Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/c0qhsqxIIVXMC2JfMCsS6U5GtlY.roa
File: c0qhsqxIIVXMC2JfMCsS6U5GtlY.roa (raw, json)
Hash identifier: noIMiSXhmuWCNw2x3e1Va4TM7PiX5JAVWJbvg3cY0Mo=
Subject key identifier: 73:4A:A1:B2:AC:48:21:55:CC:0B:62:5F:30:2B:12:E9:4E:46:B6:56
Certificate issuer: /CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Certificate serial: 018CC9BBB3BE82009340AF3B701802B785B5
Authority key identifier: 72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/c0qhsqxIIVXMC2JfMCsS6U5GtlY.roa
Signing time: Tue 02 Jan 2024 10:32:50 +0000
ROA not before: Tue 02 Jan 2024 10:32:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35616
IP address blocks: 193.23.29.0/24 maxlen: 24
2a04:9ac1::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:b3:be:82:00:93:40:af:3b:70:18:02:b7:85:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72ed2fbb7213fbf32ad4c087f8b0b22cecef4fea
Validity
Not Before: Jan 2 10:32:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=734aa1b2ac482155cc0b625f302b12e94e46b656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:fe:bc:57:ec:b9:62:14:cd:47:27:03:73:c1:
02:b2:a6:e3:26:26:b9:d4:15:6b:05:cd:ee:4d:bc:
df:f0:bf:e3:8e:fe:16:cd:d4:73:6d:72:94:80:7e:
9e:7d:9c:47:fb:7a:d9:55:fe:d5:04:cd:b5:12:94:
15:82:fd:05:3b:63:3c:fc:9d:9e:d6:95:17:de:82:
99:25:af:1b:87:46:05:e1:84:67:9f:54:6c:bb:1b:
09:eb:d5:00:4d:90:c1:df:2f:c9:cb:06:d0:ec:d0:
29:8d:5c:56:82:e9:b4:1c:fd:1b:d5:ca:3b:78:2b:
e7:3f:14:6e:67:34:fe:81:b8:41:41:1e:a7:e5:dd:
0f:b7:3a:ca:f1:38:1a:72:a4:21:51:eb:32:73:ed:
85:71:59:af:38:38:18:bb:81:a3:57:25:86:b3:7d:
98:15:fc:ad:41:a4:9a:5f:e5:9c:c5:fb:dc:06:24:
4e:cc:a4:9a:60:80:7a:74:cc:20:20:8a:92:50:d0:
5e:12:4c:f8:04:4f:1a:2b:5b:91:bd:3b:5d:e9:b1:
74:5b:72:51:9a:ce:ab:f1:23:51:eb:7a:65:02:90:
32:79:8b:2f:d3:62:40:24:08:95:99:44:f4:1e:7e:
63:14:8a:9f:75:cb:c0:62:a2:53:37:66:b3:82:de:
ec:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:4A:A1:B2:AC:48:21:55:CC:0B:62:5F:30:2B:12:E9:4E:46:B6:56
X509v3 Authority Key Identifier:
keyid:72:ED:2F:BB:72:13:FB:F3:2A:D4:C0:87:F8:B0:B2:2C:EC:EF:4F:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/c0qhsqxIIVXMC2JfMCsS6U5GtlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/e5a892-23f5-49fa-b6a9-a65233b3e975/1/cu0vu3IT-_Mq1MCH-LCyLOzvT-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.29.0/24
IPv6:
2a04:9ac1::/32
Signature Algorithm: sha256WithRSAEncryption
0b:6c:58:c3:50:0f:f0:35:d6:74:7d:b0:7b:66:9d:17:38:cb:
e3:97:30:cd:f5:c7:fc:4b:df:70:74:b4:cd:43:af:93:5b:16:
0e:a4:a4:ad:6a:08:0b:b4:cc:6a:f1:1d:cf:a5:f5:32:0f:d6:
d5:95:f3:92:1b:b7:af:e0:6f:ba:18:e6:a0:af:66:c4:c7:d8:
c9:dd:73:84:b3:a4:cd:15:b3:f7:95:3d:65:9b:19:64:a4:11:
b2:1c:ae:f4:4f:e5:f6:a5:35:69:b5:cb:20:6c:88:d8:46:93:
15:36:a8:00:1f:ff:e8:22:cc:81:b1:3e:40:7f:0c:54:a8:fc:
b7:29:25:4d:29:b4:31:20:41:8b:6c:98:8b:79:e3:15:0b:73:
b0:d5:08:ea:b9:b8:fe:be:1b:af:70:03:a0:ed:d7:52:09:a0:
01:80:67:0f:bb:f8:25:04:6e:4b:e5:ea:59:3d:4a:48:a3:ac:
54:8f:80:9c:fa:e2:c0:48:6a:2e:c1:19:60:d2:85:c7:7a:18:
2f:fd:15:c5:06:bc:cc:53:30:28:15:29:be:c4:dd:4c:ae:bb:
61:d4:fb:c8:9f:06:21:c6:39:75:3a:31:c2:69:aa:63:fa:23:
66:29:36:f9:19:8e:cf:41:92:e2:d3:22:f2:cb:1b:51:b6:15:
c6:50:e8:f9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJu7O+ggCTQK87cBgCt4W1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWQyZmJiNzIxM2ZiZjMyYWQ0YzA4N2Y4YjBiMjJjZWNl
ZjRmZWEwHhcNMjQwMTAyMTAzMjUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzRhYTFiMmFjNDgyMTU1Y2MwYjYyNWYzMDJiMTJlOTRlNDZiNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP68V+y5YhTNRycDc8ECsqbjJia5
1BVrBc3uTbzf8L/jjv4WzdRzbXKUgH6efZxH+3rZVf7VBM21EpQVgv0FO2M8/J2e
1pUX3oKZJa8bh0YF4YRnn1RsuxsJ69UATZDB3y/JywbQ7NApjVxWgum0HP0b1co7
eCvnPxRuZzT+gbhBQR6n5d0PtzrK8TgacqQhUesyc+2FcVmvODgYu4GjVyWGs32Y
FfytQaSaX+WcxfvcBiROzKSaYIB6dMwgIIqSUNBeEkz4BE8aK1uRvTtd6bF0W3JR
ms6r8SNR63plApAyeYsv02JAJAiVmUT0Hn5jFIqfdcvAYqJTN2azgt7sVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHNKobKsSCFVzAtiXzArEulORrZWMB8GA1UdIwQY
MBaAFHLtL7tyE/vzKtTAh/iwsizs70/qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTkt
YTY1MjMzYjNlOTc1LzEvYzBxaHNxeElJVlhNQzJKZk1Dc1M2VTVHdGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9lNWE4OTItMjNmNS00OWZhLWI2YTktYTY1MjMzYjNlOTc1
LzEvY3UwdnUzSVQtX01xMU1DSC1MQ3lMT3p2VC1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRcdMA0E
AgACMAcDBQAqBJrBMA0GCSqGSIb3DQEBCwUAA4IBAQALbFjDUA/wNdZ0fbB7Zp0X
OMvjlzDN9cf8S99wdLTNQ6+TWxYOpKStaggLtMxq8R3PpfUyD9bVlfOSG7ev4G+6
GOagr2bEx9jJ3XOEs6TNFbP3lT1lmxlkpBGyHK70T+X2pTVptcsgbIjYRpMVNqgA
H//oIsyBsT5AfwxUqPy3KSVNKbQxIEGLbJiLeeMVC3Ow1Qjqubj+vhuvcAOg7ddS
CaABgGcPu/glBG5L5epZPUpIo6xUj4Cc+uLASGouwRlg0oXHehgv/RXFBrzMUzAo
FSm+xN1Mrrth1PvInwYhxjl1OjHCaapj+iNmKTb5GY7PQZLi0yLyyxtRthXGUOj5
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:56:08 2025 by rpki-client