Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/56c782-6e9e-4fc8-bb99-f640ad3b8cf4/1/T-Mcz0d4_srUi_9SoGE_mEKSW-0.roa
File: T-Mcz0d4_srUi_9SoGE_mEKSW-0.roa (raw, json)
Hash identifier: 8a86xSlbyYymgH43OFuIYten4dDDHYZipM/H9OXzpb8=
Subject key identifier: 4F:E3:1C:CF:47:78:FE:CA:D4:8B:FF:52:A0:61:3F:98:42:92:5B:ED
Certificate issuer: /CN=163bcbd9bc93849a7ffdf7294c2de9dfb1eaf283
Certificate serial: 018CC86F3AD206771D4A751D1D62BBF99799
Authority key identifier: 16:3B:CB:D9:BC:93:84:9A:7F:FD:F7:29:4C:2D:E9:DF:B1:EA:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjvL2byThJp__fcpTC3p37Hq8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/56c782-6e9e-4fc8-bb99-f640ad3b8cf4/1/T-Mcz0d4_srUi_9SoGE_mEKSW-0.roa
Signing time: Tue 02 Jan 2024 04:29:41 +0000
ROA not before: Tue 02 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21241
IP address blocks: 193.58.76.0/23 maxlen: 23
193.58.72.0/21 maxlen: 21
193.58.72.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:3a:d2:06:77:1d:4a:75:1d:1d:62:bb:f9:97:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=163bcbd9bc93849a7ffdf7294c2de9dfb1eaf283
Validity
Not Before: Jan 2 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fe31ccf4778fecad48bff52a0613f9842925bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2e:ad:1f:09:50:37:70:95:7a:d1:8e:f7:4a:
c3:97:e5:63:c0:c4:43:51:9d:03:ba:7f:f4:07:5a:
c5:01:f4:9b:b1:77:4e:d0:18:f5:b3:99:8b:1d:b5:
a0:35:5a:48:af:3f:3c:de:3e:ea:57:b7:8e:73:01:
0a:ad:3a:81:88:d6:e7:76:cd:c8:d6:79:07:05:ec:
e2:8f:f1:ff:d5:7e:1f:1b:95:2d:96:5e:1c:3d:2e:
a7:f5:5a:24:56:50:39:fa:30:a7:6c:8b:76:bb:8a:
40:a9:dd:bd:58:6b:e2:0b:09:15:e1:c6:72:9b:18:
9a:51:83:24:a9:fb:4f:8f:fb:1b:48:a1:03:f0:9b:
2a:eb:58:9c:a9:ae:74:05:b6:3f:2c:7f:69:c6:e1:
42:8e:55:8c:a0:88:78:d2:e2:56:0e:b6:7c:74:f4:
01:00:e6:72:1c:19:70:fd:0e:e9:b6:9e:00:c2:a1:
b4:a0:9f:23:46:8b:5c:cf:c0:6a:71:61:99:56:0f:
a6:d0:62:18:0d:64:bb:4a:e3:90:7a:e9:ce:0c:e5:
53:b1:81:f0:24:13:8d:14:9c:7f:14:b1:c4:c9:50:
89:3d:aa:ea:eb:af:36:6f:b4:9c:b6:56:53:fc:74:
7f:58:df:ed:39:52:86:6b:6a:8a:ec:04:f0:dd:a9:
86:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E3:1C:CF:47:78:FE:CA:D4:8B:FF:52:A0:61:3F:98:42:92:5B:ED
X509v3 Authority Key Identifier:
keyid:16:3B:CB:D9:BC:93:84:9A:7F:FD:F7:29:4C:2D:E9:DF:B1:EA:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjvL2byThJp__fcpTC3p37Hq8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/56c782-6e9e-4fc8-bb99-f640ad3b8cf4/1/T-Mcz0d4_srUi_9SoGE_mEKSW-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/56c782-6e9e-4fc8-bb99-f640ad3b8cf4/1/FjvL2byThJp__fcpTC3p37Hq8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.72.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:21:50:14:7a:1a:ce:60:df:f5:1e:58:ae:5a:04:ff:8b:ac:
a6:f7:21:95:0c:76:69:14:ec:84:02:b5:48:b1:81:46:fc:e8:
da:7f:c3:a9:c1:91:0c:d0:b1:4f:f7:14:c0:6a:25:ab:64:b2:
cc:e9:e8:c5:fe:6d:90:71:15:9d:72:f1:b6:05:e1:f2:be:39:
6d:8f:0c:e4:76:a4:68:83:b7:6b:3e:bc:0e:9a:5b:34:fa:8f:
a8:6c:d3:85:1b:68:56:f2:21:69:f6:e4:be:95:3f:ac:aa:68:
68:85:af:a9:61:62:ba:ec:90:14:28:09:07:95:71:6d:1f:98:
c0:19:26:78:35:a7:72:6e:03:58:4f:c9:13:34:da:8b:32:cf:
ec:ea:dc:e9:fa:ff:82:1c:52:94:c9:74:0c:83:35:1b:3f:1b:
38:6b:b7:98:73:90:07:00:23:9e:9b:2f:ad:2e:09:c3:3a:68:
cd:ae:64:97:f9:ca:2f:bd:5c:f6:1c:15:93:3d:ca:fb:67:a1:
0d:32:84:6a:43:39:62:eb:b4:0c:5b:1f:d0:26:5c:e7:82:61:
47:9a:5d:43:b1:50:05:a8:cc:fe:f4:c4:f9:b7:7b:1b:6b:bd:
37:2f:cb:7a:87:e0:10:f8:f5:68:a3:50:1e:6a:d3:07:29:a0:
ce:6f:f7:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbzrSBncdSnUdHWK7+ZeZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2M2JjYmQ5YmM5Mzg0OWE3ZmZkZjcyOTRjMmRlOWRmYjFl
YWYyODMwHhcNMjQwMTAyMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUzMWNjZjQ3NzhmZWNhZDQ4YmZmNTJhMDYxM2Y5ODQyOTI1YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli6tHwlQN3CVetGO90rDl+VjwMRD
UZ0Dun/0B1rFAfSbsXdO0Bj1s5mLHbWgNVpIrz883j7qV7eOcwEKrTqBiNbnds3I
1nkHBezij/H/1X4fG5Utll4cPS6n9VokVlA5+jCnbIt2u4pAqd29WGviCwkV4cZy
mxiaUYMkqftPj/sbSKED8Jsq61icqa50BbY/LH9pxuFCjlWMoIh40uJWDrZ8dPQB
AOZyHBlw/Q7ptp4AwqG0oJ8jRotcz8BqcWGZVg+m0GIYDWS7SuOQeunODOVTsYHw
JBONFJx/FLHEyVCJParq6682b7SctlZT/HR/WN/tOVKGa2qK7ATw3amG9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/jHM9HeP7K1Iv/UqBhP5hCklvtMB8GA1UdIwQY
MBaAFBY7y9m8k4Saf/33KUwt6d+x6vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmp2TDJieVRoSnBfX2ZjcFRDM3AzN0hxOG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81NmM3ODItNmU5ZS00ZmM4LWJiOTkt
ZjY0MGFkM2I4Y2Y0LzEvVC1NY3owZDRfc3JVaV85U29HRV9tRUtTVy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81NmM3ODItNmU5ZS00ZmM4LWJiOTktZjY0MGFkM2I4Y2Y0
LzEvRmp2TDJieVRoSnBfX2ZjcFRDM3AzN0hxOG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwTpIMA0G
CSqGSIb3DQEBCwUAA4IBAQBtIVAUehrOYN/1HliuWgT/i6ym9yGVDHZpFOyEArVI
sYFG/Ojaf8OpwZEM0LFP9xTAaiWrZLLM6ejF/m2QcRWdcvG2BeHyvjltjwzkdqRo
g7drPrwOmls0+o+obNOFG2hW8iFp9uS+lT+sqmhoha+pYWK67JAUKAkHlXFtH5jA
GSZ4NadybgNYT8kTNNqLMs/s6tzp+v+CHFKUyXQMgzUbPxs4a7eYc5AHACOemy+t
LgnDOmjNrmSX+covvVz2HBWTPcr7Z6ENMoRqQzli67QMWx/QJlzngmFHml1DsVAF
qMz+9MT5t3sba703L8t6h+AQ+PVoo1AeatMHKaDOb/f8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:05 2025 by rpki-client