Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/4f5951-2047-44bc-b69a-03bc63ca25a3/1/A5mjfi_VWIqDn3yNH3VM0Cj16Sw.roa
File: A5mjfi_VWIqDn3yNH3VM0Cj16Sw.roa (raw, json)
Hash identifier: 2DFZL81VhHrPbOFd90UWHinwxaTsasLtBZ6p6pM1ME8=
Subject key identifier: 03:99:A3:7E:2F:D5:58:8A:83:9F:7C:8D:1F:75:4C:D0:28:F5:E9:2C
Certificate issuer: /CN=1b6828113bba3423d15731964fe57b5f252bfde6
Certificate serial: 018CC5DC5730FC789D17201B02075D9EFDC5
Authority key identifier: 1B:68:28:11:3B:BA:34:23:D1:57:31:96:4F:E5:7B:5F:25:2B:FD:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2goETu6NCPRVzGWT-V7XyUr_eY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/4f5951-2047-44bc-b69a-03bc63ca25a3/1/A5mjfi_VWIqDn3yNH3VM0Cj16Sw.roa
Signing time: Mon 01 Jan 2024 16:30:00 +0000
ROA not before: Mon 01 Jan 2024 16:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41294
IP address blocks: 194.176.104.0/24 maxlen: 24
193.134.112.0/22 maxlen: 22
2001:67c:90c::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:57:30:fc:78:9d:17:20:1b:02:07:5d:9e:fd:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b6828113bba3423d15731964fe57b5f252bfde6
Validity
Not Before: Jan 1 16:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0399a37e2fd5588a839f7c8d1f754cd028f5e92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:67:12:71:3e:82:1e:b7:a1:42:9a:7c:a1:dd:
4d:fb:63:e9:6b:01:ff:4d:97:23:0f:b4:bd:0f:5f:
74:77:2a:f8:60:cc:b0:01:7f:89:62:6a:39:ad:54:
ba:3e:a0:fb:25:7c:6c:22:43:c8:56:3a:ac:d3:cf:
35:32:f2:36:fb:31:ce:3b:65:a1:a0:b0:46:be:ae:
78:4a:3b:17:28:16:9d:53:ae:25:63:65:ae:42:84:
b7:f7:92:f8:28:5c:10:0e:d4:b5:c4:2c:eb:df:cd:
8a:cb:16:6d:52:00:3c:00:c8:e5:9d:a9:d2:04:87:
80:d8:15:53:27:62:2b:86:1a:19:ee:44:18:a3:93:
c0:75:46:a7:1b:ea:ff:b1:cb:87:da:a4:46:99:73:
9b:f2:a6:fe:f8:39:14:f3:ec:8e:3d:13:8e:cc:d4:
ca:48:1d:0d:eb:57:d0:a9:e2:c4:eb:19:cd:14:79:
d3:9e:a3:c1:1c:8a:58:57:60:5c:17:28:7e:e8:bc:
02:42:3f:54:53:7e:34:68:bc:15:bd:16:2f:66:1c:
4a:33:26:f6:18:9d:70:ca:e1:ce:99:52:bf:c9:87:
0d:a5:72:94:92:12:56:4f:29:60:4e:77:6e:f8:06:
b9:20:9a:3a:cb:1e:f8:61:da:16:b5:52:04:79:fa:
45:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:99:A3:7E:2F:D5:58:8A:83:9F:7C:8D:1F:75:4C:D0:28:F5:E9:2C
X509v3 Authority Key Identifier:
keyid:1B:68:28:11:3B:BA:34:23:D1:57:31:96:4F:E5:7B:5F:25:2B:FD:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2goETu6NCPRVzGWT-V7XyUr_eY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4f5951-2047-44bc-b69a-03bc63ca25a3/1/A5mjfi_VWIqDn3yNH3VM0Cj16Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/4f5951-2047-44bc-b69a-03bc63ca25a3/1/G2goETu6NCPRVzGWT-V7XyUr_eY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.134.112.0/22
194.176.104.0/24
IPv6:
2001:67c:90c::/48
Signature Algorithm: sha256WithRSAEncryption
65:c7:75:b8:b1:83:32:86:9a:2f:65:41:57:0b:a0:74:db:59:
84:72:18:3e:07:79:59:8b:3e:f5:db:0e:7e:d0:4e:0c:18:57:
65:23:02:22:d8:a9:0e:46:d4:1c:52:89:4b:21:61:b9:cd:8e:
8b:10:e1:48:80:3d:59:fb:83:50:90:f8:4b:ab:0c:fd:00:30:
37:23:4c:42:1f:0d:e2:67:af:ee:93:48:32:c5:f3:e0:54:e8:
91:af:34:a5:5a:b5:3f:1d:1b:28:1e:0d:f1:ac:88:b0:49:25:
9d:09:3f:35:e2:ea:56:d9:d8:98:5a:9f:fe:9b:2c:61:73:7d:
49:1e:b7:05:19:33:c0:42:9d:30:77:65:3e:21:b2:af:6b:ce:
38:9f:9c:08:2d:d4:c1:7d:c2:e1:49:ec:1d:3d:22:6d:01:6d:
84:ca:b5:ba:e6:cd:ff:96:6a:2e:07:e9:97:41:a4:74:f0:97:
36:72:8a:95:98:35:5f:ed:24:a4:62:6f:a9:d5:de:ac:ea:28:
ea:b3:f1:3d:f9:fd:fb:51:2f:ff:9c:c3:ce:49:b8:2f:1a:8d:
ad:32:e9:08:ab:11:8c:dd:14:52:48:61:23:9b:16:8c:45:a8:
4f:d3:39:ea:e3:26:c4:88:be:35:35:a6:d7:f0:14:12:d5:9b:
55:95:10:a0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3Fcw/HidFyAbAgddnv3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjgyODExM2JiYTM0MjNkMTU3MzE5NjRmZTU3YjVmMjUy
YmZkZTYwHhcNMjQwMTAxMTYzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk5YTM3ZTJmZDU1ODhhODM5ZjdjOGQxZjc1NGNkMDI4ZjVlOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWcScT6CHrehQpp8od1N+2PpawH/
TZcjD7S9D190dyr4YMywAX+JYmo5rVS6PqD7JXxsIkPIVjqs0881MvI2+zHOO2Wh
oLBGvq54SjsXKBadU64lY2WuQoS395L4KFwQDtS1xCzr382KyxZtUgA8AMjlnanS
BIeA2BVTJ2IrhhoZ7kQYo5PAdUanG+r/scuH2qRGmXOb8qb++DkU8+yOPROOzNTK
SB0N61fQqeLE6xnNFHnTnqPBHIpYV2BcFyh+6LwCQj9UU340aLwVvRYvZhxKMyb2
GJ1wyuHOmVK/yYcNpXKUkhJWTylgTndu+Aa5IJo6yx74YdoWtVIEefpFdQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAOZo34v1ViKg598jR91TNAo9eksMB8GA1UdIwQY
MBaAFBtoKBE7ujQj0Vcxlk/le18lK/3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJnb0VUdTZOQ1BSVnpHV1QtVjdYeVVyX2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80ZjU5NTEtMjA0Ny00NGJjLWI2OWEt
MDNiYzYzY2EyNWEzLzEvQTVtamZpX1ZXSXFEbjN5TkgzVk0wQ2oxNlN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80ZjU5NTEtMjA0Ny00NGJjLWI2OWEtMDNiYzYzY2EyNWEz
LzEvRzJnb0VUdTZOQ1BSVnpHV1QtVjdYeVVyX2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCwYZwAwQA
wrBoMA8EAgACMAkDBwAgAQZ8CQwwDQYJKoZIhvcNAQELBQADggEBAGXHdbixgzKG
mi9lQVcLoHTbWYRyGD4HeVmLPvXbDn7QTgwYV2UjAiLYqQ5G1BxSiUshYbnNjosQ
4UiAPVn7g1CQ+EurDP0AMDcjTEIfDeJnr+6TSDLF8+BU6JGvNKVatT8dGygeDfGs
iLBJJZ0JPzXi6lbZ2Jhan/6bLGFzfUketwUZM8BCnTB3ZT4hsq9rzjifnAgt1MF9
wuFJ7B09Im0BbYTKtbrmzf+Wai4H6ZdBpHTwlzZyipWYNV/tJKRib6nV3qzqKOqz
8T35/ftRL/+cw85JuC8aja0y6QirEYzdFFJIYSObFoxFqE/TOerjJsSIvjU1ptfw
FBLVm1WVEKA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:08:48 2025 by rpki-client