Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/k5nmlH8rjLxAK0HsUUYcV0QprMY.roa
File: k5nmlH8rjLxAK0HsUUYcV0QprMY.roa (raw, json)
Hash identifier: hqnfVIaorGP3oJhvAGS08rcXVR6hsOMlNO/I94ebFJ8=
Subject key identifier: 93:99:E6:94:7F:2B:8C:BC:40:2B:41:EC:51:46:1C:57:44:29:AC:C6
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 018CCA2B033FBA66778D281BD3FFF6CC8CA9
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/k5nmlH8rjLxAK0HsUUYcV0QprMY.roa
Signing time: Tue 02 Jan 2024 12:34:25 +0000
ROA not before: Tue 02 Jan 2024 12:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5516
IP address blocks: 194.117.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:03:3f:ba:66:77:8d:28:1b:d3:ff:f6:cc:8c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Jan 2 12:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9399e6947f2b8cbc402b41ec51461c574429acc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d6:72:4e:c7:90:41:d0:14:08:8e:11:8f:79:
48:63:51:6a:96:b7:8d:df:1b:8d:d5:76:f3:1a:87:
ce:b3:08:b5:54:99:14:52:a3:e3:0a:73:32:0b:43:
58:c4:23:83:62:63:b0:9c:53:ee:a6:e2:a3:14:02:
68:cf:b2:96:5a:61:1f:19:84:37:ca:46:65:a0:36:
c2:9a:4d:7a:f6:95:11:27:e4:90:14:b5:4c:0a:1c:
98:1b:52:d3:1e:48:59:23:68:b5:35:f8:8e:06:f2:
e7:7e:a1:fd:09:0e:db:cf:c0:49:ea:6f:b3:f3:ad:
a9:16:1e:b7:b5:cb:cf:6c:4c:8f:c4:1d:01:cf:4e:
da:64:7e:1b:88:e4:f5:ad:a4:3f:07:07:61:f1:f0:
61:92:f2:22:58:14:38:de:01:fb:5d:3e:6e:ee:0d:
4b:8f:92:c2:a9:74:de:ff:1d:0d:9e:0a:17:b8:bd:
8d:8f:7e:fe:28:a3:64:56:95:7c:b1:fa:10:80:3e:
82:a2:e1:74:53:f4:e2:eb:fb:36:15:5a:88:8e:3e:
64:41:78:69:bd:ee:de:7c:25:01:45:2d:61:b3:0e:
ea:37:7a:da:01:e0:0d:d8:11:8c:6f:74:cb:60:25:
2a:96:8a:79:bc:7b:a8:53:d3:09:22:d4:c1:e7:a7:
d5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:99:E6:94:7F:2B:8C:BC:40:2B:41:EC:51:46:1C:57:44:29:AC:C6
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/k5nmlH8rjLxAK0HsUUYcV0QprMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.117.32.0/22
Signature Algorithm: sha256WithRSAEncryption
92:8b:0e:0b:3a:fc:e8:55:aa:b7:65:6c:82:a8:28:5c:0a:52:
4a:75:af:bd:8a:86:a2:2e:37:61:c1:8b:dc:dc:9a:11:60:e8:
d8:67:70:ad:c3:65:26:7b:8e:02:59:66:65:65:47:04:a4:3d:
a5:68:cd:09:11:61:d7:72:bd:eb:b2:05:d1:eb:60:8c:35:12:
31:ab:73:b9:79:01:d0:ab:53:bf:c7:98:b6:42:36:e9:8b:a5:
ec:68:19:6c:dd:96:b3:e9:02:c5:3f:e2:20:78:1f:94:e9:c8:
b6:d1:d5:ad:b2:af:39:d4:ec:ca:04:8c:90:46:9c:59:9f:b8:
66:24:3d:ad:1f:37:df:0b:ce:67:3e:1b:09:66:93:f3:c7:f8:
ff:2a:f7:e0:4c:86:1f:79:20:c1:4c:eb:c4:ae:0a:1a:a8:d4:
1b:8d:fe:0a:8e:3b:73:0b:de:dd:74:ba:10:e0:26:80:61:0d:
d1:a5:4d:ca:07:d4:53:7a:e1:bc:e1:54:ec:6c:b1:4f:7a:ce:
0a:2c:8c:69:19:e2:d4:0e:91:63:3a:e2:2c:69:5b:01:91:f5:
aa:b5:f3:f1:33:89:4f:a4:88:d6:a4:d8:18:75:ec:aa:7a:ec:
b7:2a:00:f8:62:04:84:ec:5b:3c:cc:d9:83:5a:92:60:46:bd:
ae:86:3d:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKwM/umZ3jSgb0//2zIypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlMTkzYjMwMTY2NWI1NmY2NzgwZjIyNWZkNDRkMTQ0
MDkzYWYwHhcNMjQwMTAyMTIzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzk5ZTY5NDdmMmI4Y2JjNDAyYjQxZWM1MTQ2MWM1NzQ0MjlhY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodZyTseQQdAUCI4Rj3lIY1FqlreN
3xuN1XbzGofOswi1VJkUUqPjCnMyC0NYxCODYmOwnFPupuKjFAJoz7KWWmEfGYQ3
ykZloDbCmk169pURJ+SQFLVMChyYG1LTHkhZI2i1NfiOBvLnfqH9CQ7bz8BJ6m+z
862pFh63tcvPbEyPxB0Bz07aZH4biOT1raQ/Bwdh8fBhkvIiWBQ43gH7XT5u7g1L
j5LCqXTe/x0NngoXuL2Nj37+KKNkVpV8sfoQgD6CouF0U/Ti6/s2FVqIjj5kQXhp
ve7efCUBRS1hsw7qN3raAeAN2BGMb3TLYCUqlop5vHuoU9MJItTB56fV1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJOZ5pR/K4y8QCtB7FFGHFdEKazGMB8GA1UdIwQY
MBaAFA1O4ZOzAWZbVvZ4DyJf1E0UQJOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYt
OWY3ZTBmODYyZjFlLzEvazVubWxIOHJqTHhBSzBIc1VVWWNWMFFwck1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYtOWY3ZTBmODYyZjFl
LzEvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwnUgMA0G
CSqGSIb3DQEBCwUAA4IBAQCSiw4LOvzoVaq3ZWyCqChcClJKda+9ioaiLjdhwYvc
3JoRYOjYZ3Ctw2Ume44CWWZlZUcEpD2laM0JEWHXcr3rsgXR62CMNRIxq3O5eQHQ
q1O/x5i2Qjbpi6XsaBls3Zaz6QLFP+IgeB+U6ci20dWtsq851OzKBIyQRpxZn7hm
JD2tHzffC85nPhsJZpPzx/j/KvfgTIYfeSDBTOvErgoaqNQbjf4KjjtzC97ddLoQ
4CaAYQ3RpU3KB9RTeuG84VTsbLFPes4KLIxpGeLUDpFjOuIsaVsBkfWqtfPxM4lP
pIjWpNgYdeyqeuy3KgD4YgSE7Fs8zNmDWpJgRr2uhj3C
-----END CERTIFICATE-----
Generated at Tue Apr 8 01:12:40 2025 by rpki-client