Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/scUp0WvNSMEW3sWDXquZmniLjjw.roa
File: scUp0WvNSMEW3sWDXquZmniLjjw.roa (raw, json)
Hash identifier: ca/BMqKCm0YZWxvsp5fIobxeyg4QK0jl6HzH+PvLMb0=
Subject key identifier: B1:C5:29:D1:6B:CD:48:C1:16:DE:C5:83:5E:AB:99:9A:78:8B:8E:3C
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 0193920485BE9605F7A94D3BEECED5DDD87F
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/scUp0WvNSMEW3sWDXquZmniLjjw.roa
Signing time: Wed 04 Dec 2024 14:13:09 +0000
ROA not before: Wed 04 Dec 2024 14:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212335
IP address blocks: 188.191.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:92:04:85:be:96:05:f7:a9:4d:3b:ee:ce:d5:dd:d8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Dec 4 14:13:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1c529d16bcd48c116dec5835eab999a788b8e3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:92:72:66:d1:46:07:e4:d1:ce:85:29:e2:bb:
94:2c:33:83:cb:5f:52:fd:94:fe:f9:ef:a4:fe:f1:
a2:25:04:ed:1b:d9:6f:ca:6b:60:c0:7d:33:8a:36:
2e:7d:6f:28:e5:2c:24:1e:a3:5f:95:f7:b2:51:7f:
42:d6:9f:83:de:40:f2:b5:20:8c:be:b8:cc:f4:75:
c5:d4:81:a6:93:a5:69:96:9f:23:ed:f4:eb:e9:40:
2d:b2:f2:82:15:5d:bd:16:8a:30:fa:ea:91:fa:14:
9b:93:97:a0:9b:59:ef:4f:d0:3b:c8:e1:61:f7:3d:
e9:ed:34:53:7b:01:0b:58:54:32:02:d2:8d:45:51:
e7:00:fe:aa:54:5a:b5:48:00:bd:7e:37:89:b0:e3:
e1:68:9d:0e:96:d1:6f:6e:73:14:3e:3b:df:27:06:
7c:6e:64:c4:5a:16:c3:ad:49:e7:12:3f:6e:9e:04:
04:9e:aa:4e:54:c9:4c:0b:c2:cc:2e:c0:b4:7d:98:
7d:a4:bc:92:80:e4:84:bf:cb:14:f2:34:af:e3:91:
03:6d:e3:48:09:3e:3d:b4:a8:0d:bb:d8:c8:28:97:
86:4d:ad:85:7c:2b:1b:8a:81:ea:6b:4b:8d:36:16:
42:42:78:d8:51:d7:6d:07:ee:c9:64:0b:07:bd:65:
62:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:C5:29:D1:6B:CD:48:C1:16:DE:C5:83:5E:AB:99:9A:78:8B:8E:3C
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/scUp0WvNSMEW3sWDXquZmniLjjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.108.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:0d:7f:d6:9d:52:99:44:a6:aa:51:1c:ec:ea:43:70:49:8a:
87:52:33:2a:8e:c1:b6:b8:ee:56:df:b8:c8:12:ec:25:7f:ce:
03:9e:60:16:56:17:df:99:1a:1e:d7:99:d4:57:af:69:cb:98:
ad:66:60:a3:21:ab:75:4b:88:3c:35:8b:be:81:cc:c0:de:24:
c8:cf:8b:39:2d:9f:77:2d:55:ad:50:a1:b9:73:ae:4d:ad:11:
fe:e2:63:a1:c5:70:49:fe:84:0a:95:23:a5:6c:1f:26:d0:80:
0d:a0:ba:0b:a3:54:c9:6d:a4:ff:84:02:de:49:66:8a:4e:1d:
bc:40:e6:56:6e:1f:64:bf:97:96:1a:00:a4:9d:64:1c:e3:eb:
6b:c2:3a:11:5d:22:59:b5:3f:2a:b7:15:ff:9c:75:42:c9:14:
84:f6:ba:24:cf:aa:3c:29:aa:90:27:aa:6f:7c:01:d8:71:2c:
ef:60:6b:f1:4a:c3:b7:9a:ee:dd:af:98:53:37:0c:03:aa:c2:
f6:9e:9a:68:e2:ab:36:a4:46:4f:1d:e9:2f:f3:19:26:91:bd:
7c:24:29:6b:db:1b:ca:49:7c:6d:75:88:62:5a:41:84:2b:29:
ba:b5:de:d4:6a:8f:28:d3:12:c3:d1:95:cb:df:fe:ec:3e:cb:
16:f9:de:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOSBIW+lgX3qU077s7V3dh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQxMjA0MTQxMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWM1MjlkMTZiY2Q0OGMxMTZkZWM1ODM1ZWFiOTk5YTc4OGI4ZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpJyZtFGB+TRzoUp4ruULDODy19S
/ZT++e+k/vGiJQTtG9lvymtgwH0zijYufW8o5SwkHqNflfeyUX9C1p+D3kDytSCM
vrjM9HXF1IGmk6Vplp8j7fTr6UAtsvKCFV29Foow+uqR+hSbk5egm1nvT9A7yOFh
9z3p7TRTewELWFQyAtKNRVHnAP6qVFq1SAC9fjeJsOPhaJ0OltFvbnMUPjvfJwZ8
bmTEWhbDrUnnEj9ungQEnqpOVMlMC8LMLsC0fZh9pLySgOSEv8sU8jSv45EDbeNI
CT49tKgNu9jIKJeGTa2FfCsbioHqa0uNNhZCQnjYUddtB+7JZAsHvWViMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHFKdFrzUjBFt7Fg16rmZp4i448MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvc2NVcDBXdk5TTUVXM3NXRFhxdVptbmlMamp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9sMA0G
CSqGSIb3DQEBCwUAA4IBAQBPDX/WnVKZRKaqURzs6kNwSYqHUjMqjsG2uO5W37jI
Euwlf84DnmAWVhffmRoe15nUV69py5itZmCjIat1S4g8NYu+gczA3iTIz4s5LZ93
LVWtUKG5c65NrRH+4mOhxXBJ/oQKlSOlbB8m0IANoLoLo1TJbaT/hALeSWaKTh28
QOZWbh9kv5eWGgCknWQc4+trwjoRXSJZtT8qtxX/nHVCyRSE9rokz6o8KaqQJ6pv
fAHYcSzvYGvxSsO3mu7dr5hTNwwDqsL2nppo4qs2pEZPHekv8xkmkb18JClr2xvK
SXxtdYhiWkGEKym6td7Uao8o0xLD0ZXL3/7sPssW+d4Y
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:01:27 2025 by rpki-client