Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/tnYabtyZI6cZP5wWoqV7BG8pWfM.roa
File: tnYabtyZI6cZP5wWoqV7BG8pWfM.roa (raw, json)
Hash identifier: CT+KKLstB3piGo2nuqHrOTQgCe5jwmuLXbvg2slrwTk=
Subject key identifier: B6:76:1A:6E:DC:99:23:A7:19:3F:9C:16:A2:A5:7B:04:6F:29:59:F3
Certificate issuer: /CN=764136c3cdbfd5fb60cafd4a9b1d473a3b672635
Certificate serial: 018CC348D42D54C83F46D05A62CA653EE61A
Authority key identifier: 76:41:36:C3:CD:BF:D5:FB:60:CA:FD:4A:9B:1D:47:3A:3B:67:26:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkE2w82_1ftgyv1Kmx1HOjtnJjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/tnYabtyZI6cZP5wWoqV7BG8pWfM.roa
Signing time: Mon 01 Jan 2024 04:29:39 +0000
ROA not before: Mon 01 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202112
IP address blocks: 193.57.35.0/24 maxlen: 24
2a13:ec2::/47 maxlen: 47
2a13:ec7::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 17 Jan 2024 14:50:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d4:2d:54:c8:3f:46:d0:5a:62:ca:65:3e:e6:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764136c3cdbfd5fb60cafd4a9b1d473a3b672635
Validity
Not Before: Jan 1 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6761a6edc9923a7193f9c16a2a57b046f2959f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7e:47:49:2f:00:35:6b:57:eb:bf:63:31:de:
21:78:07:9e:e3:11:32:a2:6e:97:80:6c:6f:94:18:
92:59:7f:46:27:b4:36:bf:4c:bb:35:1b:03:33:17:
4e:fa:1b:9c:ab:b4:cc:d4:a4:8a:e9:b6:ae:b5:40:
ec:96:27:fb:e9:e9:cd:ea:88:4b:72:db:87:df:cd:
ae:e2:7b:22:b3:16:da:a8:e4:45:13:af:92:89:2e:
62:b2:cb:f6:33:3b:3a:84:f0:9e:e8:c2:97:14:e3:
02:d1:9f:3f:12:1a:06:9c:5e:89:e3:f0:c2:48:27:
6d:ef:4e:fc:45:32:b6:1d:e3:11:cc:b0:e2:a5:2c:
b0:5c:32:95:d6:97:aa:e2:74:64:60:50:d5:2a:b5:
4c:0a:95:c6:99:52:c0:4a:9f:6b:db:bd:d9:5e:c4:
92:9d:79:1f:2f:ce:09:d9:e3:44:c3:1a:6b:cb:d7:
a0:8f:90:8f:eb:a3:3f:71:15:e2:ba:a4:78:4e:e8:
c6:5f:49:0c:ea:aa:d5:60:29:1f:9e:93:79:9f:f5:
0d:90:71:a3:c3:8a:f0:2c:f3:3b:2e:e7:b6:c3:55:
29:35:6e:c5:3f:59:4b:f0:b8:7c:fe:00:de:1b:cd:
57:6a:ff:8b:99:54:08:fb:60:f7:93:1c:ed:4e:d1:
30:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:76:1A:6E:DC:99:23:A7:19:3F:9C:16:A2:A5:7B:04:6F:29:59:F3
X509v3 Authority Key Identifier:
keyid:76:41:36:C3:CD:BF:D5:FB:60:CA:FD:4A:9B:1D:47:3A:3B:67:26:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkE2w82_1ftgyv1Kmx1HOjtnJjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/tnYabtyZI6cZP5wWoqV7BG8pWfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/dkE2w82_1ftgyv1Kmx1HOjtnJjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.35.0/24
IPv6:
2a13:ec2::/47
2a13:ec7::/48
Signature Algorithm: sha256WithRSAEncryption
78:e9:18:51:95:80:90:92:8c:0c:93:38:9b:b7:8c:8f:f0:ce:
d9:e6:f5:35:4f:2c:b7:34:cd:86:22:49:f1:1a:de:6e:4f:f4:
a2:cf:cc:09:9f:9e:71:e1:3f:70:ce:4e:76:eb:5d:6c:06:47:
0d:ba:1b:70:ad:41:f3:92:35:01:2d:c6:52:89:4b:97:7a:02:
b4:71:91:b2:40:c7:3a:61:fe:13:fe:59:08:0b:b8:77:fe:05:
02:d2:a9:50:bb:96:96:47:ed:d4:09:65:1d:a0:6e:8c:e6:8a:
e8:0f:14:5f:81:22:71:a0:0c:59:f9:97:ac:12:64:eb:ab:53:
b8:a7:0e:6c:6d:12:46:7d:f8:91:7a:a6:4c:7f:fa:f7:dc:e5:
87:35:72:42:6f:6c:fc:96:0c:21:c1:7d:d3:06:44:fd:1b:7f:
6e:fe:47:8c:9a:0a:9a:48:a2:6d:fb:7a:f9:db:f9:9d:3f:4b:
43:7e:d7:e6:aa:d8:39:dc:d9:3b:3e:6a:4d:af:0a:5e:17:05:
1f:fe:9a:5b:d5:16:3f:01:b0:9d:a3:f1:11:7b:8a:3d:3b:31:
12:1b:fb:09:9b:e3:f7:61:0f:e3:f2:25:1c:7a:f6:3d:f2:2f:
6e:1c:09:54:0d:b3:bc:d1:b1:36:cd:01:22:88:81:3a:e2:fa:
b3:84:77:dd
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDSNQtVMg/RtBaYsplPuYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDEzNmMzY2RiZmQ1ZmI2MGNhZmQ0YTliMWQ0NzNhM2I2
NzI2MzUwHhcNMjQwMTAxMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc2MWE2ZWRjOTkyM2E3MTkzZjljMTZhMmE1N2IwNDZmMjk1OWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX5HSS8ANWtX679jMd4heAee4xEy
om6XgGxvlBiSWX9GJ7Q2v0y7NRsDMxdO+hucq7TM1KSK6bautUDslif76enN6ohL
ctuH382u4nsisxbaqORFE6+SiS5issv2Mzs6hPCe6MKXFOMC0Z8/EhoGnF6J4/DC
SCdt7078RTK2HeMRzLDipSywXDKV1peq4nRkYFDVKrVMCpXGmVLASp9r273ZXsSS
nXkfL84J2eNEwxpry9egj5CP66M/cRXiuqR4TujGX0kM6qrVYCkfnpN5n/UNkHGj
w4rwLPM7Lue2w1UpNW7FP1lL8Lh8/gDeG81Xav+LmVQI+2D3kxztTtEwowIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLZ2Gm7cmSOnGT+cFqKlewRvKVnzMB8GA1UdIwQY
MBaAFHZBNsPNv9X7YMr9SpsdRzo7ZyY1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtFMnc4Ml8xZnRneXYxS214MUhPanRuSmpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81MjQ2ZTYtNzJjNi00ZjQ3LWEzYTMt
ZTRkZjVhODdkNGVkLzEvdG5ZYWJ0eVpJNmNaUDV3V29xVjdCRzhwV2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81MjQ2ZTYtNzJjNi00ZjQ3LWEzYTMtZTRkZjVhODdkNGVk
LzEvZGtFMnc4Ml8xZnRneXYxS214MUhPanRuSmpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwTkjMBgE
AgACMBIDBwEqEw7CAAADBwAqEw7HAAAwDQYJKoZIhvcNAQELBQADggEBAHjpGFGV
gJCSjAyTOJu3jI/wztnm9TVPLLc0zYYiSfEa3m5P9KLPzAmfnnHhP3DOTnbrXWwG
Rw26G3CtQfOSNQEtxlKJS5d6ArRxkbJAxzph/hP+WQgLuHf+BQLSqVC7lpZH7dQJ
ZR2gbozmiugPFF+BInGgDFn5l6wSZOurU7inDmxtEkZ9+JF6pkx/+vfc5Yc1ckJv
bPyWDCHBfdMGRP0bf27+R4yaCppIom37evnb+Z0/S0N+1+aq2Dnc2Ts+ak2vCl4X
BR/+mlvVFj8BsJ2j8RF7ij07MRIb+wmb4/dhD+PyJRx69j3yL24cCVQNs7zRsTbN
ASKIgTri+rOEd90=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:11 2025 by rpki-client