Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/cae91b-9e0e-4d5c-afc4-55118f8bd5f2/1/kCyQt7Whal9jpczYqZEgp_6R7I8.roa
File: kCyQt7Whal9jpczYqZEgp_6R7I8.roa (raw, json)
Hash identifier: n1a/gr72TAJYtCLagxMczcE5bhfp27aRgchPH5Xb118=
Subject key identifier: 90:2C:90:B7:B5:A1:6A:5F:63:A5:CC:D8:A9:91:20:A7:FE:91:EC:8F
Certificate issuer: /CN=e96a769beca3b1932955158135596365c43c83b1
Certificate serial: 018CC3B7051FB0B603A12BEEA7BA4B44AB8D
Authority key identifier: E9:6A:76:9B:EC:A3:B1:93:29:55:15:81:35:59:63:65:C4:3C:83:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Wp2m-yjsZMpVRWBNVljZcQ8g7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/cae91b-9e0e-4d5c-afc4-55118f8bd5f2/1/kCyQt7Whal9jpczYqZEgp_6R7I8.roa
Signing time: Mon 01 Jan 2024 06:30:00 +0000
ROA not before: Mon 01 Jan 2024 06:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211701
IP address blocks: 193.169.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:05:1f:b0:b6:03:a1:2b:ee:a7:ba:4b:44:ab:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e96a769beca3b1932955158135596365c43c83b1
Validity
Not Before: Jan 1 06:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=902c90b7b5a16a5f63a5ccd8a99120a7fe91ec8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b5:18:c1:fe:ac:5a:77:2f:00:1f:7e:37:d3:
9c:79:fc:1c:c5:ee:8c:a2:2f:5f:90:f1:b7:23:6a:
96:45:c7:a4:39:95:e7:30:e3:f0:6f:67:ad:72:8f:
9a:63:4b:3d:8b:73:d2:8e:6e:c5:49:0f:69:d9:6c:
5c:58:fa:58:d8:c3:e1:1a:c7:4a:d2:13:ac:ff:5b:
dd:5f:3a:3e:39:6a:56:8d:a5:43:76:e4:22:d1:21:
b6:65:c4:2a:05:f9:0a:6f:72:3f:e1:93:5f:26:c7:
f9:d3:dd:d5:95:a9:e1:81:14:40:1a:5b:23:a1:35:
a8:6d:2d:7b:82:1b:b4:a7:0a:63:f9:bd:01:19:d1:
78:18:d0:24:d3:da:f7:0d:7a:dc:81:da:f4:9e:6e:
b4:f1:23:5e:ef:2d:cc:57:76:78:6b:60:fa:4c:a6:
b3:cd:71:3d:98:4c:5c:23:16:65:73:ca:2e:7f:ac:
db:7b:67:b2:94:31:f7:f1:ec:35:d9:96:2d:4d:28:
b6:4d:70:cc:39:cb:ff:fa:e7:fc:11:e6:8f:46:84:
38:fd:28:67:53:2b:9e:c8:d8:84:18:44:26:c6:3e:
f6:30:d5:2e:17:4c:f9:a5:cf:59:f7:a5:21:25:9a:
4d:6d:28:91:ee:af:1f:94:97:fc:3d:7e:0d:69:26:
48:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:2C:90:B7:B5:A1:6A:5F:63:A5:CC:D8:A9:91:20:A7:FE:91:EC:8F
X509v3 Authority Key Identifier:
keyid:E9:6A:76:9B:EC:A3:B1:93:29:55:15:81:35:59:63:65:C4:3C:83:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Wp2m-yjsZMpVRWBNVljZcQ8g7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/cae91b-9e0e-4d5c-afc4-55118f8bd5f2/1/kCyQt7Whal9jpczYqZEgp_6R7I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/cae91b-9e0e-4d5c-afc4-55118f8bd5f2/1/6Wp2m-yjsZMpVRWBNVljZcQ8g7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.136.0/24
Signature Algorithm: sha256WithRSAEncryption
88:60:b8:66:74:c6:bc:57:bf:8c:77:57:07:b1:f5:e1:45:e1:
43:e6:ee:20:ce:0f:2e:2b:01:16:d3:83:c3:0f:33:e1:2d:a2:
ee:71:fc:94:f7:a7:28:3c:f3:ef:79:0e:69:4e:f5:09:05:52:
31:02:ca:ab:b8:3d:96:2c:78:45:dc:ae:86:e6:da:75:31:90:
7f:ff:23:e2:e5:c7:97:84:be:3d:c1:c0:c1:25:6b:bf:dd:8e:
4a:23:a6:97:02:73:69:a8:59:65:1b:70:f8:4c:cb:9b:a9:f6:
67:e2:2c:20:7f:82:33:fd:3b:55:99:8a:20:ed:bc:0a:dd:07:
22:e4:09:3c:4e:74:fa:64:17:36:9d:3f:4b:fd:c1:df:d1:d5:
d1:49:f3:e5:9d:5d:9a:65:c4:7f:a7:2c:a1:b7:9d:77:84:68:
69:0e:da:f1:88:aa:b2:5c:b6:f5:48:11:d8:49:1f:ce:78:fe:
cb:54:0e:b9:94:c0:d9:13:42:91:4e:bd:6c:43:d3:53:16:8c:
b6:09:8a:5b:58:d4:91:a5:71:6a:dc:94:2d:c4:3b:52:3f:ee:
5e:9c:9a:16:b2:f2:50:02:47:99:a3:d6:0a:9a:09:1e:78:f0:
68:2b:fc:61:97:56:f2:e3:e6:d3:c5:7b:59:4c:54:75:e1:d7:
31:79:cb:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtwUfsLYDoSvup7pLRKuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NmE3NjliZWNhM2IxOTMyOTU1MTU4MTM1NTk2MzY1YzQz
YzgzYjEwHhcNMjQwMTAxMDYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDJjOTBiN2I1YTE2YTVmNjNhNWNjZDhhOTkxMjBhN2ZlOTFlYzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7UYwf6sWncvAB9+N9Ocefwcxe6M
oi9fkPG3I2qWRcekOZXnMOPwb2etco+aY0s9i3PSjm7FSQ9p2WxcWPpY2MPhGsdK
0hOs/1vdXzo+OWpWjaVDduQi0SG2ZcQqBfkKb3I/4ZNfJsf5093VlanhgRRAGlsj
oTWobS17ghu0pwpj+b0BGdF4GNAk09r3DXrcgdr0nm608SNe7y3MV3Z4a2D6TKaz
zXE9mExcIxZlc8ouf6zbe2eylDH38ew12ZYtTSi2TXDMOcv/+uf8EeaPRoQ4/Shn
UyueyNiEGEQmxj72MNUuF0z5pc9Z96UhJZpNbSiR7q8flJf8PX4NaSZI7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJAskLe1oWpfY6XM2KmRIKf+keyPMB8GA1UdIwQY
MBaAFOlqdpvso7GTKVUVgTVZY2XEPIOxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNldwMm0teWpzWk1wVlJXQk5WbGpaY1E4ZzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jYWU5MWItOWUwZS00ZDVjLWFmYzQt
NTUxMThmOGJkNWYyLzEva0N5UXQ3V2hhbDlqcGN6WXFaRWdwXzZSN0k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jYWU5MWItOWUwZS00ZDVjLWFmYzQtNTUxMThmOGJkNWYy
LzEvNldwMm0teWpzWk1wVlJXQk5WbGpaY1E4ZzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwamIMA0G
CSqGSIb3DQEBCwUAA4IBAQCIYLhmdMa8V7+Md1cHsfXhReFD5u4gzg8uKwEW04PD
DzPhLaLucfyU96coPPPveQ5pTvUJBVIxAsqruD2WLHhF3K6G5tp1MZB//yPi5ceX
hL49wcDBJWu/3Y5KI6aXAnNpqFllG3D4TMubqfZn4iwgf4Iz/TtVmYog7bwK3Qci
5Ak8TnT6ZBc2nT9L/cHf0dXRSfPlnV2aZcR/pyyht513hGhpDtrxiKqyXLb1SBHY
SR/OeP7LVA65lMDZE0KRTr1sQ9NTFoy2CYpbWNSRpXFq3JQtxDtSP+5enJoWsvJQ
AkeZo9YKmgkeePBoK/xhl1by4+bTxXtZTFR14dcxectE
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:42:06 2025 by rpki-client