Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/29440b-c59a-4608-bc63-a4ca3363d701/1/7BNecPxXEai1mB0LhgbsV8DbpDA.roa
File: 7BNecPxXEai1mB0LhgbsV8DbpDA.roa (raw, json)
Hash identifier: xZzPPaDFM5MgkvgjvnV/H6CRegjPACg8aONaYdoVE7U=
Subject key identifier: EC:13:5E:70:FC:57:11:A8:B5:98:1D:0B:86:06:EC:57:C0:DB:A4:30
Certificate issuer: /CN=5afdbf9883c18c4ce165d8b8503c6201745d6887
Certificate serial: 018CC42544048B6CE5A685DE9ACCEEE10072
Authority key identifier: 5A:FD:BF:98:83:C1:8C:4C:E1:65:D8:B8:50:3C:62:01:74:5D:68:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wv2_mIPBjEzhZdi4UDxiAXRdaIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/29440b-c59a-4608-bc63-a4ca3363d701/1/7BNecPxXEai1mB0LhgbsV8DbpDA.roa
Signing time: Mon 01 Jan 2024 08:30:25 +0000
ROA not before: Mon 01 Jan 2024 08:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211268
IP address blocks: 193.32.59.0/24 maxlen: 24
193.56.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:44:04:8b:6c:e5:a6:85:de:9a:cc:ee:e1:00:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5afdbf9883c18c4ce165d8b8503c6201745d6887
Validity
Not Before: Jan 1 08:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec135e70fc5711a8b5981d0b8606ec57c0dba430
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ce:b9:4b:d7:ca:fd:db:7e:7d:1b:58:f9:1f:
5a:f4:58:dd:3c:44:00:36:5f:39:ea:55:c2:4c:ed:
c7:7d:61:d6:40:5e:ba:50:7c:cd:c2:07:e4:1a:fd:
78:fb:c0:33:c7:bb:90:e6:63:20:55:1a:88:20:ff:
45:99:a8:27:ea:c9:d9:88:ff:b6:9d:e5:76:7d:1d:
39:2d:ff:d9:a5:9e:5e:c9:52:a8:43:35:54:90:df:
b5:f0:5e:86:34:68:ad:16:5b:ee:34:88:6a:da:01:
39:98:dc:33:75:a4:e8:e2:5c:b1:5d:e7:7e:69:ca:
a0:1f:ef:21:fd:6d:27:a7:b4:00:ea:ab:63:78:97:
c7:02:6c:85:1d:b0:75:73:de:df:b0:b3:54:ae:01:
27:3a:45:c3:00:ce:fb:27:ce:0c:be:5f:0c:ee:8b:
fc:00:68:9e:d3:4a:3a:c5:b5:e8:e3:61:db:8f:0f:
39:bd:1f:92:d3:35:0c:e9:4c:83:ea:99:bb:e4:36:
47:18:98:2e:fa:49:42:ad:43:1f:01:fe:07:f9:12:
63:5c:c9:29:50:c5:22:e0:bb:cc:ad:e8:fa:2e:37:
62:f8:ce:04:e3:43:4c:fa:2c:d8:5a:ea:b1:7a:a1:
1f:cf:b7:90:5a:9d:3c:53:b5:0c:20:ab:68:5f:c2:
00:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:13:5E:70:FC:57:11:A8:B5:98:1D:0B:86:06:EC:57:C0:DB:A4:30
X509v3 Authority Key Identifier:
keyid:5A:FD:BF:98:83:C1:8C:4C:E1:65:D8:B8:50:3C:62:01:74:5D:68:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wv2_mIPBjEzhZdi4UDxiAXRdaIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/29440b-c59a-4608-bc63-a4ca3363d701/1/7BNecPxXEai1mB0LhgbsV8DbpDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/29440b-c59a-4608-bc63-a4ca3363d701/1/Wv2_mIPBjEzhZdi4UDxiAXRdaIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.59.0/24
193.56.132.0/24
Signature Algorithm: sha256WithRSAEncryption
77:de:a5:62:e0:81:2f:6d:c9:ee:db:fd:a3:a7:bf:ba:86:ac:
2b:e6:af:d4:58:2a:77:73:4e:57:e0:6a:bd:ff:ed:53:cc:cb:
6c:1f:14:e4:2c:7b:ee:46:0a:dd:1c:ce:ae:8c:b4:1c:d9:e4:
0c:8d:96:30:bb:98:f4:56:44:78:75:08:b6:41:ad:dc:41:74:
f3:76:de:8f:37:f9:a9:ab:28:19:b5:94:e5:6e:21:4a:9b:15:
e8:8f:1c:91:b9:a4:e2:cd:0d:94:98:4c:27:7e:71:e6:7c:36:
19:68:81:a3:0e:37:22:a1:49:3c:f8:45:ac:af:0e:f7:e2:5c:
f5:ba:c4:22:d7:d3:2a:bd:a1:8a:e8:88:3f:db:2d:67:61:53:
4c:7d:25:4a:b0:1a:fe:28:18:bf:f8:de:85:34:8a:4e:e1:6e:
40:69:59:f4:80:16:a2:7b:b7:1a:aa:06:10:24:c2:a2:d1:fb:
95:2d:d3:e2:c9:e8:c4:ae:6a:8d:3c:e3:28:f8:d1:8f:be:b4:
06:77:fd:56:cb:74:33:bc:bd:7f:f4:40:f6:0d:14:bb:70:92:
f2:62:1b:9d:66:1d:98:c1:5f:09:91:2a:39:11:8d:4c:bb:d9:
f4:b7:be:b4:33:a0:dd:12:87:61:4c:a6:74:97:22:85:20:a1:
4c:f6:b3:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJUQEi2zlpoXemszu4QByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZmRiZjk4ODNjMThjNGNlMTY1ZDhiODUwM2M2MjAxNzQ1
ZDY4ODcwHhcNMjQwMTAxMDgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzEzNWU3MGZjNTcxMWE4YjU5ODFkMGI4NjA2ZWM1N2MwZGJhNDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc65S9fK/dt+fRtY+R9a9FjdPEQA
Nl856lXCTO3HfWHWQF66UHzNwgfkGv14+8Azx7uQ5mMgVRqIIP9Fmagn6snZiP+2
neV2fR05Lf/ZpZ5eyVKoQzVUkN+18F6GNGitFlvuNIhq2gE5mNwzdaTo4lyxXed+
acqgH+8h/W0np7QA6qtjeJfHAmyFHbB1c97fsLNUrgEnOkXDAM77J84Mvl8M7ov8
AGie00o6xbXo42Hbjw85vR+S0zUM6UyD6pm75DZHGJgu+klCrUMfAf4H+RJjXMkp
UMUi4LvMrej6Ljdi+M4E40NM+izYWuqxeqEfz7eQWp08U7UMIKtoX8IAbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOwTXnD8VxGotZgdC4YG7FfA26QwMB8GA1UdIwQY
MBaAFFr9v5iDwYxM4WXYuFA8YgF0XWiHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3YyX21JUEJqRXpoWmRpNFVEeGlBWFJkYUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yOTQ0MGItYzU5YS00NjA4LWJjNjMt
YTRjYTMzNjNkNzAxLzEvN0JOZWNQeFhFYWkxbUIwTGhnYnNWOERicERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8yOTQ0MGItYzU5YS00NjA4LWJjNjMtYTRjYTMzNjNkNzAx
LzEvV3YyX21JUEJqRXpoWmRpNFVEeGlBWFJkYUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSA7AwQA
wTiEMA0GCSqGSIb3DQEBCwUAA4IBAQB33qVi4IEvbcnu2/2jp7+6hqwr5q/UWCp3
c05X4Gq9/+1TzMtsHxTkLHvuRgrdHM6ujLQc2eQMjZYwu5j0VkR4dQi2Qa3cQXTz
dt6PN/mpqygZtZTlbiFKmxXojxyRuaTizQ2UmEwnfnHmfDYZaIGjDjcioUk8+EWs
rw734lz1usQi19MqvaGK6Ig/2y1nYVNMfSVKsBr+KBi/+N6FNIpO4W5AaVn0gBai
e7caqgYQJMKi0fuVLdPiyejErmqNPOMo+NGPvrQGd/1Wy3QzvL1/9ED2DRS7cJLy
YhudZh2YwV8JkSo5EY1Mu9n0t760M6DdEodhTKZ0lyKFIKFM9rOv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:27 2025 by rpki-client