Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/vXDfnyilqq5ycpZ8m9FXbWqGmU0.roa
File: vXDfnyilqq5ycpZ8m9FXbWqGmU0.roa (raw, json)
Hash identifier: uzX2/QIdG+6nsaJKvLe012Gz8QZBHxCLr4EhLW70pOk=
Subject key identifier: BD:70:DF:9F:28:A5:AA:AE:72:72:96:7C:9B:D1:57:6D:6A:86:99:4D
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 018CC348CBB8AE3629E68BDA5072608703A0
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/vXDfnyilqq5ycpZ8m9FXbWqGmU0.roa
Signing time: Mon 01 Jan 2024 04:29:37 +0000
ROA not before: Mon 01 Jan 2024 04:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 193.57.95.0/24 maxlen: 24
193.57.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:cb:b8:ae:36:29:e6:8b:da:50:72:60:87:03:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Jan 1 04:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd70df9f28a5aaae7272967c9bd1576d6a86994d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:00:9a:59:69:a6:49:20:fc:77:90:1b:16:d2:
d2:c0:33:66:23:12:82:94:ab:c2:0e:26:b8:84:37:
33:ef:02:46:08:52:18:00:9d:5a:60:ee:aa:e4:12:
d1:fb:24:2c:78:49:9b:b0:e3:16:d8:83:21:01:8d:
a7:d1:ab:25:91:38:00:9d:3f:53:a6:b3:02:56:96:
33:51:ca:37:3e:af:8f:21:a8:94:d6:e3:87:58:cb:
bc:2e:9e:b4:f7:f0:8b:81:ac:bd:ea:19:58:47:5a:
52:db:a5:05:5c:33:77:bf:4e:be:b4:68:fa:4a:25:
19:f1:7c:ee:7b:50:7c:3e:99:4e:c6:a3:58:29:7f:
d8:3a:03:1d:09:07:bf:26:68:20:f5:7b:9f:c5:bc:
f0:c9:ce:7e:b5:9f:52:8f:5f:e0:95:64:c9:16:78:
d6:ea:42:d1:d5:96:28:e6:b6:9a:1a:74:7b:43:03:
57:f0:7b:0f:df:03:76:58:c4:73:25:3d:1f:9c:fa:
76:f9:57:e3:d4:91:3b:53:f0:3e:0d:f4:e3:b3:c4:
75:7f:55:80:f6:3e:ad:52:00:54:75:69:95:ea:6e:
2e:38:7b:88:d8:66:6d:3f:c0:5f:53:82:0a:9c:78:
ea:6e:ee:d6:dd:6f:cc:5f:4a:6e:ac:05:0d:f2:02:
90:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:70:DF:9F:28:A5:AA:AE:72:72:96:7C:9B:D1:57:6D:6A:86:99:4D
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/vXDfnyilqq5ycpZ8m9FXbWqGmU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.94.0/23
Signature Algorithm: sha256WithRSAEncryption
44:2c:6b:76:05:b7:bd:bd:6e:e9:f5:bb:6a:51:c5:36:c6:e4:
b5:cb:fc:29:86:56:51:d3:ed:3c:6c:8a:9d:e2:90:ba:40:78:
e4:64:c4:a5:bf:74:7e:8c:40:d7:e7:3f:31:c0:9a:27:89:de:
2f:95:e9:c8:d5:cc:03:01:00:55:42:11:d9:1c:6b:ec:cd:fe:
2f:d2:89:6d:86:0e:ee:13:b9:d3:50:4c:ac:85:1c:48:84:17:
72:2b:38:4d:1d:6d:7c:b2:ca:aa:28:b7:c7:17:49:9c:79:64:
75:f2:7f:11:5a:3c:8e:05:ce:bb:e5:e9:b5:43:3d:47:d4:ac:
a2:2b:63:bd:b1:b8:44:91:4c:63:90:d8:af:43:44:2c:b6:43:
1d:48:56:4e:ca:04:16:9f:1d:83:e2:ab:49:14:41:c7:dd:e0:
eb:f6:9b:ac:f8:63:36:28:a8:a0:bb:84:36:cd:b8:1c:ec:f4:
f9:d7:ca:e9:72:1c:a0:5b:27:fd:a0:23:80:3c:f0:cd:f6:ad:
c1:3b:51:52:9c:71:f0:83:e7:e7:2e:41:b4:15:b2:e7:11:6a:
1c:a4:98:bc:4a:1c:f8:d0:f3:89:05:49:a4:0d:4c:0e:1b:e4:
4f:13:47:37:02:58:33:e5:b7:9a:a6:b9:bb:d3:c5:c8:74:cf:
7a:5c:e3:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSMu4rjYp5ovaUHJghwOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZjIxMGYxMjk5YTFlMGFlZTcxZGMxZDc5ZTVmYjEyMDky
ZDMwYTkwHhcNMjQwMTAxMDQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDcwZGY5ZjI4YTVhYWFlNzI3Mjk2N2M5YmQxNTc2ZDZhODY5OTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwCaWWmmSSD8d5AbFtLSwDNmIxKC
lKvCDia4hDcz7wJGCFIYAJ1aYO6q5BLR+yQseEmbsOMW2IMhAY2n0aslkTgAnT9T
prMCVpYzUco3Pq+PIaiU1uOHWMu8Lp609/CLgay96hlYR1pS26UFXDN3v06+tGj6
SiUZ8Xzue1B8PplOxqNYKX/YOgMdCQe/Jmgg9Xufxbzwyc5+tZ9Sj1/glWTJFnjW
6kLR1ZYo5raaGnR7QwNX8HsP3wN2WMRzJT0fnPp2+Vfj1JE7U/A+DfTjs8R1f1WA
9j6tUgBUdWmV6m4uOHuI2GZtP8BfU4IKnHjqbu7W3W/MX0purAUN8gKQPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1w358opaqucnKWfJvRV21qhplNMB8GA1UdIwQY
MBaAFHPyEPEpmh4K7nHcHXnl+xIJLTCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDkt
Yjk0NjQ3MThiYTM3LzEvdlhEZm55aWxxcTV5Y3BaOG05RlhiV3FHbVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kYjFiNDgtMWNjNS00ODMzLTkzZDktYjk0NjQ3MThiYTM3
LzEvY19JUThTbWFIZ3J1Y2R3ZGVlWDdFZ2t0TUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwTleMA0G
CSqGSIb3DQEBCwUAA4IBAQBELGt2Bbe9vW7p9btqUcU2xuS1y/wphlZR0+08bIqd
4pC6QHjkZMSlv3R+jEDX5z8xwJonid4vlenI1cwDAQBVQhHZHGvszf4v0olthg7u
E7nTUEyshRxIhBdyKzhNHW18ssqqKLfHF0mceWR18n8RWjyOBc675em1Qz1H1Kyi
K2O9sbhEkUxjkNivQ0QstkMdSFZOygQWnx2D4qtJFEHH3eDr9pus+GM2KKigu4Q2
zbgc7PT518rpchygWyf9oCOAPPDN9q3BO1FSnHHwg+fnLkG0FbLnEWocpJi8Shz4
0POJBUmkDUwOG+RPE0c3Algz5beaprm708XIdM96XOMA
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:42:04 2025 by rpki-client