Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c7935-2eda-43ac-8d0f-799525be7215/1/SfqCW2zcMqdHiHp8v7CsNEABRVc.roa
File: SfqCW2zcMqdHiHp8v7CsNEABRVc.roa (raw, json)
Hash identifier: M5J4uQzHT9NDMhpjgfv+16GjS5oe6pXaIjcHhba76Yg=
Subject key identifier: 49:FA:82:5B:6C:DC:32:A7:47:88:7A:7C:BF:B0:AC:34:40:01:45:57
Certificate issuer: /CN=3014b8c7f509e10051b0cd29fd8d69f285508d87
Certificate serial: 018CC6B78978AAA648367CDA0534BC1D7CC7
Authority key identifier: 30:14:B8:C7:F5:09:E1:00:51:B0:CD:29:FD:8D:69:F2:85:50:8D:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MBS4x_UJ4QBRsM0p_Y1p8oVQjYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c7935-2eda-43ac-8d0f-799525be7215/1/SfqCW2zcMqdHiHp8v7CsNEABRVc.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42547
IP address blocks: 193.106.100.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:89:78:aa:a6:48:36:7c:da:05:34:bc:1d:7c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3014b8c7f509e10051b0cd29fd8d69f285508d87
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49fa825b6cdc32a747887a7cbfb0ac3440014557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:29:87:ed:6c:a4:3b:b4:6a:67:8b:03:0e:4a:
21:15:e0:c8:04:ff:4a:e4:b6:69:01:50:e1:5c:c1:
a5:dd:91:c0:07:a7:a5:02:2f:28:e0:bf:f0:8a:20:
16:86:a7:cd:68:1f:fd:f4:a8:7d:e8:a9:48:67:50:
9a:0d:22:e4:33:0b:7b:1f:10:f5:71:40:93:07:31:
07:0f:62:c2:bb:04:17:45:58:7a:ed:63:48:03:dc:
af:a2:3f:10:c6:d6:ae:b7:1e:d2:6d:73:cd:6c:9b:
80:3b:46:b0:5f:c1:a5:c8:92:29:09:48:34:fe:35:
00:de:81:79:b6:ba:35:bb:86:a0:d3:bf:80:6c:ef:
c8:1a:93:ce:e8:6c:b6:e9:05:0c:45:33:e7:a2:ea:
de:ef:79:46:69:4b:65:b7:32:bc:b1:31:80:cb:21:
ba:c3:1a:a1:6c:5c:a8:ee:97:28:03:22:99:38:7f:
2a:ce:dc:b6:0a:b2:a3:97:62:1d:05:fe:c3:57:f6:
26:f3:42:00:4f:9b:d4:2b:bf:4b:e0:5e:ff:96:12:
fc:18:9e:c2:41:56:ad:f8:65:4e:8d:91:e4:50:d7:
fa:6f:d4:74:50:5f:c9:c9:a1:ba:6e:38:00:48:04:
99:af:10:a3:d5:60:5c:5d:67:92:cf:e6:4d:01:d8:
cf:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FA:82:5B:6C:DC:32:A7:47:88:7A:7C:BF:B0:AC:34:40:01:45:57
X509v3 Authority Key Identifier:
keyid:30:14:B8:C7:F5:09:E1:00:51:B0:CD:29:FD:8D:69:F2:85:50:8D:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MBS4x_UJ4QBRsM0p_Y1p8oVQjYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c7935-2eda-43ac-8d0f-799525be7215/1/SfqCW2zcMqdHiHp8v7CsNEABRVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c7935-2eda-43ac-8d0f-799525be7215/1/MBS4x_UJ4QBRsM0p_Y1p8oVQjYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.100.0/22
Signature Algorithm: sha256WithRSAEncryption
65:91:04:1e:0e:99:b9:32:e5:c6:6d:57:6e:14:fb:7d:35:22:
7a:2c:e5:3f:bc:8b:de:6e:8e:06:56:26:12:ae:41:87:b9:ea:
8c:70:94:db:ba:75:37:d0:f0:b3:74:13:92:a4:c2:60:7c:7c:
16:bb:88:92:1e:63:6b:ac:33:f1:f7:49:23:74:f9:3d:e4:eb:
41:5e:e6:9c:e9:74:1a:7a:08:f3:78:3b:5f:10:ee:f9:aa:f0:
dd:4d:57:8d:3f:d5:68:8b:46:25:5a:82:2b:bb:c8:ef:8f:f5:
f6:72:6b:69:1c:26:63:99:30:61:a6:4b:ff:c4:91:31:92:79:
44:7f:37:4c:fd:70:a5:6f:d1:1e:9c:60:35:e1:cd:5a:58:a2:
df:34:d2:a2:03:76:83:fb:e5:57:56:ff:0e:59:9d:b0:f0:4e:
4e:4f:6f:b4:2d:2f:25:3f:e4:56:a7:b2:cc:b0:1a:8a:74:0b:
02:85:8f:18:a6:be:a4:33:3b:4f:b8:c2:85:34:70:7e:c0:c2:
7c:bb:c9:01:dc:6d:b1:e4:72:0f:51:e2:a7:91:29:db:aa:37:
4a:8c:be:53:5e:4e:74:63:33:f8:4c:ae:1f:48:a6:b9:fc:be:
f8:84:17:64:50:7d:fe:e0:1c:6d:a0:28:45:61:11:da:33:59:
71:28:ea:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt4l4qqZINnzaBTS8HXzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMTRiOGM3ZjUwOWUxMDA1MWIwY2QyOWZkOGQ2OWYyODU1
MDhkODcwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZhODI1YjZjZGMzMmE3NDc4ODdhN2NiZmIwYWMzNDQwMDE0NTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuimH7WykO7RqZ4sDDkohFeDIBP9K
5LZpAVDhXMGl3ZHAB6elAi8o4L/wiiAWhqfNaB/99Kh96KlIZ1CaDSLkMwt7HxD1
cUCTBzEHD2LCuwQXRVh67WNIA9yvoj8Qxtautx7SbXPNbJuAO0awX8GlyJIpCUg0
/jUA3oF5tro1u4ag07+AbO/IGpPO6Gy26QUMRTPnoure73lGaUtltzK8sTGAyyG6
wxqhbFyo7pcoAyKZOH8qzty2CrKjl2IdBf7DV/Ym80IAT5vUK79L4F7/lhL8GJ7C
QVat+GVOjZHkUNf6b9R0UF/JyaG6bjgASASZrxCj1WBcXWeSz+ZNAdjPZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEn6glts3DKnR4h6fL+wrDRAAUVXMB8GA1UdIwQY
MBaAFDAUuMf1CeEAUbDNKf2NafKFUI2HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUJTNHhfVUo0UUJSc00wcF9ZMXA4b1ZRalljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84Yzc5MzUtMmVkYS00M2FjLThkMGYt
Nzk5NTI1YmU3MjE1LzEvU2ZxQ1cyemNNcWRIaUhwOHY3Q3NORUFCUlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84Yzc5MzUtMmVkYS00M2FjLThkMGYtNzk5NTI1YmU3MjE1
LzEvTUJTNHhfVUo0UUJSc00wcF9ZMXA4b1ZRalljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWpkMA0G
CSqGSIb3DQEBCwUAA4IBAQBlkQQeDpm5MuXGbVduFPt9NSJ6LOU/vIvebo4GViYS
rkGHueqMcJTbunU30PCzdBOSpMJgfHwWu4iSHmNrrDPx90kjdPk95OtBXuac6XQa
egjzeDtfEO75qvDdTVeNP9Voi0YlWoIru8jvj/X2cmtpHCZjmTBhpkv/xJExknlE
fzdM/XClb9EenGA14c1aWKLfNNKiA3aD++VXVv8OWZ2w8E5OT2+0LS8lP+RWp7LM
sBqKdAsChY8Ypr6kMztPuMKFNHB+wMJ8u8kB3G2x5HIPUeKnkSnbqjdKjL5TXk50
YzP4TK4fSKa5/L74hBdkUH3+4BxtoChFYRHaM1lxKOob
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:30 2025 by rpki-client