Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/d57969-ea5f-4518-92e1-53a0680f9710/1/kj8CYXjiIanB31FWFFARzf6Z0qE.roa
File: kj8CYXjiIanB31FWFFARzf6Z0qE.roa (raw, json)
Hash identifier: gQIoN6SymTXQozItEtcGyJfrtuLai+FNsU1fxhBGX+o=
Subject key identifier: 92:3F:02:61:78:E2:21:A9:C1:DF:51:56:14:50:11:CD:FE:99:D2:A1
Certificate issuer: /CN=3c8dfe109de831d32fd78a58cc5c1d149a4553d2
Certificate serial: 018CC425285CDECC215BD77FFB60F3C0F090
Authority key identifier: 3C:8D:FE:10:9D:E8:31:D3:2F:D7:8A:58:CC:5C:1D:14:9A:45:53:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PI3-EJ3oMdMv14pYzFwdFJpFU9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/d57969-ea5f-4518-92e1-53a0680f9710/1/kj8CYXjiIanB31FWFFARzf6Z0qE.roa
Signing time: Mon 01 Jan 2024 08:30:18 +0000
ROA not before: Mon 01 Jan 2024 08:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16279
IP address blocks: 193.178.176.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:28:5c:de:cc:21:5b:d7:7f:fb:60:f3:c0:f0:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c8dfe109de831d32fd78a58cc5c1d149a4553d2
Validity
Not Before: Jan 1 08:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=923f026178e221a9c1df5156145011cdfe99d2a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:78:08:95:4e:35:48:c6:a9:d2:95:6f:47:10:
b4:19:0c:18:62:88:d9:43:5b:79:11:34:db:1e:c2:
23:72:7f:7d:9b:1f:fd:e2:38:54:f6:4a:1f:63:b9:
46:be:d2:74:23:41:d6:de:78:d5:21:a3:43:3b:48:
ec:06:27:1a:6e:46:89:3c:08:af:69:f1:2f:54:7c:
7b:bc:ba:79:19:21:50:60:b2:a5:11:36:b4:5e:de:
15:90:4c:a2:1e:cf:d4:74:27:36:12:da:35:99:c8:
25:9e:83:fd:db:c6:df:b5:ea:42:6d:ec:28:f6:bf:
be:fa:72:9c:2b:0b:7c:a9:61:5f:4f:2a:f3:ea:09:
17:1c:7e:6b:2b:99:23:13:3f:6d:3e:6d:8a:b3:7d:
e1:60:7d:b7:81:2e:70:83:2f:67:8c:bb:a2:2c:a7:
28:de:71:df:e9:ab:cb:2d:cf:bb:a1:a8:c4:4f:4a:
ab:28:e8:61:08:6c:f1:25:7d:cc:e6:87:bf:ea:a8:
df:da:77:ec:eb:a8:08:7a:90:6f:0b:7a:41:92:f0:
89:c4:5a:3d:fa:59:1a:8b:10:78:f8:07:c2:55:c1:
07:d8:1e:d4:52:61:4f:a8:ce:47:be:77:7d:06:73:
8e:87:de:f0:0f:8c:19:8b:a1:c7:52:4a:24:84:cb:
77:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:3F:02:61:78:E2:21:A9:C1:DF:51:56:14:50:11:CD:FE:99:D2:A1
X509v3 Authority Key Identifier:
keyid:3C:8D:FE:10:9D:E8:31:D3:2F:D7:8A:58:CC:5C:1D:14:9A:45:53:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PI3-EJ3oMdMv14pYzFwdFJpFU9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d57969-ea5f-4518-92e1-53a0680f9710/1/kj8CYXjiIanB31FWFFARzf6Z0qE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/d57969-ea5f-4518-92e1-53a0680f9710/1/PI3-EJ3oMdMv14pYzFwdFJpFU9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.176.0/21
Signature Algorithm: sha256WithRSAEncryption
a5:0a:17:69:97:47:75:cd:1f:51:13:1d:78:da:39:03:7f:18:
4c:1b:ac:54:a2:b4:a9:eb:b3:9a:f8:e1:64:67:76:9e:85:c8:
9a:a1:be:e8:e0:dc:0f:34:4f:c1:da:83:21:9b:3a:af:7a:ac:
eb:7f:90:19:3f:83:ae:ff:c2:23:fb:3b:35:d8:c0:06:c5:5a:
8a:50:09:84:9f:38:87:8d:11:3a:bd:90:4d:06:24:54:3d:af:
d4:a2:56:46:3b:ee:bf:f1:d3:f6:27:95:05:c0:b9:04:4d:ad:
13:9d:a4:78:6a:ae:7f:f9:40:35:07:f3:af:c0:c2:cf:81:d3:
a2:2a:05:4f:b3:39:16:95:93:bb:ad:4a:69:d8:1e:aa:f5:eb:
37:46:50:5a:47:c6:75:d6:d9:9f:69:29:04:e5:19:b0:a3:1b:
88:28:8c:f8:3f:4b:3a:9b:ff:b7:88:44:c8:93:6f:11:b6:97:
42:31:10:de:7f:3d:e5:22:80:2c:47:ad:f6:07:eb:45:c3:8c:
44:01:61:55:82:50:6b:d5:23:e7:40:02:59:e1:d0:30:58:0b:
e5:b9:1f:0c:2d:ab:74:e5:de:2e:b2:fa:7b:e5:06:54:a7:b2:
25:82:86:15:19:99:38:3f:de:68:fd:6c:fe:7b:97:18:12:41:
58:fc:b5:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJShc3swhW9d/+2DzwPCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjOGRmZTEwOWRlODMxZDMyZmQ3OGE1OGNjNWMxZDE0OWE0
NTUzZDIwHhcNMjQwMTAxMDgzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjNmMDI2MTc4ZTIyMWE5YzFkZjUxNTYxNDUwMTFjZGZlOTlkMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXgIlU41SMap0pVvRxC0GQwYYojZ
Q1t5ETTbHsIjcn99mx/94jhU9kofY7lGvtJ0I0HW3njVIaNDO0jsBicabkaJPAiv
afEvVHx7vLp5GSFQYLKlETa0Xt4VkEyiHs/UdCc2Eto1mcglnoP928bftepCbewo
9r+++nKcKwt8qWFfTyrz6gkXHH5rK5kjEz9tPm2Ks33hYH23gS5wgy9njLuiLKco
3nHf6avLLc+7oajET0qrKOhhCGzxJX3M5oe/6qjf2nfs66gIepBvC3pBkvCJxFo9
+lkaixB4+AfCVcEH2B7UUmFPqM5Hvnd9BnOOh97wD4wZi6HHUkokhMt32wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJI/AmF44iGpwd9RVhRQEc3+mdKhMB8GA1UdIwQY
MBaAFDyN/hCd6DHTL9eKWMxcHRSaRVPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEkzLUVKM29NZE12MTRwWXpGd2RGSnBGVTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9kNTc5NjktZWE1Zi00NTE4LTkyZTEt
NTNhMDY4MGY5NzEwLzEva2o4Q1lYamlJYW5CMzFGV0ZGQVJ6ZjZaMHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9kNTc5NjktZWE1Zi00NTE4LTkyZTEtNTNhMDY4MGY5NzEw
LzEvUEkzLUVKM29NZE12MTRwWXpGd2RGSnBGVTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwbKwMA0G
CSqGSIb3DQEBCwUAA4IBAQClChdpl0d1zR9REx142jkDfxhMG6xUorSp67Oa+OFk
Z3aehciaob7o4NwPNE/B2oMhmzqveqzrf5AZP4Ou/8Ij+zs12MAGxVqKUAmEnziH
jRE6vZBNBiRUPa/UolZGO+6/8dP2J5UFwLkETa0TnaR4aq5/+UA1B/OvwMLPgdOi
KgVPszkWlZO7rUpp2B6q9es3RlBaR8Z11tmfaSkE5RmwoxuIKIz4P0s6m/+3iETI
k28RtpdCMRDefz3lIoAsR632B+tFw4xEAWFVglBr1SPnQAJZ4dAwWAvluR8MLat0
5d4usvp75QZUp7IlgoYVGZk4P95o/Wz+e5cYEkFY/LV9
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:58 2025 by rpki-client