Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/KKsvhcs-zpAaIVbuLsDB9buPhHg.roa
File: KKsvhcs-zpAaIVbuLsDB9buPhHg.roa (raw, json)
Hash identifier: ViLEB0FyX9/7Gp6UE3ZNLVwWGU2Aca0lb80v4ZVJPRM=
Subject key identifier: 28:AB:2F:85:CB:3E:CE:90:1A:21:56:EE:2E:C0:C1:F5:BB:8F:84:78
Certificate issuer: /CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Certificate serial: 01945C637C835BCB53E4FE7427BE57E5D76F
Authority key identifier: D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/KKsvhcs-zpAaIVbuLsDB9buPhHg.roa
Signing time: Sun 12 Jan 2025 21:20:11 +0000
ROA not before: Sun 12 Jan 2025 21:20:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.104.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 18:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5c:63:7c:83:5b:cb:53:e4:fe:74:27:be:57:e5:d7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1ca67610286ab738f86ce935fdf5ed620f02d96
Validity
Not Before: Jan 12 21:20:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28ab2f85cb3ece901a2156ee2ec0c1f5bb8f8478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:87:f2:ee:72:0e:3b:03:16:30:c0:3b:0f:69:
49:ec:6c:50:20:75:39:2e:c4:86:fb:cc:43:a0:a6:
3e:88:2a:8d:ed:5a:1d:dd:95:68:a3:70:f0:9f:fb:
2c:75:14:86:81:05:55:20:79:7e:1b:f3:b7:b6:c8:
a6:91:73:16:60:04:3a:84:d7:fa:4f:8a:bd:79:d3:
43:eb:4f:41:ef:a5:cf:23:87:56:ed:27:0e:a2:6b:
74:6d:b4:9a:30:ae:b8:e3:d4:94:d7:f6:b8:14:6a:
01:5f:8d:6b:31:98:80:93:f5:d4:24:38:8c:76:10:
1d:06:07:d8:10:54:be:19:17:8e:b6:d2:2f:54:98:
c6:2c:00:40:6a:fa:40:9c:49:ff:45:39:b5:7b:7e:
b9:ac:07:b5:74:5d:4e:c9:88:26:db:38:5d:51:ef:
cc:42:3d:92:9b:69:01:42:ab:42:2f:d3:32:5d:83:
f7:eb:d6:b2:fb:23:9c:f4:14:c8:39:6b:c3:ff:35:
83:95:34:ae:56:d2:a7:a1:db:b5:e8:a6:49:dd:7c:
2d:a5:df:89:e2:32:08:d4:44:3e:9b:c8:44:86:fa:
f7:93:7d:a9:61:ac:32:d4:93:39:82:c8:d3:7e:fa:
2b:91:c2:bf:42:c8:2c:52:7b:1a:90:f2:0a:c7:8f:
7e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:AB:2F:85:CB:3E:CE:90:1A:21:56:EE:2E:C0:C1:F5:BB:8F:84:78
X509v3 Authority Key Identifier:
keyid:D1:CA:67:61:02:86:AB:73:8F:86:CE:93:5F:DF:5E:D6:20:F0:2D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cpnYQKGq3OPhs6TX99e1iDwLZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/KKsvhcs-zpAaIVbuLsDB9buPhHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7a1a62-e481-4a14-ad6e-35bff96da4c5/1/0cpnYQKGq3OPhs6TX99e1iDwLZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.33.0/24
Signature Algorithm: sha256WithRSAEncryption
57:3f:5a:0c:01:b8:c7:b3:c2:fc:50:1d:aa:80:3e:e9:07:74:
e9:3e:bc:54:a0:5b:bc:92:5c:67:67:3e:7f:76:08:43:f9:5f:
64:e5:cc:c6:6d:3c:85:95:97:46:7e:67:4f:4e:bd:cb:83:a6:
91:86:a9:26:a5:6e:2b:f2:8f:a4:2e:2e:74:fd:22:62:a7:88:
87:18:86:90:d2:44:74:d5:29:34:22:88:f2:ca:a2:22:56:4d:
fd:50:f8:a1:64:bb:48:64:ca:9c:83:59:42:2c:f1:7e:cd:13:
30:b2:6d:77:12:07:4c:4c:0e:f2:10:9c:ae:08:4d:c3:a5:25:
86:48:07:31:15:56:7f:a2:3f:67:22:43:0d:35:9f:d0:79:ab:
97:b2:9b:4b:71:3f:35:f4:b9:41:cc:0d:40:d1:f5:57:b8:60:
dd:1b:fc:ef:ea:d2:67:bb:d4:46:dc:ba:44:79:47:9d:37:55:
c1:f0:86:ad:98:c2:9b:c1:c4:f0:f6:c6:4a:5d:1c:f6:d1:33:
f1:3f:d0:c6:78:13:c4:79:f4:1d:40:f8:a7:8d:e3:8d:f5:8f:
10:52:a4:df:a9:c5:24:4a:d3:57:34:59:e8:26:94:83:a0:14:
d6:d2:71:c7:7c:6d:73:b8:a4:f6:a3:40:6d:cb:ab:d0:0c:0c:
9a:f5:73:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRcY3yDW8tT5P50J75X5ddvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxY2E2NzYxMDI4NmFiNzM4Zjg2Y2U5MzVmZGY1ZWQ2MjBm
MDJkOTYwHhcNMjUwMTEyMjEyMDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGFiMmY4NWNiM2VjZTkwMWEyMTU2ZWUyZWMwYzFmNWJiOGY4NDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIfy7nIOOwMWMMA7D2lJ7GxQIHU5
LsSG+8xDoKY+iCqN7Vod3ZVoo3Dwn/ssdRSGgQVVIHl+G/O3tsimkXMWYAQ6hNf6
T4q9edND609B76XPI4dW7ScOomt0bbSaMK6449SU1/a4FGoBX41rMZiAk/XUJDiM
dhAdBgfYEFS+GReOttIvVJjGLABAavpAnEn/RTm1e365rAe1dF1OyYgm2zhdUe/M
Qj2Sm2kBQqtCL9MyXYP369ay+yOc9BTIOWvD/zWDlTSuVtKnodu16KZJ3Xwtpd+J
4jII1EQ+m8hEhvr3k32pYawy1JM5gsjTfvorkcK/QsgsUnsakPIKx49+UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCirL4XLPs6QGiFW7i7AwfW7j4R4MB8GA1UdIwQY
MBaAFNHKZ2EChqtzj4bOk1/fXtYg8C2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUt
MzViZmY5NmRhNGM1LzEvS0tzdmhjcy16cEFhSVZidUxzREI5YnVQaEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83YTFhNjItZTQ4MS00YTE0LWFkNmUtMzViZmY5NmRhNGM1
LzEvMGNwbllRS0dxM09QaHM2VFg5OWUxaUR3TFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWghMA0G
CSqGSIb3DQEBCwUAA4IBAQBXP1oMAbjHs8L8UB2qgD7pB3TpPrxUoFu8klxnZz5/
dghD+V9k5czGbTyFlZdGfmdPTr3Lg6aRhqkmpW4r8o+kLi50/SJip4iHGIaQ0kR0
1Sk0IojyyqIiVk39UPihZLtIZMqcg1lCLPF+zRMwsm13EgdMTA7yEJyuCE3DpSWG
SAcxFVZ/oj9nIkMNNZ/QeauXsptLcT819LlBzA1A0fVXuGDdG/zv6tJnu9RG3LpE
eUedN1XB8IatmMKbwcTw9sZKXRz20TPxP9DGeBPEefQdQPinjeON9Y8QUqTfqcUk
StNXNFnoJpSDoBTW0nHHfG1zuKT2o0Bty6vQDAya9XNi
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:57:32 2025 by rpki-client