c/1/mNyN34cPJXATJ4ZGMmehBloZzN8.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 193.178.157.0/24 maxlen: 24
193.178.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Feb 2024 10:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a2:11:6d:34:79:83:65:43:db:96:96:89:fc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce94c31e15df4b7a60e5d40df3aac1852e8da74b
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98dc8ddf870f2570132786463267a1065a19ccdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bb:7c:0b:5e:4b:52:46:d9:af:f4:e6:02:28:
23:09:35:f9:1f:66:6c:1a:66:83:8b:40:19:99:1b:
4f:99:2d:ab:30:26:f9:db:8c:e7:77:da:55:4e:dc:
ca:e1:03:47:65:fc:4d:e7:4f:54:13:10:7b:04:e3:
9e:61:61:86:6e:88:bd:79:3c:7c:86:a1:a9:a8:c3:
24:3d:eb:12:dd:93:fd:d8:61:aa:b3:40:84:b2:a6:
b4:9e:27:14:c0:09:44:7d:a5:55:56:41:e6:92:78:
59:35:45:9b:3a:13:b8:7f:cc:ec:e0:96:84:ce:9d:
03:ee:75:99:36:e3:1e:b2:71:11:04:5b:47:1b:ad:
dc:d6:0a:6a:99:20:84:47:01:27:10:03:15:84:97:
39:e7:aa:70:9f:86:5e:c7:27:8b:71:19:83:9c:79:
40:09:31:76:aa:18:bd:38:23:9e:69:7a:b6:39:b2:
ba:24:f2:99:07:28:51:8e:91:25:54:92:ba:ec:1f:
7c:a2:85:dc:28:be:ec:b2:55:2c:c4:37:a9:3d:c3:
2e:37:fb:16:f4:35:09:7a:0f:51:bc:cc:c4:25:9e:
dc:a6:dc:74:13:8b:e5:46:4e:12:b0:89:86:c5:b3:
9f:38:2f:b2:a6:48:d9:92:67:63:52:ae:c3:3f:cc:
32:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DC:8D:DF:87:0F:25:70:13:27:86:46:32:67:A1:06:5A:19:CC:DF
X509v3 Authority Key Identifier:
keyid:CE:94:C3:1E:15:DF:4B:7A:60:E5:D4:0D:F3:AA:C1:85:2E:8D:A7:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpTDHhXfS3pg5dQN86rBhS6Np0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ed7cb2-e387-47bf-be4a-08f2263a413c/1/mNyN34cPJXATJ4ZGMmehBloZzN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/ed7cb2-e387-47bf-be4a-08f2263a413c/1/zpTDHhXfS3pg5dQN86rBhS6Np0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.156.0/23
Signature Algorithm: sha256WithRSAEncryption
77:31:a2:6c:d5:45:23:29:69:54:fe:95:de:69:39:b0:fb:b6:
44:62:79:fd:33:71:a1:ac:92:7e:d6:d3:16:be:87:f8:3e:2c:
b6:a8:09:e6:0c:d1:40:95:a5:f4:85:c1:32:b1:9e:6f:07:ae:
ff:64:23:ec:46:9a:f2:a3:3d:e1:0d:83:81:7a:82:57:a1:bd:
8c:8e:30:42:96:4b:52:4a:a7:2d:4d:ba:03:be:f0:7a:80:4c:
a8:b2:73:fb:40:6b:9b:51:1c:18:ec:85:3f:be:ce:40:e9:f1:
ff:37:cb:e2:8d:7b:9d:0a:cc:65:bc:cb:d3:fe:09:49:71:58:
4b:47:14:83:8a:b2:f2:95:47:20:62:b7:4c:e0:57:b5:4b:d8:
ca:c5:67:46:b0:d2:77:de:96:ed:05:c7:81:e2:bb:9a:29:57:
62:3a:f4:e4:9e:34:f4:56:94:d8:0c:e1:da:87:ac:29:26:6b:
47:df:ff:be:1a:e1:8b:1a:bc:b2:72:22:eb:25:ed:7c:45:1b:
5f:ea:6a:f7:f6:9c:36:c8:56:2c:18:3f:95:48:4e:23:27:8c:
61:be:ae:04:23:c8:a6:67:ff:ab:4f:5c:5b:bc:9c:62:67:31:
d8:13:bc:2d:d9:9e:77:d5:cd:27:18:ea:49:2b:e5:ad:2e:bd:
85:2f:3f:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSKIRbTR5g2VD25aWifxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOTRjMzFlMTVkZjRiN2E2MGU1ZDQwZGYzYWFjMTg1MmU4
ZGE3NGIwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRjOGRkZjg3MGYyNTcwMTMyNzg2NDYzMjY3YTEwNjVhMTljY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbt8C15LUkbZr/TmAigjCTX5H2Zs
GmaDi0AZmRtPmS2rMCb524znd9pVTtzK4QNHZfxN509UExB7BOOeYWGGboi9eTx8
hqGpqMMkPesS3ZP92GGqs0CEsqa0nicUwAlEfaVVVkHmknhZNUWbOhO4f8zs4JaE
zp0D7nWZNuMesnERBFtHG63c1gpqmSCERwEnEAMVhJc556pwn4ZexyeLcRmDnHlA
CTF2qhi9OCOeaXq2ObK6JPKZByhRjpElVJK67B98ooXcKL7sslUsxDepPcMuN/sW
9DUJeg9RvMzEJZ7cptx0E4vlRk4SsImGxbOfOC+ypkjZkmdjUq7DP8wy0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjcjd+HDyVwEyeGRjJnoQZaGczfMB8GA1UdIwQY
MBaAFM6Uwx4V30t6YOXUDfOqwYUujadLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenBUREhoWGZTM3BnNWRRTjg2ckJoUzZOcDBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9lZDdjYjItZTM4Ny00N2JmLWJlNGEt
MDhmMjI2M2E0MTNjLzEvbU55TjM0Y1BKWEFUSjRaR01tZWhCbG9aek44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9lZDdjYjItZTM4Ny00N2JmLWJlNGEtMDhmMjI2M2E0MTNj
LzEvenBUREhoWGZTM3BnNWRRTjg2ckJoUzZOcDBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwbKcMA0G
CSqGSIb3DQEBCwUAA4IBAQB3MaJs1UUjKWlU/pXeaTmw+7ZEYnn9M3GhrJJ+1tMW
vof4Piy2qAnmDNFAlaX0hcEysZ5vB67/ZCPsRpryoz3hDYOBeoJXob2MjjBClktS
SqctTboDvvB6gEyosnP7QGubURwY7IU/vs5A6fH/N8vijXudCsxlvMvT/glJcVhL
RxSDirLylUcgYrdM4Fe1S9jKxWdGsNJ33pbtBceB4ruaKVdiOvTknjT0VpTYDOHa
h6wpJmtH3/++GuGLGryyciLrJe18RRtf6mr39pw2yFYsGD+VSE4jJ4xhvq4EI8im
Z/+rT1xbvJxiZzHYE7wt2Z531c0nGOpJK+WtLr2FLz/3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:17 2025 by rpki-client