Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/9K3pwy3cmW50uYEUGLyxI49Fq30.roa
File: 9K3pwy3cmW50uYEUGLyxI49Fq30.roa (raw, json)
Hash identifier: Jou0pXDiaekjQh4aamugTMK29O9svAZjD4ibu3k6aUk=
Subject key identifier: F4:AD:E9:C3:2D:DC:99:6E:74:B9:81:14:18:BC:B1:23:8F:45:AB:7D
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 018CC9BBB487A6C4F6E7468B6D6EF1355E57
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/9K3pwy3cmW50uYEUGLyxI49Fq30.roa
Signing time: Tue 02 Jan 2024 10:32:51 +0000
ROA not before: Tue 02 Jan 2024 10:32:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48920
IP address blocks: 193.23.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:b4:87:a6:c4:f6:e7:46:8b:6d:6e:f1:35:5e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 10:32:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4ade9c32ddc996e74b9811418bcb1238f45ab7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:84:67:e5:30:7d:b5:75:27:bd:7f:39:a3:df:
ed:f2:4b:09:a7:86:76:2f:10:6d:71:aa:82:c7:89:
86:12:93:bf:4e:e8:0a:cb:d8:ab:6b:0e:ac:59:da:
1e:e1:dc:a4:96:03:2a:c9:c7:58:7e:f6:ff:2d:f4:
17:f4:1e:93:e2:2e:55:e0:b6:3a:b9:11:f8:5a:1a:
9d:0a:f0:0d:92:b4:2c:c7:53:9d:ed:ab:58:13:12:
ed:16:14:29:f3:ba:ba:4b:1c:07:7c:5b:c9:06:78:
02:04:57:78:24:c2:ed:60:a6:36:29:2c:fd:af:c9:
f7:cf:fd:52:4e:c6:7d:2e:00:b6:8d:01:13:df:f4:
99:fa:e1:c0:3f:6d:83:03:f0:8b:1f:be:c0:fa:e9:
67:63:f1:30:9d:ec:e7:49:40:37:44:20:25:be:6f:
89:3e:4c:d2:f5:d8:ac:12:ac:9e:9a:92:00:a4:39:
98:c8:44:03:0f:6b:f3:ed:c9:84:e0:e4:59:e9:c4:
c1:98:bb:e2:30:61:dc:56:1a:7e:bd:2b:4b:8d:e9:
71:e1:3f:b7:e1:c5:57:2f:19:1d:7d:96:f7:05:36:
d6:f8:06:87:9d:d2:b1:90:95:77:35:cb:1d:22:90:
08:7f:9f:ef:5b:c8:cf:8c:3b:ce:18:4b:1b:4d:36:
3f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AD:E9:C3:2D:DC:99:6E:74:B9:81:14:18:BC:B1:23:8F:45:AB:7D
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/9K3pwy3cmW50uYEUGLyxI49Fq30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.31.0/24
Signature Algorithm: sha256WithRSAEncryption
52:dd:bd:ea:f6:ad:14:90:d4:ef:f3:d1:e5:98:fc:39:41:49:
f4:cb:76:ba:4d:ae:67:cb:8c:83:ee:d5:37:51:9d:6e:5e:ff:
5d:0c:e0:73:9b:b1:2b:ed:35:a8:fa:8a:f9:bd:63:c4:08:88:
a9:37:68:6b:4c:3b:0f:9b:18:d9:f7:70:aa:99:ac:a3:32:54:
ab:57:ce:54:fa:82:3e:6a:ca:12:79:2f:70:01:98:bd:00:e9:
8f:ef:1d:f2:95:cc:27:33:99:e6:96:c9:50:5c:99:de:62:71:
d7:fc:f4:bc:4d:cc:b5:42:22:9b:89:09:c6:d2:70:93:ff:dc:
d3:27:bc:cd:4c:95:d3:ff:a7:8c:36:12:9b:35:8f:01:5e:34:
5c:b1:0f:68:e8:5d:80:00:47:98:f6:a3:6f:6f:fa:91:d5:2c:
e3:4a:4e:5a:cd:93:41:a7:22:26:8e:91:2e:9b:b0:69:ef:cb:
3a:45:9e:a7:a7:3e:ac:9d:67:90:5c:6b:83:1d:61:5e:e5:ea:
a3:d1:41:30:24:a8:91:75:43:ab:4d:73:37:8f:20:50:de:a0:
36:e1:4b:0a:44:bb:80:95:06:6b:9b:19:3a:c5:e7:5a:b8:a9:
c2:78:49:52:5b:68:39:86:4c:d7:7e:23:58:80:6d:82:0f:f0:
fb:6e:e5:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu7SHpsT250aLbW7xNV5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjQwMTAyMTAzMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFkZTljMzJkZGM5OTZlNzRiOTgxMTQxOGJjYjEyMzhmNDVhYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4Rn5TB9tXUnvX85o9/t8ksJp4Z2
LxBtcaqCx4mGEpO/TugKy9iraw6sWdoe4dyklgMqycdYfvb/LfQX9B6T4i5V4LY6
uRH4WhqdCvANkrQsx1Od7atYExLtFhQp87q6SxwHfFvJBngCBFd4JMLtYKY2KSz9
r8n3z/1STsZ9LgC2jQET3/SZ+uHAP22DA/CLH77A+ulnY/EwneznSUA3RCAlvm+J
PkzS9disEqyempIApDmYyEQDD2vz7cmE4ORZ6cTBmLviMGHcVhp+vStLjelx4T+3
4cVXLxkdfZb3BTbW+AaHndKxkJV3NcsdIpAIf5/vW8jPjDvOGEsbTTY/fQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSt6cMt3JludLmBFBi8sSOPRat9MB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvOUszcHd5M2NtVzUwdVlFVUdMeXhJNDlGcTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRcfMA0G
CSqGSIb3DQEBCwUAA4IBAQBS3b3q9q0UkNTv89HlmPw5QUn0y3a6Ta5ny4yD7tU3
UZ1uXv9dDOBzm7Er7TWo+or5vWPECIipN2hrTDsPmxjZ93CqmayjMlSrV85U+oI+
asoSeS9wAZi9AOmP7x3ylcwnM5nmlslQXJneYnHX/PS8Tcy1QiKbiQnG0nCT/9zT
J7zNTJXT/6eMNhKbNY8BXjRcsQ9o6F2AAEeY9qNvb/qR1SzjSk5azZNBpyImjpEu
m7Bp78s6RZ6npz6snWeQXGuDHWFe5eqj0UEwJKiRdUOrTXM3jyBQ3qA24UsKRLuA
lQZrmxk6xedauKnCeElSW2g5hkzXfiNYgG2CD/D7buWU
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:58:35 2025 by rpki-client