Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/eeedf6-52c1-4a01-9097-a6cf16c85ce4/1/faC9AfHl5zwDfoB0l6bB72ywLx8.roa
File: faC9AfHl5zwDfoB0l6bB72ywLx8.roa (raw, json)
Hash identifier: sgVwnw4pUE5FqdYeGQFCEJAs083PWtd6zWmX9ZIlLYU=
Subject key identifier: 7D:A0:BD:01:F1:E5:E7:3C:03:7E:80:74:97:A6:C1:EF:6C:B0:2F:1F
Certificate issuer: /CN=22c5a0c2ac3b1679499a96be31e43be85cf09953
Certificate serial: 018CC6B940DC54AC4A53C57D1EEB4A02ADDC
Authority key identifier: 22:C5:A0:C2:AC:3B:16:79:49:9A:96:BE:31:E4:3B:E8:5C:F0:99:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsWgwqw7FnlJmpa-MeQ76FzwmVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/eeedf6-52c1-4a01-9097-a6cf16c85ce4/1/faC9AfHl5zwDfoB0l6bB72ywLx8.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20546
IP address blocks: 193.25.233.0/24 maxlen: 24
193.25.227.0/24 maxlen: 24
193.25.228.0/24 maxlen: 24
193.25.229.0/24 maxlen: 24
193.25.230.0/24 maxlen: 24
193.25.231.0/24 maxlen: 24
193.25.232.0/24 maxlen: 24
193.25.234.0/24 maxlen: 24
193.25.235.0/24 maxlen: 24
193.25.236.0/24 maxlen: 24
193.25.237.0/24 maxlen: 24
193.25.238.0/24 maxlen: 24
193.25.239.0/24 maxlen: 24
193.25.226.0/24 maxlen: 24
193.25.224.0/24 maxlen: 24
193.25.225.0/24 maxlen: 24
2001:678:9fc::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:40:dc:54:ac:4a:53:c5:7d:1e:eb:4a:02:ad:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c5a0c2ac3b1679499a96be31e43be85cf09953
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7da0bd01f1e5e73c037e807497a6c1ef6cb02f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f3:c7:d8:da:01:c6:35:6c:fb:82:5a:39:eb:
4e:ea:d7:10:57:14:1a:af:5e:4a:88:a4:ab:fb:91:
b3:41:f8:20:f5:79:f7:93:34:99:b9:02:2f:dc:d9:
e6:a1:3b:57:3c:6a:15:8b:ab:cd:e8:53:03:91:ae:
2f:32:4b:a5:29:4c:c5:18:3a:a9:0c:65:c0:92:89:
7f:dd:ff:47:11:17:d2:c5:8d:38:d0:63:86:e3:b6:
2a:91:35:d1:37:99:a1:45:57:31:00:67:5a:71:bd:
66:c7:60:97:f5:66:d9:e3:46:71:2f:c7:49:ae:a3:
82:05:ff:c9:b2:3e:da:29:f8:a8:4f:55:1f:e8:02:
1a:dd:7f:59:71:9f:fe:19:1c:73:7a:f3:ac:b8:a2:
8e:10:37:9a:db:76:62:14:63:aa:19:21:8e:17:da:
2e:9c:3c:5b:27:0e:cc:0c:56:f9:85:ad:7c:3e:7e:
c8:b7:79:1c:f5:77:f7:af:18:eb:ad:50:d1:69:f8:
2f:e4:af:2b:66:4b:d2:e2:ec:c6:cc:a0:fa:d6:be:
7f:1b:8b:86:d1:eb:a3:79:77:83:95:bd:31:14:0c:
75:fc:06:51:bf:f8:a8:57:58:3b:2e:da:5d:90:f9:
9b:70:bf:d4:b8:8c:46:14:78:bf:b9:bb:1c:bc:c8:
73:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A0:BD:01:F1:E5:E7:3C:03:7E:80:74:97:A6:C1:EF:6C:B0:2F:1F
X509v3 Authority Key Identifier:
keyid:22:C5:A0:C2:AC:3B:16:79:49:9A:96:BE:31:E4:3B:E8:5C:F0:99:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsWgwqw7FnlJmpa-MeQ76FzwmVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/eeedf6-52c1-4a01-9097-a6cf16c85ce4/1/faC9AfHl5zwDfoB0l6bB72ywLx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/eeedf6-52c1-4a01-9097-a6cf16c85ce4/1/IsWgwqw7FnlJmpa-MeQ76FzwmVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.224.0/20
IPv6:
2001:678:9fc::/48
Signature Algorithm: sha256WithRSAEncryption
b2:0f:1e:f4:4d:95:a4:1e:61:d2:c2:ed:3d:f1:5c:09:b2:4b:
f3:68:3e:fd:69:78:57:27:b6:e8:72:14:93:89:98:d1:f9:13:
69:1a:03:60:f3:39:98:f7:79:4f:3f:6f:29:4e:9d:c6:3a:b0:
f9:d3:3a:aa:a4:0f:ad:75:7f:e8:77:55:d5:2e:7e:df:cb:94:
d7:e0:be:9e:e7:c0:ca:0c:59:ed:21:d9:84:04:85:9a:58:a7:
3f:97:9f:26:55:a6:3a:7a:b9:6d:82:8a:52:7e:33:ac:a0:8e:
12:33:37:89:d7:b7:c5:41:6a:21:3d:a1:1a:ac:e9:01:a9:3d:
ed:b3:dc:7d:64:ac:be:25:92:dd:87:d9:12:b9:c8:71:c0:ca:
cd:52:e7:cb:33:3d:13:5e:7e:c5:46:7c:67:17:59:dd:00:28:
47:58:d7:49:33:d5:16:83:6c:0f:16:44:2b:90:bc:9d:4d:9c:
f3:d6:ea:d3:d9:28:ac:9f:12:32:09:a2:8c:3f:25:e2:61:9b:
36:57:af:3e:4d:64:b1:f4:3c:cf:2a:92:19:89:43:d4:67:82:
0a:4a:43:8e:d8:de:6b:c9:45:81:f0:a3:84:1b:e5:a0:03:7f:
4f:89:11:bb:5d:35:87:8a:08:fd:da:cf:e5:6d:4d:ec:88:72:
b7:76:be:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGuUDcVKxKU8V9HutKAq3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzVhMGMyYWMzYjE2Nzk0OTlhOTZiZTMxZTQzYmU4NWNm
MDk5NTMwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGEwYmQwMWYxZTVlNzNjMDM3ZTgwNzQ5N2E2YzFlZjZjYjAyZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvPH2NoBxjVs+4JaOetO6tcQVxQa
r15KiKSr+5GzQfgg9Xn3kzSZuQIv3NnmoTtXPGoVi6vN6FMDka4vMkulKUzFGDqp
DGXAkol/3f9HERfSxY040GOG47YqkTXRN5mhRVcxAGdacb1mx2CX9WbZ40ZxL8dJ
rqOCBf/Jsj7aKfioT1Uf6AIa3X9ZcZ/+GRxzevOsuKKOEDea23ZiFGOqGSGOF9ou
nDxbJw7MDFb5ha18Pn7It3kc9Xf3rxjrrVDRafgv5K8rZkvS4uzGzKD61r5/G4uG
0eujeXeDlb0xFAx1/AZRv/ioV1g7LtpdkPmbcL/UuIxGFHi/ubscvMhz4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH2gvQHx5ec8A36AdJemwe9ssC8fMB8GA1UdIwQY
MBaAFCLFoMKsOxZ5SZqWvjHkO+hc8JlTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNXZ3dxdzdGbmxKbXBhLU1lUTc2Rnp3bVZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lZWVkZjYtNTJjMS00YTAxLTkwOTct
YTZjZjE2Yzg1Y2U0LzEvZmFDOUFmSGw1endEZm9CMGw2YkI3Mnl3THg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lZWVkZjYtNTJjMS00YTAxLTkwOTctYTZjZjE2Yzg1Y2U0
LzEvSXNXZ3dxdzdGbmxKbXBhLU1lUTc2Rnp3bVZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEwRngMA8E
AgACMAkDBwAgAQZ4CfwwDQYJKoZIhvcNAQELBQADggEBALIPHvRNlaQeYdLC7T3x
XAmyS/NoPv1peFcntuhyFJOJmNH5E2kaA2DzOZj3eU8/bylOncY6sPnTOqqkD611
f+h3VdUuft/LlNfgvp7nwMoMWe0h2YQEhZpYpz+XnyZVpjp6uW2CilJ+M6ygjhIz
N4nXt8VBaiE9oRqs6QGpPe2z3H1krL4lkt2H2RK5yHHAys1S58szPRNefsVGfGcX
Wd0AKEdY10kz1RaDbA8WRCuQvJ1NnPPW6tPZKKyfEjIJoow/JeJhmzZXrz5NZLH0
PM8qkhmJQ9RnggpKQ47Y3mvJRYHwo4Qb5aADf0+JEbtdNYeKCP3az+VtTeyIcrd2
vrs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:54 2025 by rpki-client