Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/ozM03cUBgl0gaAo53Q8EEP8jk9A.roa
File: ozM03cUBgl0gaAo53Q8EEP8jk9A.roa (raw, json)
Hash identifier: BaEbnfZS31fh8SdOhtVy1KrA4MyOXWAqvpUBcjpq7Ms=
Subject key identifier: A3:33:34:DD:C5:01:82:5D:20:68:0A:39:DD:0F:04:10:FF:23:93:D0
Certificate issuer: /CN=70e7ad0598208a6af9d1500a740d73bcf28f0384
Certificate serial: 018CC26CF8246A46B6409B71164284E964B6
Authority key identifier: 70:E7:AD:05:98:20:8A:6A:F9:D1:50:0A:74:0D:73:BC:F2:8F:03:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOetBZggimr50VAKdA1zvPKPA4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/ozM03cUBgl0gaAo53Q8EEP8jk9A.roa
Signing time: Mon 01 Jan 2024 00:29:30 +0000
ROA not before: Mon 01 Jan 2024 00:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29663
IP address blocks: 193.201.116.0/24 maxlen: 24
2001:67c:5e8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:f8:24:6a:46:b6:40:9b:71:16:42:84:e9:64:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e7ad0598208a6af9d1500a740d73bcf28f0384
Validity
Not Before: Jan 1 00:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a33334ddc501825d20680a39dd0f0410ff2393d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:af:bb:ae:fe:47:69:98:b8:40:9d:6f:71:81:
a6:1e:9b:b5:f8:01:bc:3d:88:aa:ac:2c:d1:3e:60:
38:00:11:86:e3:d7:39:df:b1:71:d5:d5:cc:2c:c8:
29:9b:1e:fd:0b:da:06:1b:e9:7f:d8:fe:4a:72:a9:
c5:12:bc:ec:41:9c:56:a0:1d:33:d4:c6:2c:8e:0c:
da:a3:e3:94:eb:9f:eb:03:2e:b3:1c:b1:90:d0:ea:
96:8e:7e:09:f0:d1:c2:2f:c2:38:5b:35:d8:0f:3d:
c7:81:74:43:07:ec:59:3f:01:50:09:d8:f4:42:55:
ba:75:f4:d7:dd:59:26:2e:1a:e9:81:f6:13:5a:3d:
0c:16:27:3b:6e:53:2c:ba:75:35:7d:28:84:d4:42:
2a:46:80:fd:97:b6:97:23:73:ed:e5:d3:c6:04:69:
5a:1f:95:ad:85:c7:e9:f5:6e:e4:49:2a:38:3e:9c:
0d:9a:c1:cb:ef:fb:c6:d7:1e:63:3a:0c:28:44:cf:
d1:37:0b:f6:c5:88:e5:ab:8a:93:0c:76:8e:55:14:
8d:b7:d3:bf:79:72:67:c5:ea:a4:1e:26:99:d0:47:
cc:f8:56:23:f9:9a:78:31:e3:f2:86:3d:79:40:84:
2a:bc:ca:85:be:23:88:8b:d6:3d:e0:37:f6:78:4d:
8e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:33:34:DD:C5:01:82:5D:20:68:0A:39:DD:0F:04:10:FF:23:93:D0
X509v3 Authority Key Identifier:
keyid:70:E7:AD:05:98:20:8A:6A:F9:D1:50:0A:74:0D:73:BC:F2:8F:03:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOetBZggimr50VAKdA1zvPKPA4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/ozM03cUBgl0gaAo53Q8EEP8jk9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/666404-c28f-4d29-96e4-607e17aec750/1/cOetBZggimr50VAKdA1zvPKPA4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.116.0/24
IPv6:
2001:67c:5e8::/48
Signature Algorithm: sha256WithRSAEncryption
c3:1f:c7:16:fc:f7:65:f9:30:e4:2a:75:0a:0e:60:92:9e:fd:
01:f2:46:6a:af:34:cd:51:64:2f:7e:df:3a:c0:fb:b3:78:6e:
d2:57:ec:9a:e4:ea:74:e0:85:30:6b:65:21:7d:7e:c2:90:a6:
4a:cc:db:49:ab:bf:f0:6f:9a:66:32:d4:0a:6f:b2:cf:3a:66:
ee:51:34:ab:7b:a2:39:6c:81:20:a0:60:bb:af:cd:1d:95:cd:
f9:5b:05:c8:d3:e4:b2:26:cf:83:70:53:b3:d0:b5:e9:85:bb:
cf:72:c0:c3:de:5d:d2:cb:bb:5e:c6:b3:66:cf:90:f4:5e:48:
b9:f8:a2:2f:62:b7:83:13:14:b3:f6:a7:f0:01:4d:4e:f5:3b:
e0:83:9b:69:ac:51:31:34:a4:fa:fd:a8:53:04:0c:14:68:2c:
ea:c7:6b:6f:88:8b:8c:e9:18:a4:d7:f1:82:c9:40:c2:97:23:
d6:38:d8:fc:be:4f:ea:75:e2:77:ed:4e:60:ba:7c:d0:35:fc:
fd:b7:4c:71:d7:ea:2d:87:b4:3a:b8:42:2e:20:f1:b4:99:2d:
c0:6a:e3:65:6a:b6:df:39:60:bc:36:f6:c4:a5:c1:16:e5:4f:
79:72:7f:5f:24:6d:0d:8a:97:95:8c:82:43:a0:ce:57:88:e6:
77:c7:4c:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzCbPgkaka2QJtxFkKE6WS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTdhZDA1OTgyMDhhNmFmOWQxNTAwYTc0MGQ3M2JjZjI4
ZjAzODQwHhcNMjQwMTAxMDAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzMzMzRkZGM1MDE4MjVkMjA2ODBhMzlkZDBmMDQxMGZmMjM5M2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq+7rv5HaZi4QJ1vcYGmHpu1+AG8
PYiqrCzRPmA4ABGG49c537Fx1dXMLMgpmx79C9oGG+l/2P5KcqnFErzsQZxWoB0z
1MYsjgzao+OU65/rAy6zHLGQ0OqWjn4J8NHCL8I4WzXYDz3HgXRDB+xZPwFQCdj0
QlW6dfTX3VkmLhrpgfYTWj0MFic7blMsunU1fSiE1EIqRoD9l7aXI3Pt5dPGBGla
H5Wthcfp9W7kSSo4PpwNmsHL7/vG1x5jOgwoRM/RNwv2xYjlq4qTDHaOVRSNt9O/
eXJnxeqkHiaZ0EfM+FYj+Zp4MePyhj15QIQqvMqFviOIi9Y94Df2eE2O2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKMzNN3FAYJdIGgKOd0PBBD/I5PQMB8GA1UdIwQY
MBaAFHDnrQWYIIpq+dFQCnQNc7zyjwOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09ldEJaZ2dpbXI1MFZBS2RBMXp2UEtQQTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82NjY0MDQtYzI4Zi00ZDI5LTk2ZTQt
NjA3ZTE3YWVjNzUwLzEvb3pNMDNjVUJnbDBnYUFvNTNROEVFUDhqazlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82NjY0MDQtYzI4Zi00ZDI5LTk2ZTQtNjA3ZTE3YWVjNzUw
LzEvY09ldEJaZ2dpbXI1MFZBS2RBMXp2UEtQQTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwcl0MA8E
AgACMAkDBwAgAQZ8BegwDQYJKoZIhvcNAQELBQADggEBAMMfxxb892X5MOQqdQoO
YJKe/QHyRmqvNM1RZC9+3zrA+7N4btJX7Jrk6nTghTBrZSF9fsKQpkrM20mrv/Bv
mmYy1Apvss86Zu5RNKt7ojlsgSCgYLuvzR2VzflbBcjT5LImz4NwU7PQtemFu89y
wMPeXdLLu17Gs2bPkPReSLn4oi9it4MTFLP2p/ABTU71O+CDm2msUTE0pPr9qFME
DBRoLOrHa2+Ii4zpGKTX8YLJQMKXI9Y42Py+T+p14nftTmC6fNA1/P23THHX6i2H
tDq4Qi4g8bSZLcBq42Vqtt85YLw29sSlwRblT3lyf18kbQ2Kl5WMgkOgzleI5nfH
TMM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:10 2025 by rpki-client