Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/SuzZxnR7ZTiR82otY6hDdiuveFQ.roa
File: SuzZxnR7ZTiR82otY6hDdiuveFQ.roa (raw, json)
Hash identifier: uE3Gg3MK2vUJArdbHxMPk3IQfsUZMi1FV5f1kBb1nzA=
Subject key identifier: 4A:EC:D9:C6:74:7B:65:38:91:F3:6A:2D:63:A8:43:76:2B:AF:78:54
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018CC7944EC8962FE540F13093DF4F225F41
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/SuzZxnR7ZTiR82otY6hDdiuveFQ.roa
Signing time: Tue 02 Jan 2024 00:30:34 +0000
ROA not before: Tue 02 Jan 2024 00:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4817
IP address blocks: 2.189.242.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:4e:c8:96:2f:e5:40:f1:30:93:df:4f:22:5f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 00:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4aecd9c6747b653891f36a2d63a843762baf7854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:39:0e:21:a1:9e:4f:45:fb:f4:41:57:fa:51:
64:03:79:ad:64:4c:55:1c:5d:77:d1:48:3a:7d:a3:
6b:6c:b6:4b:14:3d:49:b1:cd:53:50:f3:90:4a:d9:
9b:e5:0c:5b:8f:7c:a2:8d:98:e0:b6:a5:63:34:6e:
27:9c:b9:9f:1d:de:af:20:6a:24:bf:86:e6:ae:e2:
8b:73:09:0e:e6:36:d5:88:d6:a1:5d:09:38:be:80:
2a:25:9e:9e:2d:e2:7c:fd:57:85:f7:f0:7c:ff:5c:
79:7d:13:ad:2e:5d:c7:b8:61:dd:d4:b0:62:8b:53:
bf:aa:bb:bb:75:d7:1f:4b:b0:91:60:d5:98:f6:df:
2c:ba:4f:d3:1a:8d:ce:1d:b8:9c:42:da:3f:f1:02:
81:b6:53:90:4d:d5:43:53:25:1d:7f:73:0a:cf:cc:
fd:62:01:96:f1:a5:c8:5c:bb:c3:56:dd:ea:c5:3f:
a9:7e:d3:69:fd:79:9c:ea:cf:0c:83:d7:9c:ea:bb:
67:59:72:8e:94:0a:e8:ea:47:b1:c5:93:3c:4b:13:
3d:dc:dd:d9:7d:01:61:7c:e0:8e:e4:79:6b:1d:b8:
d5:aa:78:09:88:27:34:6d:9e:04:65:05:ca:77:f0:
cd:77:a3:d5:28:60:e3:85:45:7d:59:12:eb:21:1f:
1e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:EC:D9:C6:74:7B:65:38:91:F3:6A:2D:63:A8:43:76:2B:AF:78:54
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/SuzZxnR7ZTiR82otY6hDdiuveFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.189.242.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:55:cc:8a:95:a1:f4:c7:c2:f8:e2:6c:69:c5:2d:bd:21:44:
18:58:c4:8c:9f:27:0e:11:0b:cb:32:fe:45:02:ae:e5:cb:fe:
2c:16:67:c3:9d:4e:d5:b4:3b:70:3c:1c:7d:54:2c:92:85:0e:
59:07:66:30:19:98:d6:8c:81:88:52:9c:91:ac:b3:39:d4:5d:
d7:15:e4:1d:2d:ed:92:20:a6:0e:4c:4c:2d:5e:5d:ae:94:29:
7a:28:c0:8f:5e:dd:04:04:cf:c1:92:47:0a:66:eb:57:2a:34:
82:39:0f:fc:96:a2:f1:3f:52:8a:63:a7:e7:f0:c2:ce:da:03:
32:27:9e:3f:e1:6e:60:4a:a8:f8:5a:1b:05:72:20:1f:8b:9e:
68:74:05:a7:39:77:98:c2:e8:3c:f4:8d:c8:c8:69:83:f4:48:
b8:b3:4d:a7:a4:06:02:ec:44:81:a7:53:3d:82:20:44:b3:25:
4d:39:85:eb:84:0f:4f:06:15:f0:3c:7b:db:2d:ac:49:fb:3c:
4c:a9:fb:92:bd:1b:9d:8e:4d:3b:5a:7f:ce:59:61:05:12:2b:
dd:ba:20:b8:48:b0:5b:5d:b3:30:53:d2:ec:30:2e:60:38:84:
e6:4c:45:49:83:f4:a7:67:89:4c:f0:9b:65:fb:0b:0c:76:a6:
6b:f8:58:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlE7Ili/lQPEwk99PIl9BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwMTAyMDAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWVjZDljNjc0N2I2NTM4OTFmMzZhMmQ2M2E4NDM3NjJiYWY3ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjkOIaGeT0X79EFX+lFkA3mtZExV
HF130Ug6faNrbLZLFD1Jsc1TUPOQStmb5Qxbj3yijZjgtqVjNG4nnLmfHd6vIGok
v4bmruKLcwkO5jbViNahXQk4voAqJZ6eLeJ8/VeF9/B8/1x5fROtLl3HuGHd1LBi
i1O/qru7ddcfS7CRYNWY9t8suk/TGo3OHbicQto/8QKBtlOQTdVDUyUdf3MKz8z9
YgGW8aXIXLvDVt3qxT+pftNp/Xmc6s8Mg9ec6rtnWXKOlAro6kexxZM8SxM93N3Z
fQFhfOCO5HlrHbjVqngJiCc0bZ4EZQXKd/DNd6PVKGDjhUV9WRLrIR8eoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFErs2cZ0e2U4kfNqLWOoQ3Yrr3hUMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvU3V6WnhuUjdaVGlSODJvdFk2aERkaXV2ZUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAr3yMA0G
CSqGSIb3DQEBCwUAA4IBAQCeVcyKlaH0x8L44mxpxS29IUQYWMSMnycOEQvLMv5F
Aq7ly/4sFmfDnU7VtDtwPBx9VCyShQ5ZB2YwGZjWjIGIUpyRrLM51F3XFeQdLe2S
IKYOTEwtXl2ulCl6KMCPXt0EBM/BkkcKZutXKjSCOQ/8lqLxP1KKY6fn8MLO2gMy
J54/4W5gSqj4WhsFciAfi55odAWnOXeYwug89I3IyGmD9Ei4s02npAYC7ESBp1M9
giBEsyVNOYXrhA9PBhXwPHvbLaxJ+zxMqfuSvRudjk07Wn/OWWEFEivduiC4SLBb
XbMwU9LsMC5gOITmTEVJg/SnZ4lM8Jtl+wsMdqZr+Fg4
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:15 2025 by rpki-client