Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Dwm1AgByDnGAza8NsN0JCqMfecA.roa
File: Dwm1AgByDnGAza8NsN0JCqMfecA.roa (raw, json)
Hash identifier: kXy1cfQzA3iOuX5Pyj85jZvj8d3G6Z9rtOX5bo1fDm8=
Subject key identifier: 0F:09:B5:02:00:72:0E:71:80:CD:AF:0D:B0:DD:09:0A:A3:1F:79:C0
Certificate issuer: /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial: 019427B5AB9655A9CF8AAC7E8D0077D6AE12
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Dwm1AgByDnGAza8NsN0JCqMfecA.roa
Signing time: Thu 02 Jan 2025 15:50:04 +0000
ROA not before: Thu 02 Jan 2025 15:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8100
IP address blocks: 193.108.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 19:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:ab:96:55:a9:cf:8a:ac:7e:8d:00:77:d6:ae:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Validity
Not Before: Jan 2 15:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f09b50200720e7180cdaf0db0dd090aa31f79c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:71:52:db:06:b0:30:4f:e9:76:cf:7a:f1:d4:
72:25:2e:c4:76:34:d4:0d:09:36:4f:0e:90:cc:1b:
a7:3a:31:c9:c9:16:b0:2c:2a:92:50:e5:76:d2:f3:
3a:16:66:ac:93:61:34:4b:e5:87:26:6d:e3:06:c2:
e9:04:17:fd:c7:34:4b:54:05:c7:0a:67:9e:59:7b:
5b:14:d7:65:96:75:25:c4:03:cb:9c:27:0f:99:1d:
b9:80:a9:aa:cc:e4:2d:ea:4b:50:8d:0d:8a:3f:5a:
1e:fb:11:26:ab:38:38:fd:de:d9:84:79:91:5b:c9:
a1:0a:d6:80:51:db:0c:61:14:28:ae:ca:e2:17:7b:
7c:18:82:d8:8b:8e:da:50:b6:96:1b:d4:5f:4d:d9:
0f:a1:75:4c:d3:df:e0:4a:76:d8:87:7f:e2:d5:7d:
11:4b:e8:a8:86:15:38:84:75:4c:27:74:b0:d7:12:
b0:d1:4e:96:3c:8b:c9:ea:df:cd:e5:30:7c:ca:14:
ef:9f:45:5a:00:fa:99:fe:f9:34:e4:c0:f7:d8:01:
55:23:dc:79:a1:fd:06:9a:53:04:7a:c1:c3:82:a9:
7b:0d:c8:ad:1d:0f:72:a9:c5:dc:0d:c2:50:ab:e7:
d6:dc:e1:92:af:fe:c0:6e:90:13:97:b7:47:b2:72:
44:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:09:B5:02:00:72:0E:71:80:CD:AF:0D:B0:DD:09:0A:A3:1F:79:C0
X509v3 Authority Key Identifier:
keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/Dwm1AgByDnGAza8NsN0JCqMfecA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.56.0/24
Signature Algorithm: sha256WithRSAEncryption
95:26:e7:c2:01:ea:9b:61:de:4d:eb:a3:ce:03:30:0d:bf:c0:
79:e9:ff:c5:01:8b:14:99:56:6b:60:b3:76:27:c2:e3:23:6e:
12:a2:a3:a6:71:9d:c8:ef:40:b9:16:91:4f:e1:b9:2f:cc:71:
a0:43:e5:37:ee:9f:15:e3:c3:6e:8e:4b:81:7f:7c:ac:2d:f9:
98:6e:26:3a:e8:9e:ff:e2:db:1f:28:15:cf:75:d7:ed:02:9f:
00:59:1b:8c:18:ab:b3:90:c9:3d:11:6f:71:cb:f8:1e:5a:64:
d4:4e:eb:22:91:60:4d:7f:f7:64:03:3e:1d:b8:43:bf:a7:3a:
da:d8:c2:bb:e4:e2:f9:b5:87:f5:55:ec:5b:f7:ed:72:58:dd:
52:d1:d8:9d:19:aa:4c:85:ae:39:51:54:f4:2f:8b:1b:c5:12:
60:5a:95:df:41:c8:61:a4:de:69:6a:51:a2:9f:52:4d:fd:26:
0c:ee:c6:7f:37:f5:3a:4c:a1:87:c6:cd:85:5a:50:e6:2b:e6:
8c:29:62:ee:ea:ae:48:89:4e:3b:6e:c7:9b:30:7d:00:05:69:
41:02:92:a7:43:60:e2:a1:03:89:34:c8:dc:15:ba:c3:fa:6c:
89:0e:18:0e:dd:a5:7e:8c:4f:bc:b0:74:6d:25:13:29:e3:5a:
52:3b:a2:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntauWVanPiqx+jQB31q4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjUwMTAyMTU1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjA5YjUwMjAwNzIwZTcxODBjZGFmMGRiMGRkMDkwYWEzMWY3OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XFS2wawME/pds968dRyJS7EdjTU
DQk2Tw6QzBunOjHJyRawLCqSUOV20vM6Fmask2E0S+WHJm3jBsLpBBf9xzRLVAXH
CmeeWXtbFNdllnUlxAPLnCcPmR25gKmqzOQt6ktQjQ2KP1oe+xEmqzg4/d7ZhHmR
W8mhCtaAUdsMYRQorsriF3t8GILYi47aULaWG9RfTdkPoXVM09/gSnbYh3/i1X0R
S+iohhU4hHVMJ3Sw1xKw0U6WPIvJ6t/N5TB8yhTvn0VaAPqZ/vk05MD32AFVI9x5
of0GmlMEesHDgql7DcitHQ9yqcXcDcJQq+fW3OGSr/7AbpATl7dHsnJEEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA8JtQIAcg5xgM2vDbDdCQqjH3nAMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvRHdtMUFnQnlEbkdBemE4TnNOMEpDcU1mZWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWw4MA0G
CSqGSIb3DQEBCwUAA4IBAQCVJufCAeqbYd5N66POAzANv8B56f/FAYsUmVZrYLN2
J8LjI24SoqOmcZ3I70C5FpFP4bkvzHGgQ+U37p8V48NujkuBf3ysLfmYbiY66J7/
4tsfKBXPddftAp8AWRuMGKuzkMk9EW9xy/geWmTUTusikWBNf/dkAz4duEO/pzra
2MK75OL5tYf1Vexb9+1yWN1S0didGapMha45UVT0L4sbxRJgWpXfQchhpN5palGi
n1JN/SYM7sZ/N/U6TKGHxs2FWlDmK+aMKWLu6q5IiU47bsebMH0ABWlBApKnQ2Di
oQOJNMjcFbrD+myJDhgO3aV+jE+8sHRtJRMp41pSO6If
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:38 2025 by rpki-client