Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/30523b-8b3c-46cb-abbc-e101477efb8a/1/kiUjqOQQw0-Gzaxe83XGYR53hZQ.roa
File: kiUjqOQQw0-Gzaxe83XGYR53hZQ.roa (raw, json)
Hash identifier: Bh1BypJYLiE4CP7XNuvryqkP7TZqPNle0TuPHT4PS3w=
Subject key identifier: 92:25:23:A8:E4:10:C3:4F:86:CD:AC:5E:F3:75:C6:61:1E:77:85:94
Certificate issuer: /CN=e3d5159882e77a67f797f8f8b996b62c4ebabc20
Certificate serial: 018CC500DB6DED643B886F733F64AE8F827F
Authority key identifier: E3:D5:15:98:82:E7:7A:67:F7:97:F8:F8:B9:96:B6:2C:4E:BA:BC:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49UVmILnemf3l_j4uZa2LE66vCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/30523b-8b3c-46cb-abbc-e101477efb8a/1/kiUjqOQQw0-Gzaxe83XGYR53hZQ.roa
Signing time: Mon 01 Jan 2024 12:30:16 +0000
ROA not before: Mon 01 Jan 2024 12:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39306
IP address blocks: 193.37.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:db:6d:ed:64:3b:88:6f:73:3f:64:ae:8f:82:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d5159882e77a67f797f8f8b996b62c4ebabc20
Validity
Not Before: Jan 1 12:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=922523a8e410c34f86cdac5ef375c6611e778594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e4:dd:f1:24:75:d3:7d:82:29:b0:09:a6:03:
d9:c5:17:d3:4f:0a:3e:b3:06:77:03:ac:2d:1e:1f:
e8:4c:0c:5d:1d:02:0c:26:93:45:0a:45:89:b6:a2:
46:66:13:d6:d5:84:e7:ba:46:f1:35:fe:f0:54:a3:
35:5a:ef:78:59:61:9d:2c:f2:92:f0:a5:37:92:8e:
b8:0a:09:c5:7f:77:38:39:db:c3:a9:61:cb:40:36:
de:66:d4:06:8c:50:e2:44:d4:0b:83:52:46:5e:5b:
63:1e:d5:b3:bf:27:92:4b:cc:c3:09:1d:f5:fa:97:
1e:26:3b:da:36:a6:b0:61:8c:b0:98:2b:8a:ec:05:
e8:62:76:1a:76:96:0e:f8:22:1f:cf:b6:4d:b6:8e:
2f:e2:3c:94:88:ea:03:d6:de:a3:58:45:d4:f8:a9:
6a:9b:ef:53:ba:89:43:82:a5:6c:b6:e0:2a:6e:87:
5a:03:02:a9:80:b3:2f:7d:0f:79:df:ca:10:8f:e3:
d1:c5:3d:6c:05:25:20:2c:7f:3a:4a:8e:e7:c8:cf:
1d:a5:f9:3c:32:42:29:cb:f7:dc:b0:b5:ed:71:2b:
12:ce:93:8f:e9:0e:e1:06:3c:13:c8:af:01:9c:8d:
07:4e:bc:48:31:02:e7:ea:b8:17:9e:dc:3f:a1:11:
24:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:25:23:A8:E4:10:C3:4F:86:CD:AC:5E:F3:75:C6:61:1E:77:85:94
X509v3 Authority Key Identifier:
keyid:E3:D5:15:98:82:E7:7A:67:F7:97:F8:F8:B9:96:B6:2C:4E:BA:BC:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49UVmILnemf3l_j4uZa2LE66vCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/30523b-8b3c-46cb-abbc-e101477efb8a/1/kiUjqOQQw0-Gzaxe83XGYR53hZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/30523b-8b3c-46cb-abbc-e101477efb8a/1/49UVmILnemf3l_j4uZa2LE66vCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.37.138.0/24
Signature Algorithm: sha256WithRSAEncryption
90:e3:0c:70:95:63:f4:88:9f:3d:51:11:31:54:f9:24:25:c8:
f1:36:ec:ac:00:45:5c:6d:d3:63:e7:02:db:ee:27:6c:a1:50:
68:e9:5e:c4:73:54:73:71:4d:1f:8e:1f:3f:1c:1f:be:68:6f:
ad:c7:68:a4:40:f0:b2:6e:d8:27:7f:c6:ee:cf:f3:fb:b0:25:
6b:a4:63:55:31:54:e4:6b:bf:e6:81:27:04:cf:fe:91:dd:79:
e0:f0:ba:2c:22:33:96:73:3d:73:e7:c8:fa:df:ce:3d:f2:11:
d6:65:25:b9:53:53:77:b6:bd:17:36:1e:1c:9a:54:00:37:d6:
2e:91:65:3a:90:86:be:0b:67:54:3b:9e:15:db:50:76:6f:24:
a6:f1:66:6a:21:f0:92:18:0a:07:11:0f:02:8e:d9:56:31:2d:
b5:0f:64:0b:61:dc:fb:d2:f3:7e:cc:ea:65:88:52:12:ad:39:
b7:d1:9d:60:19:8a:58:30:f0:d8:3a:ee:df:a6:e7:dd:02:43:
df:f1:c0:e9:80:d5:e4:e9:09:d0:b6:43:7b:f2:dc:7b:69:cc:
ae:db:ee:cb:d4:4a:f3:d7:71:74:e7:82:dc:c0:3d:fa:a6:1c:
a8:7f:28:56:66:29:31:78:6b:af:8e:63:d4:9b:33:c8:a2:be:
6c:bc:71:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFANtt7WQ7iG9zP2Suj4J/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDUxNTk4ODJlNzdhNjdmNzk3ZjhmOGI5OTZiNjJjNGVi
YWJjMjAwHhcNMjQwMTAxMTIzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjI1MjNhOGU0MTBjMzRmODZjZGFjNWVmMzc1YzY2MTFlNzc4NTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOTd8SR1032CKbAJpgPZxRfTTwo+
swZ3A6wtHh/oTAxdHQIMJpNFCkWJtqJGZhPW1YTnukbxNf7wVKM1Wu94WWGdLPKS
8KU3ko64CgnFf3c4OdvDqWHLQDbeZtQGjFDiRNQLg1JGXltjHtWzvyeSS8zDCR31
+pceJjvaNqawYYywmCuK7AXoYnYadpYO+CIfz7ZNto4v4jyUiOoD1t6jWEXU+Klq
m+9TuolDgqVstuAqbodaAwKpgLMvfQ9538oQj+PRxT1sBSUgLH86So7nyM8dpfk8
MkIpy/fcsLXtcSsSzpOP6Q7hBjwTyK8BnI0HTrxIMQLn6rgXntw/oREkqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIlI6jkEMNPhs2sXvN1xmEed4WUMB8GA1UdIwQY
MBaAFOPVFZiC53pn95f4+LmWtixOurwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlVVm1JTG5lbWYzbF9qNHVaYTJMRTY2dkNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8zMDUyM2ItOGIzYy00NmNiLWFiYmMt
ZTEwMTQ3N2VmYjhhLzEva2lVanFPUVF3MC1HemF4ZTgzWEdZUjUzaFpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8zMDUyM2ItOGIzYy00NmNiLWFiYmMtZTEwMTQ3N2VmYjhh
LzEvNDlVVm1JTG5lbWYzbF9qNHVaYTJMRTY2dkNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSWKMA0G
CSqGSIb3DQEBCwUAA4IBAQCQ4wxwlWP0iJ89URExVPkkJcjxNuysAEVcbdNj5wLb
7idsoVBo6V7Ec1RzcU0fjh8/HB++aG+tx2ikQPCybtgnf8buz/P7sCVrpGNVMVTk
a7/mgScEz/6R3Xng8LosIjOWcz1z58j638498hHWZSW5U1N3tr0XNh4cmlQAN9Yu
kWU6kIa+C2dUO54V21B2bySm8WZqIfCSGAoHEQ8CjtlWMS21D2QLYdz70vN+zOpl
iFISrTm30Z1gGYpYMPDYOu7fpufdAkPf8cDpgNXk6QnQtkN78tx7acyu2+7L1Erz
13F054LcwD36phyofyhWZikxeGuvjmPUmzPIor5svHEr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:03 2025 by rpki-client