Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/A-3Gf3UgxQIZ6Ky-Cazaqu17xIk.roa
File: A-3Gf3UgxQIZ6Ky-Cazaqu17xIk.roa (raw, json)
Hash identifier: dgrM7o+8O9wsrCrNpqji+jQERTikBcq3GEqjrSbA/CI=
Subject key identifier: 03:ED:C6:7F:75:20:C5:02:19:E8:AC:BE:09:AC:DA:AA:ED:7B:C4:89
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 018CC500C4A83C1E4831B3FD4CBB523A12E9
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/A-3Gf3UgxQIZ6Ky-Cazaqu17xIk.roa
Signing time: Mon 01 Jan 2024 12:30:10 +0000
ROA not before: Mon 01 Jan 2024 12:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 193.108.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c4:a8:3c:1e:48:31:b3:fd:4c:bb:52:3a:12:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jan 1 12:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03edc67f7520c50219e8acbe09acdaaaed7bc489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dc:2c:66:b4:9e:de:e3:2c:ae:a5:93:45:94:
dc:fd:06:98:80:81:a4:55:6e:e4:ba:5e:af:71:2d:
03:38:85:a1:a3:c2:ff:a9:9c:f1:bf:f9:d1:8e:a9:
fa:26:57:8d:8f:d8:81:17:72:1d:55:4f:ea:da:ad:
37:38:d0:c2:a6:c0:08:e5:d5:90:bd:60:34:53:16:
96:76:97:d6:25:84:f1:3d:03:6c:de:a0:74:3e:ea:
de:4c:78:57:10:91:95:96:f6:fc:7e:b9:4f:26:a1:
a8:94:f3:9a:3e:36:dc:9e:28:bd:25:82:6b:1b:78:
36:18:1f:8b:00:7f:02:f0:48:52:e6:cc:45:ea:1c:
f1:f0:f1:51:4d:65:d6:f9:d8:b6:e1:cb:fe:8f:fd:
88:84:2d:66:db:70:f3:44:82:a2:31:a7:6c:59:f2:
db:fc:ab:cf:6a:e0:d1:dd:d0:5d:df:16:7d:62:87:
f1:6e:c8:3b:3f:b2:44:98:82:20:0e:11:2c:cd:17:
38:10:ff:dc:1f:ba:10:db:9e:f6:48:d4:ad:c7:23:
42:e7:44:cf:9f:be:c8:f9:b9:ca:d4:d7:81:3a:bb:
77:b6:b6:46:b5:df:13:4a:b8:d6:99:9b:f1:5c:b4:
e4:d9:94:49:f1:70:3a:80:25:d7:2b:cc:71:a1:e5:
30:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:ED:C6:7F:75:20:C5:02:19:E8:AC:BE:09:AC:DA:AA:ED:7B:C4:89
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/A-3Gf3UgxQIZ6Ky-Cazaqu17xIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.102.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:ee:5e:4b:f2:5a:c2:d3:57:08:7b:04:4e:f2:d6:48:df:76:
5b:6e:9b:5b:7e:ff:48:4f:d5:c1:f9:20:c0:62:d3:89:ad:cf:
bf:e6:49:d9:c0:f6:81:8e:03:9f:bb:d2:60:23:6e:8d:82:ab:
54:92:53:a6:4b:8b:0f:15:aa:9e:41:95:d3:16:f0:30:a0:fd:
8b:1b:8c:83:07:e7:62:fb:32:08:83:17:d9:cd:88:62:34:6a:
40:18:fa:b0:47:52:f7:10:57:e5:d6:eb:8e:d1:80:bc:db:3f:
bb:a7:de:8d:1b:e2:8a:11:42:47:65:29:58:0c:db:68:ca:41:
7d:b9:d7:91:26:9b:40:8e:a4:2c:f9:d0:9b:19:e6:16:3e:d2:
39:e9:aa:f9:71:9c:39:8c:11:66:74:88:19:f2:c7:fd:c0:ab:
c9:ea:bc:95:50:32:b8:06:ad:ef:fc:4c:68:ad:30:61:38:cb:
89:15:c3:0f:e5:1b:68:70:1b:be:bd:7c:b8:2d:61:0a:7f:89:
49:9b:45:f3:ab:4a:7b:4a:94:c8:a8:01:ae:dc:a1:50:60:29:
d8:b8:01:e7:d3:0f:98:af:ee:51:d2:7c:b7:c3:9e:36:7b:a0:
d0:ee:1d:2e:8e:13:e0:a5:4a:70:ce:0b:a6:0d:3b:54:1c:e0:
1e:76:3c:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAMSoPB5IMbP9TLtSOhLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjQwMTAxMTIzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2VkYzY3Zjc1MjBjNTAyMTllOGFjYmUwOWFjZGFhYWVkN2JjNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtwsZrSe3uMsrqWTRZTc/QaYgIGk
VW7kul6vcS0DOIWho8L/qZzxv/nRjqn6JleNj9iBF3IdVU/q2q03ONDCpsAI5dWQ
vWA0UxaWdpfWJYTxPQNs3qB0PureTHhXEJGVlvb8frlPJqGolPOaPjbcnii9JYJr
G3g2GB+LAH8C8EhS5sxF6hzx8PFRTWXW+di24cv+j/2IhC1m23DzRIKiMadsWfLb
/KvPauDR3dBd3xZ9Yofxbsg7P7JEmIIgDhEszRc4EP/cH7oQ2572SNStxyNC50TP
n77I+bnK1NeBOrt3trZGtd8TSrjWmZvxXLTk2ZRJ8XA6gCXXK8xxoeUwVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAPtxn91IMUCGeisvgms2qrte8SJMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvQS0zR2YzVWd4UUlaNkt5LUNhemFxdTE3eElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWxmMA0G
CSqGSIb3DQEBCwUAA4IBAQCu7l5L8lrC01cIewRO8tZI33Zbbptbfv9IT9XB+SDA
YtOJrc+/5knZwPaBjgOfu9JgI26NgqtUklOmS4sPFaqeQZXTFvAwoP2LG4yDB+di
+zIIgxfZzYhiNGpAGPqwR1L3EFfl1uuO0YC82z+7p96NG+KKEUJHZSlYDNtoykF9
udeRJptAjqQs+dCbGeYWPtI56ar5cZw5jBFmdIgZ8sf9wKvJ6ryVUDK4Bq3v/Exo
rTBhOMuJFcMP5RtocBu+vXy4LWEKf4lJm0Xzq0p7SpTIqAGu3KFQYCnYuAHn0w+Y
r+5R0ny3w542e6DQ7h0ujhPgpUpwzgumDTtUHOAedjz6
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:58 2025 by rpki-client