Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/qNTaWImT2iN-VZKyHhS86Hje3iA.roa
File: qNTaWImT2iN-VZKyHhS86Hje3iA.roa (raw, json)
Hash identifier: EAp7mak+IB8s0WHK9EWPgCqa3kH4ATtFLm8Rbidtl98=
Subject key identifier: A8:D4:DA:58:89:93:DA:23:7E:55:92:B2:1E:14:BC:E8:78:DE:DE:20
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 01938C2DAE7901D24070670A742630546965
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/qNTaWImT2iN-VZKyHhS86Hje3iA.roa
Signing time: Tue 03 Dec 2024 11:00:24 +0000
ROA not before: Tue 03 Dec 2024 11:00:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198128
IP address blocks: 193.207.32.0/21 maxlen: 22
193.207.40.0/22 maxlen: 22
193.207.44.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:2d:ae:79:01:d2:40:70:67:0a:74:26:30:54:69:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Dec 3 11:00:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8d4da588993da237e5592b21e14bce878dede20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:87:94:59:4c:ad:c4:3d:2f:4a:42:2d:51:8f:
41:19:45:b5:9d:96:9e:6d:a3:bf:4d:2f:9b:cd:f4:
65:d9:db:dc:10:14:9d:8f:30:05:b8:34:21:89:30:
4c:0d:84:5a:5c:dc:f8:ec:a6:d5:eb:75:b3:86:d5:
28:64:b1:84:c8:78:be:ef:02:ba:74:11:0c:34:07:
69:89:c6:79:50:a2:91:49:72:b7:47:a7:db:6f:eb:
16:f1:16:7c:b8:a2:97:05:1e:a1:ff:5a:6a:1f:41:
e2:d8:09:6e:e7:18:e8:d3:65:84:c9:51:98:0f:19:
fb:a5:f3:6b:26:f5:cd:a9:de:74:21:c3:c1:b8:a0:
59:93:f2:16:46:e9:84:01:01:64:e9:74:98:44:e9:
19:93:97:ea:4d:f3:d3:10:8c:74:d0:1f:ec:be:c9:
60:75:ac:8c:b5:d4:f8:f4:66:c7:09:bc:db:0e:32:
ea:f1:30:34:eb:e8:b7:11:2e:18:17:50:ef:d5:81:
0f:50:c3:78:10:27:a6:6c:7b:fc:be:d0:87:31:d4:
6a:48:73:ee:7f:6b:36:79:49:e9:ab:51:de:89:14:
39:ac:4a:0a:14:53:84:66:ac:c7:e2:a4:ea:b1:4b:
89:d5:81:81:a5:a8:39:33:2d:84:44:ae:3a:4d:7c:
fc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D4:DA:58:89:93:DA:23:7E:55:92:B2:1E:14:BC:E8:78:DE:DE:20
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/qNTaWImT2iN-VZKyHhS86Hje3iA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.207.32.0/20
Signature Algorithm: sha256WithRSAEncryption
16:8a:9d:69:cd:8a:50:59:4a:b3:90:a8:41:5c:3c:5c:cb:40:
74:39:0f:08:e1:70:86:04:57:ee:36:b8:48:ad:32:2c:6d:31:
02:65:6a:f3:0d:06:cb:55:e3:02:68:a4:53:3f:f3:13:7c:bb:
3c:4d:65:b5:c8:be:03:7a:e9:27:48:3e:9e:b1:fb:b4:4c:83:
6e:5a:d4:9a:01:b7:6e:c5:75:c7:c0:16:ac:1c:d2:9c:95:08:
b3:fc:6c:eb:9f:cd:55:aa:c8:2a:ff:5f:47:cd:7d:54:7c:a9:
f8:b9:f3:d5:e4:b0:79:f6:21:a2:b4:46:68:34:9b:a4:70:a5:
b0:b8:0b:ab:79:14:8d:73:96:39:94:3d:05:0a:f0:e5:29:67:
56:ed:bf:67:03:3c:c3:57:ce:c4:41:0b:87:ae:3d:53:97:71:
d7:3d:14:ad:98:3d:30:e1:eb:0c:1b:14:3d:26:47:6a:4d:49:
2b:8f:33:35:18:0a:76:bb:f1:d3:c2:97:07:28:33:43:d2:f2:
d1:eb:1f:d1:1b:c9:ae:9b:6c:d9:1f:1e:23:22:59:22:b4:ff:
1b:45:f0:32:d1:0b:43:a6:e2:c1:c4:f5:f7:21:61:25:11:51:
26:11:fb:95:e8:0d:e1:e6:ca:4e:f1:a5:c4:54:b7:54:28:c0:
75:bd:1a:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOMLa55AdJAcGcKdCYwVGllMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjQxMjAzMTEwMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGQ0ZGE1ODg5OTNkYTIzN2U1NTkyYjIxZTE0YmNlODc4ZGVkZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4eUWUytxD0vSkItUY9BGUW1nZae
baO/TS+bzfRl2dvcEBSdjzAFuDQhiTBMDYRaXNz47KbV63WzhtUoZLGEyHi+7wK6
dBEMNAdpicZ5UKKRSXK3R6fbb+sW8RZ8uKKXBR6h/1pqH0Hi2Alu5xjo02WEyVGY
Dxn7pfNrJvXNqd50IcPBuKBZk/IWRumEAQFk6XSYROkZk5fqTfPTEIx00B/svslg
dayMtdT49GbHCbzbDjLq8TA06+i3ES4YF1Dv1YEPUMN4ECembHv8vtCHMdRqSHPu
f2s2eUnpq1HeiRQ5rEoKFFOEZqzH4qTqsUuJ1YGBpag5My2ERK46TXz8dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKjU2liJk9ojflWSsh4UvOh43t4gMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvcU5UYVdJbVQyaU4tVlpLeUhoUzg2SGplM2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwc8gMA0G
CSqGSIb3DQEBCwUAA4IBAQAWip1pzYpQWUqzkKhBXDxcy0B0OQ8I4XCGBFfuNrhI
rTIsbTECZWrzDQbLVeMCaKRTP/MTfLs8TWW1yL4DeuknSD6esfu0TINuWtSaAbdu
xXXHwBasHNKclQiz/Gzrn81Vqsgq/19HzX1UfKn4ufPV5LB59iGitEZoNJukcKWw
uAureRSNc5Y5lD0FCvDlKWdW7b9nAzzDV87EQQuHrj1Tl3HXPRStmD0w4esMGxQ9
JkdqTUkrjzM1GAp2u/HTwpcHKDND0vLR6x/RG8mum2zZHx4jIlkitP8bRfAy0QtD
puLBxPX3IWElEVEmEfuV6A3h5spO8aXEVLdUKMB1vRpT
-----END CERTIFICATE-----
Generated at Mon Apr 14 17:12:14 2025 by rpki-client