Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/w5agbdXeHGS7hzgFTzXxQWEdEG0.roa
File: w5agbdXeHGS7hzgFTzXxQWEdEG0.roa (raw, json)
Hash identifier: rPXofOrDZWz5+9qO9x15ELKQOpWJtio1oOmqn3V4e34=
Subject key identifier: C3:96:A0:6D:D5:DE:1C:64:BB:87:38:05:4F:35:F1:41:61:1D:10:6D
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 0192473500A87425A0E74CDD35A0CD820C92
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/w5agbdXeHGS7hzgFTzXxQWEdEG0.roa
Signing time: Tue 01 Oct 2024 08:31:48 +0000
ROA not before: Tue 01 Oct 2024 08:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 193.102.32.0/22 maxlen: 22
193.102.32.0/24 maxlen: 24
193.102.33.0/24 maxlen: 24
193.102.34.0/24 maxlen: 24
193.102.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:35:00:a8:74:25:a0:e7:4c:dd:35:a0:cd:82:0c:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Oct 1 08:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c396a06dd5de1c64bb8738054f35f141611d106d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:94:68:a9:fb:f9:fe:1a:74:3e:39:4e:57:24:
f4:01:86:ee:03:87:0f:df:22:2d:24:ee:8a:b8:44:
74:16:51:c3:ca:a7:c2:bf:f8:f4:16:3b:b3:10:19:
16:75:ab:f9:fe:32:3b:a4:3f:51:38:f1:0f:90:4a:
a2:c6:14:f7:d6:4f:02:5d:40:71:b1:15:18:11:ab:
e5:66:33:d9:d2:78:ea:77:86:48:bc:c2:ee:36:a3:
31:4f:53:e9:f7:50:51:ad:1a:8c:25:b6:44:86:43:
b9:3c:0b:35:79:f5:fd:cd:1a:77:a9:34:b2:d5:f3:
e2:b6:a7:d6:54:b4:31:e1:8e:14:69:07:1f:5c:29:
7f:b9:ac:f7:db:97:82:6e:8e:5e:d3:22:2c:5b:ca:
28:c5:31:9a:01:63:67:b4:c3:5e:46:b6:0b:1d:09:
3f:42:4c:20:4e:56:57:87:c7:10:14:ce:db:1b:ab:
6e:e1:ae:93:1a:1f:eb:65:af:c8:69:14:58:fd:d7:
a0:83:9a:6f:d8:15:37:69:0c:c6:de:cd:c8:43:63:
4c:5c:68:07:0a:55:b9:39:6d:5b:ec:1b:6b:2c:68:
1b:75:ac:0b:0a:5b:31:2c:20:5a:53:74:39:94:46:
8c:b3:d8:f7:94:12:76:d7:7d:7a:c2:90:fb:58:9e:
91:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:96:A0:6D:D5:DE:1C:64:BB:87:38:05:4F:35:F1:41:61:1D:10:6D
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/w5agbdXeHGS7hzgFTzXxQWEdEG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.102.32.0/22
Signature Algorithm: sha256WithRSAEncryption
63:1a:e2:96:52:83:a4:e8:59:a7:65:79:fb:6b:18:6f:32:e3:
d9:05:27:16:f7:14:c5:cf:74:0a:c9:e1:7d:2f:6e:8a:ff:59:
6c:1b:a5:41:b5:85:84:3f:17:d7:5d:82:ce:95:05:ba:e0:2c:
65:62:91:4c:90:e5:1b:a1:19:16:33:25:28:7a:7c:8e:61:4d:
81:ff:8c:b0:57:d3:26:5c:d0:31:89:38:7b:87:27:ca:65:23:
63:b4:6a:5c:29:0f:1d:68:2a:3c:68:ed:46:1b:44:8a:d6:d6:
c6:ff:37:8c:9a:04:42:76:a4:83:7a:f2:d6:b6:c4:85:a9:d0:
fb:a0:a0:92:68:62:71:b8:4a:9c:bb:45:44:69:e9:93:b9:e7:
e4:f1:9a:5c:2b:e8:30:c1:5b:5f:67:8f:ac:cc:59:8f:b5:19:
02:8e:bd:05:1c:dc:aa:a6:d0:a1:16:11:f6:c2:f1:9a:39:6a:
6a:9f:5d:47:0b:62:6a:ce:ef:aa:55:c4:4b:a4:59:6d:47:89:
a7:df:c2:ea:ad:7f:f6:13:68:c5:2a:7e:e6:a2:11:2f:c0:9b:
3b:57:d4:3c:24:bb:ff:8e:1e:91:1c:b5:fa:78:60:8e:4c:57:
3d:1a:47:e5:32:d0:39:1f:8d:d0:52:31:4f:cf:d5:7a:e6:10:
98:ac:01:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJHNQCodCWg50zdNaDNggySMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjQxMDAxMDgzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzk2YTA2ZGQ1ZGUxYzY0YmI4NzM4MDU0ZjM1ZjE0MTYxMWQxMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJRoqfv5/hp0PjlOVyT0AYbuA4cP
3yItJO6KuER0FlHDyqfCv/j0FjuzEBkWdav5/jI7pD9ROPEPkEqixhT31k8CXUBx
sRUYEavlZjPZ0njqd4ZIvMLuNqMxT1Pp91BRrRqMJbZEhkO5PAs1efX9zRp3qTSy
1fPitqfWVLQx4Y4UaQcfXCl/uaz325eCbo5e0yIsW8ooxTGaAWNntMNeRrYLHQk/
QkwgTlZXh8cQFM7bG6tu4a6TGh/rZa/IaRRY/degg5pv2BU3aQzG3s3IQ2NMXGgH
ClW5OW1b7BtrLGgbdawLClsxLCBaU3Q5lEaMs9j3lBJ21316wpD7WJ6RhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMOWoG3V3hxku4c4BU818UFhHRBtMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvdzVhZ2JkWGVIR1M3aHpnRlR6WHhRV0VkRUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWYgMA0G
CSqGSIb3DQEBCwUAA4IBAQBjGuKWUoOk6FmnZXn7axhvMuPZBScW9xTFz3QKyeF9
L26K/1lsG6VBtYWEPxfXXYLOlQW64CxlYpFMkOUboRkWMyUoenyOYU2B/4ywV9Mm
XNAxiTh7hyfKZSNjtGpcKQ8daCo8aO1GG0SK1tbG/zeMmgRCdqSDevLWtsSFqdD7
oKCSaGJxuEqcu0VEaemTuefk8ZpcK+gwwVtfZ4+szFmPtRkCjr0FHNyqptChFhH2
wvGaOWpqn11HC2Jqzu+qVcRLpFltR4mn38LqrX/2E2jFKn7mohEvwJs7V9Q8JLv/
jh6RHLX6eGCOTFc9GkflMtA5H43QUjFPz9V65hCYrAGI
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:50 2025 by rpki-client