Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4edc36-4d53-47cf-a6fc-b51154628fb3/1/8Mchc7eFVbIhNKY1ckUk7DAsf_o.roa
File: 8Mchc7eFVbIhNKY1ckUk7DAsf_o.roa (raw, json)
Hash identifier: aKgnemgMSx3OoFPDZQmCgA7jehj5hY6S7LoqK7Nv5SA=
Subject key identifier: F0:C7:21:73:B7:85:55:B2:21:34:A6:35:72:45:24:EC:30:2C:7F:FA
Certificate issuer: /CN=a9ac1f8595bad558240d74068000a1cf708ba1a5
Certificate serial: 018CC50007C50AF9A67B4D1877B117323F03
Authority key identifier: A9:AC:1F:85:95:BA:D5:58:24:0D:74:06:80:00:A1:CF:70:8B:A1:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qawfhZW61VgkDXQGgAChz3CLoaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4edc36-4d53-47cf-a6fc-b51154628fb3/1/8Mchc7eFVbIhNKY1ckUk7DAsf_o.roa
Signing time: Mon 01 Jan 2024 12:29:22 +0000
ROA not before: Mon 01 Jan 2024 12:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212181
IP address blocks: 193.47.149.0/24 maxlen: 24
2a10:1180::/31 maxlen: 31
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:07:c5:0a:f9:a6:7b:4d:18:77:b1:17:32:3f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ac1f8595bad558240d74068000a1cf708ba1a5
Validity
Not Before: Jan 1 12:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0c72173b78555b22134a635724524ec302c7ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e7:65:b6:4a:f7:24:39:be:ab:8f:d1:a6:3e:
74:56:4a:c8:96:1a:1c:fb:22:b0:1e:e6:18:d7:ee:
7b:26:10:cc:ec:25:7b:11:dd:3d:c1:ec:e3:5f:62:
62:58:b1:e1:47:87:1c:32:31:f1:9a:a0:10:22:d5:
43:84:f1:c6:c4:54:ce:13:0d:8c:6c:3b:6a:2d:22:
39:4b:fd:6f:b5:51:49:6f:45:15:ab:8a:06:ba:4e:
a9:17:94:f7:18:76:62:03:49:aa:db:53:ae:79:45:
af:60:8b:1f:d2:33:5d:c7:5a:4f:3b:58:09:c7:9f:
d5:ca:66:73:23:95:75:de:9d:34:30:b6:1e:d0:bc:
18:e5:e3:61:64:9f:d3:2d:0a:f4:ba:87:04:9e:55:
15:49:7a:52:94:a4:c2:bc:78:62:5a:fe:81:12:60:
af:f8:90:ce:f8:81:23:33:4c:77:2c:4c:b6:6b:ad:
9b:8c:d9:7c:24:6a:ec:5c:ef:e5:40:f3:21:5f:9a:
1b:ba:23:34:a3:1b:70:8b:88:0f:c2:ae:36:d1:11:
ac:19:34:eb:2e:0f:43:af:64:0d:d4:ea:46:dc:f5:
af:1a:19:a8:2f:18:71:34:35:91:d5:d3:97:bb:b5:
93:32:90:ba:7d:4e:92:7b:ec:1c:30:e7:91:da:5c:
30:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:C7:21:73:B7:85:55:B2:21:34:A6:35:72:45:24:EC:30:2C:7F:FA
X509v3 Authority Key Identifier:
keyid:A9:AC:1F:85:95:BA:D5:58:24:0D:74:06:80:00:A1:CF:70:8B:A1:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qawfhZW61VgkDXQGgAChz3CLoaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4edc36-4d53-47cf-a6fc-b51154628fb3/1/8Mchc7eFVbIhNKY1ckUk7DAsf_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4edc36-4d53-47cf-a6fc-b51154628fb3/1/qawfhZW61VgkDXQGgAChz3CLoaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.149.0/24
IPv6:
2a10:1180::/31
Signature Algorithm: sha256WithRSAEncryption
a3:e7:e8:c0:70:77:78:d0:c2:b9:6d:0d:14:d0:d7:ed:0a:be:
63:3a:f6:b5:00:2b:6d:ac:74:c9:6e:c9:e9:c8:d9:ca:30:67:
41:9f:59:76:b1:1e:6c:ea:fb:b9:78:af:61:21:15:e3:50:7a:
8e:ae:a6:ce:44:11:33:14:4f:90:91:c6:bb:13:3d:0a:a9:d6:
2c:5b:c1:f2:9b:15:a8:1d:2f:18:e0:43:f0:74:61:37:14:28:
d6:32:7b:e7:80:d1:87:6f:3c:68:01:3b:bb:5f:71:87:71:36:
a6:69:f6:1d:a9:2a:96:c9:20:aa:b0:89:24:ce:38:de:5f:73:
6c:d3:e3:e1:de:80:92:5a:1c:ab:23:0e:90:2c:54:36:5c:1d:
de:2d:41:8e:07:52:ef:e7:ea:e8:8e:5c:91:75:f3:e9:27:52:
f9:ab:47:31:41:03:d7:ef:d3:46:72:b5:80:84:5e:66:5a:49:
0b:2a:1f:9d:e6:3f:8d:21:be:dc:c0:11:8b:ed:1e:c5:74:97:
99:90:60:78:0c:d7:10:19:71:f4:12:56:c1:50:d6:2f:64:fb:
8d:bd:71:26:79:42:82:94:55:ac:02:ce:17:d7:8e:8b:9b:77:
03:b9:74:d3:c1:c4:5e:bb:ae:35:8b:21:7a:65:d6:3b:07:9b:
3c:7f:76:36
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAAfFCvmme00Yd7EXMj8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5YWMxZjg1OTViYWQ1NTgyNDBkNzQwNjgwMDBhMWNmNzA4
YmExYTUwHhcNMjQwMTAxMTIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGM3MjE3M2I3ODU1NWIyMjEzNGE2MzU3MjQ1MjRlYzMwMmM3ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkedltkr3JDm+q4/Rpj50VkrIlhoc
+yKwHuYY1+57JhDM7CV7Ed09wezjX2JiWLHhR4ccMjHxmqAQItVDhPHGxFTOEw2M
bDtqLSI5S/1vtVFJb0UVq4oGuk6pF5T3GHZiA0mq21OueUWvYIsf0jNdx1pPO1gJ
x5/VymZzI5V13p00MLYe0LwY5eNhZJ/TLQr0uocEnlUVSXpSlKTCvHhiWv6BEmCv
+JDO+IEjM0x3LEy2a62bjNl8JGrsXO/lQPMhX5obuiM0oxtwi4gPwq420RGsGTTr
Lg9Dr2QN1OpG3PWvGhmoLxhxNDWR1dOXu7WTMpC6fU6Se+wcMOeR2lwwHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPDHIXO3hVWyITSmNXJFJOwwLH/6MB8GA1UdIwQY
MBaAFKmsH4WVutVYJA10BoAAoc9wi6GlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWF3ZmhaVzYxVmdrRFhRR2dBQ2h6M0NMb2FVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni80ZWRjMzYtNGQ1My00N2NmLWE2ZmMt
YjUxMTU0NjI4ZmIzLzEvOE1jaGM3ZUZWYkloTktZMWNrVWs3REFzZl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni80ZWRjMzYtNGQ1My00N2NmLWE2ZmMtYjUxMTU0NjI4ZmIz
LzEvcWF3ZmhaVzYxVmdrRFhRR2dBQ2h6M0NMb2FVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwS+VMA0E
AgACMAcDBQEqEBGAMA0GCSqGSIb3DQEBCwUAA4IBAQCj5+jAcHd40MK5bQ0U0Nft
Cr5jOva1ACttrHTJbsnpyNnKMGdBn1l2sR5s6vu5eK9hIRXjUHqOrqbORBEzFE+Q
kca7Ez0KqdYsW8HymxWoHS8Y4EPwdGE3FCjWMnvngNGHbzxoATu7X3GHcTamafYd
qSqWySCqsIkkzjjeX3Ns0+Ph3oCSWhyrIw6QLFQ2XB3eLUGOB1Lv5+rojlyRdfPp
J1L5q0cxQQPX79NGcrWAhF5mWkkLKh+d5j+NIb7cwBGL7R7FdJeZkGB4DNcQGXH0
ElbBUNYvZPuNvXEmeUKClFWsAs4X146Lm3cDuXTTwcReu641iyF6ZdY7B5s8f3Y2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:20 2025 by rpki-client