Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/dGhbZhRYpGgZU3lKXYyBi8GOt9Y.roa
File: dGhbZhRYpGgZU3lKXYyBi8GOt9Y.roa (raw, json)
Hash identifier: pDrp53JEt67GFJ8hEo43iCRgCUtt1FEigGzlUKtOYh8=
Subject key identifier: 74:68:5B:66:14:58:A4:68:19:53:79:4A:5D:8C:81:8B:C1:8E:B7:D6
Certificate issuer: /CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Certificate serial: 018DD161425ED43DFCBBBE21E8079361AB3A
Authority key identifier: 5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/dGhbZhRYpGgZU3lKXYyBi8GOt9Y.roa
Signing time: Thu 22 Feb 2024 15:13:48 +0000
ROA not before: Thu 22 Feb 2024 15:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 193.8.236.0/23 maxlen: 23
193.8.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d1:61:42:5e:d4:3d:fc:bb:be:21:e8:07:93:61:ab:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1f213b8c792b7e013fa5041f5b89971e6f62d6
Validity
Not Before: Feb 22 15:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74685b661458a4681953794a5d8c818bc18eb7d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ed:9d:fa:a2:2f:7b:62:c2:fc:b4:f6:d9:a2:
c0:5a:75:31:e2:76:35:ca:9e:b8:2f:e5:9c:41:ff:
61:b9:39:5b:53:c5:59:60:61:1d:b0:0e:d0:c4:a4:
67:26:f7:c5:90:1b:63:92:2a:89:41:4e:3d:81:a0:
e6:25:b8:db:1c:c5:52:75:2c:af:de:47:d4:c9:97:
1a:5d:0c:ba:7c:16:8e:36:41:ec:a4:8c:fc:c7:df:
2f:69:0e:f1:8c:6a:67:6e:2b:79:75:e9:5a:8b:60:
ab:bc:5f:90:ea:da:15:72:a4:71:e2:c6:00:70:86:
22:42:46:52:3c:aa:e1:32:b5:9b:92:f2:de:7a:b0:
00:cf:37:b0:d7:20:ce:a1:74:1d:d4:29:be:2b:39:
f6:68:24:a9:d7:a3:14:a1:fe:26:65:0c:02:a8:8f:
fa:08:ba:c0:1d:e6:a3:cd:f3:90:2a:e4:65:f3:de:
54:20:31:8f:4e:a7:33:cb:89:32:01:7f:31:bd:a8:
30:c5:9c:45:90:38:4a:e8:c8:50:28:fe:e1:7a:3d:
4d:98:ff:df:70:44:77:62:a3:37:db:70:ab:78:0e:
26:c4:ae:47:36:3e:c6:ba:fc:67:3b:8f:79:35:32:
11:ee:d9:5e:ee:27:a0:64:8a:62:5c:57:59:48:87:
13:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:68:5B:66:14:58:A4:68:19:53:79:4A:5D:8C:81:8B:C1:8E:B7:D6
X509v3 Authority Key Identifier:
keyid:5F:1F:21:3B:8C:79:2B:7E:01:3F:A5:04:1F:5B:89:97:1E:6F:62:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx8hO4x5K34BP6UEH1uJlx5vYtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/dGhbZhRYpGgZU3lKXYyBi8GOt9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/32f8d3-7328-45f0-a007-402238638ea3/1/Xx8hO4x5K34BP6UEH1uJlx5vYtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.236.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:0c:79:a1:74:61:56:ef:c8:3b:73:cb:36:16:7c:9f:67:6d:
4d:95:2d:ea:32:24:8d:8a:2b:71:ee:7e:e5:02:88:44:c8:63:
d5:46:5a:b5:66:08:77:3e:e5:b6:2c:34:18:5b:44:c5:8d:3c:
20:60:8d:40:b1:f6:df:cc:7a:46:b9:71:6c:38:34:c5:8a:cc:
5f:c3:f4:30:96:4e:7d:d3:4c:a2:00:c8:8b:9f:02:19:16:22:
fb:65:b3:8e:b3:97:0d:d8:06:68:25:96:cb:5f:52:83:cc:6b:
57:b3:66:ad:75:86:10:c2:13:c3:e0:e3:4f:a4:70:d5:77:01:
fa:0c:70:67:ff:e6:ab:75:cd:08:7a:a3:3e:0e:f3:b2:7f:74:
1c:90:eb:ba:09:d9:c1:cf:09:bd:ee:c1:9b:21:39:b8:87:b6:
d0:e6:24:74:c8:48:fa:4f:4b:f9:e8:06:07:d8:48:0d:cd:d7:
f4:42:57:92:e5:f4:60:cb:ce:c5:cf:da:d6:8f:97:64:35:4c:
8a:dc:9e:5d:98:b9:e0:43:10:44:fa:e7:ff:c3:64:64:6e:ea:
e6:07:19:96:9a:38:83:8f:7f:5d:4b:57:ff:d2:bc:65:ef:50:
7b:ad:d1:d1:67:af:72:55:2f:3d:5e:44:20:c2:cd:7a:88:ea:
cf:0f:7b:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3RYUJe1D38u74h6AeTYas6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWYyMTNiOGM3OTJiN2UwMTNmYTUwNDFmNWI4OTk3MWU2
ZjYyZDYwHhcNMjQwMjIyMTUxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDY4NWI2NjE0NThhNDY4MTk1Mzc5NGE1ZDhjODE4YmMxOGViN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve2d+qIve2LC/LT22aLAWnUx4nY1
yp64L+WcQf9huTlbU8VZYGEdsA7QxKRnJvfFkBtjkiqJQU49gaDmJbjbHMVSdSyv
3kfUyZcaXQy6fBaONkHspIz8x98vaQ7xjGpnbit5delai2CrvF+Q6toVcqRx4sYA
cIYiQkZSPKrhMrWbkvLeerAAzzew1yDOoXQd1Cm+Kzn2aCSp16MUof4mZQwCqI/6
CLrAHeajzfOQKuRl895UIDGPTqczy4kyAX8xvagwxZxFkDhK6MhQKP7hej1NmP/f
cER3YqM323CreA4mxK5HNj7GuvxnO495NTIR7tle7iegZIpiXFdZSIcTWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRoW2YUWKRoGVN5Sl2MgYvBjrfWMB8GA1UdIwQY
MBaAFF8fITuMeSt+AT+lBB9biZceb2LWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDct
NDAyMjM4NjM4ZWEzLzEvZEdoYlpoUllwR2daVTNsS1hZeUJpOEdPdDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zMmY4ZDMtNzMyOC00NWYwLWEwMDctNDAyMjM4NjM4ZWEz
LzEvWHg4aE80eDVLMzRCUDZVRUgxdUpseDV2WXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQjsMA0G
CSqGSIb3DQEBCwUAA4IBAQCzDHmhdGFW78g7c8s2FnyfZ21NlS3qMiSNiitx7n7l
AohEyGPVRlq1Zgh3PuW2LDQYW0TFjTwgYI1AsfbfzHpGuXFsODTFisxfw/Qwlk59
00yiAMiLnwIZFiL7ZbOOs5cN2AZoJZbLX1KDzGtXs2atdYYQwhPD4ONPpHDVdwH6
DHBn/+ardc0IeqM+DvOyf3QckOu6CdnBzwm97sGbITm4h7bQ5iR0yEj6T0v56AYH
2EgNzdf0QleS5fRgy87Fz9rWj5dkNUyK3J5dmLngQxBE+uf/w2RkburmBxmWmjiD
j39dS1f/0rxl71B7rdHRZ69yVS89XkQgws16iOrPD3tQ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:39 2025 by rpki-client