Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e6b617-76e2-426a-8071-34c76d9756dd/1/aHC-JqlAuaFeYz-aT6ycPu84loM.roa
File: aHC-JqlAuaFeYz-aT6ycPu84loM.roa (raw, json)
Hash identifier: Eblqjz1a2tQ/xP9wgO0C25eNgH7tl0oMPxcJMTE0aZY=
Subject key identifier: 68:70:BE:26:A9:40:B9:A1:5E:63:3F:9A:4F:AC:9C:3E:EF:38:96:83
Certificate issuer: /CN=7b2bdfebe459221dda35f52c5a3995020e4fbb7a
Certificate serial: 018CC5DCC161AA9E67C71180D7040A450F0E
Authority key identifier: 7B:2B:DF:EB:E4:59:22:1D:DA:35:F5:2C:5A:39:95:02:0E:4F:BB:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eyvf6-RZIh3aNfUsWjmVAg5Pu3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e6b617-76e2-426a-8071-34c76d9756dd/1/aHC-JqlAuaFeYz-aT6ycPu84loM.roa
Signing time: Mon 01 Jan 2024 16:30:28 +0000
ROA not before: Mon 01 Jan 2024 16:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31531
IP address blocks: 193.16.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:c1:61:aa:9e:67:c7:11:80:d7:04:0a:45:0f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b2bdfebe459221dda35f52c5a3995020e4fbb7a
Validity
Not Before: Jan 1 16:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6870be26a940b9a15e633f9a4fac9c3eef389683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:bd:46:1b:c0:b7:89:08:fc:64:2d:ac:5d:
78:e2:25:8c:54:3e:20:de:16:f4:ec:78:e7:f9:06:
45:26:ca:be:92:b9:2e:e8:f1:be:17:5e:53:fb:3e:
5c:aa:8b:19:7d:49:7c:4a:85:94:df:49:24:45:d8:
b6:59:90:54:a3:ae:c6:d8:cb:f4:cf:f5:aa:3b:79:
5f:01:51:20:5a:a3:65:0c:ff:d6:9c:90:ea:d0:ad:
3f:5c:eb:38:2e:72:1d:78:ed:e5:98:83:5f:cc:f7:
24:73:4d:5e:49:4a:15:f9:38:c7:a3:6d:0a:af:6a:
9b:74:94:08:f4:78:cd:88:0a:74:ac:82:ad:14:06:
1e:e5:df:28:01:20:fe:93:d3:60:a5:e6:ea:ef:cc:
1c:ba:3c:be:42:bd:6b:69:97:88:02:d3:b7:a6:ba:
f0:ec:69:a7:12:9a:3a:86:a6:d3:b6:2f:09:d1:30:
47:8f:bc:2c:c9:24:a3:90:a0:21:e5:7d:f9:ba:5c:
b8:e9:3a:b5:83:c0:fa:e5:53:ae:71:8e:04:40:00:
ef:e1:4e:60:2e:34:23:3c:4d:a4:f1:ac:01:19:2c:
84:7a:02:f6:32:5a:f8:04:e3:a2:c4:a6:ef:48:3d:
95:4f:f5:1c:c2:21:a8:75:89:c3:d4:55:e2:9a:3a:
cf:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:70:BE:26:A9:40:B9:A1:5E:63:3F:9A:4F:AC:9C:3E:EF:38:96:83
X509v3 Authority Key Identifier:
keyid:7B:2B:DF:EB:E4:59:22:1D:DA:35:F5:2C:5A:39:95:02:0E:4F:BB:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eyvf6-RZIh3aNfUsWjmVAg5Pu3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e6b617-76e2-426a-8071-34c76d9756dd/1/aHC-JqlAuaFeYz-aT6ycPu84loM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e6b617-76e2-426a-8071-34c76d9756dd/1/eyvf6-RZIh3aNfUsWjmVAg5Pu3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.101.0/24
Signature Algorithm: sha256WithRSAEncryption
03:61:c6:a5:f7:4b:71:a4:e1:a0:75:cb:1f:18:27:d8:e4:b7:
a9:da:d6:3f:d8:15:0c:ef:34:a0:4a:7f:a7:64:35:93:fc:56:
4b:d8:53:3b:ba:f1:28:1e:cc:44:77:9f:15:48:52:62:7a:e6:
3b:da:93:33:95:fe:44:93:73:e6:f8:da:76:52:ed:fd:b5:08:
20:0d:62:00:65:16:4a:26:5b:50:b4:ff:80:e3:01:1c:42:1f:
89:4f:05:19:6b:60:32:18:0c:fb:56:77:c1:74:b5:ed:47:c2:
8b:82:40:26:6a:1c:cd:9f:75:2f:85:c4:88:30:b1:b6:28:a6:
8e:66:7a:4c:3f:a7:97:31:09:bd:c7:02:26:df:b0:4a:b0:81:
b3:8b:d4:41:42:9a:9c:40:d2:32:26:26:40:f3:58:96:6f:74:
8a:6d:e1:22:14:4c:83:d6:77:8d:b4:2a:53:e7:b2:2f:b0:aa:
ba:f5:dc:8a:6e:26:8f:0e:96:1d:a3:93:85:02:63:70:be:70:
fe:90:12:68:be:9a:fa:8f:52:fc:51:26:24:14:ea:1c:42:1d:
9d:35:d7:26:a5:7e:39:c9:17:64:34:37:7c:41:8e:ab:0b:4f:
46:02:df:ba:69:35:31:62:05:09:47:f2:ef:7a:d8:8b:81:b3:
61:ac:57:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3MFhqp5nxxGA1wQKRQ8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMmJkZmViZTQ1OTIyMWRkYTM1ZjUyYzVhMzk5NTAyMGU0
ZmJiN2EwHhcNMjQwMTAxMTYzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODcwYmUyNmE5NDBiOWExNWU2MzNmOWE0ZmFjOWMzZWVmMzg5NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRu9RhvAt4kI/GQtrF144iWMVD4g
3hb07Hjn+QZFJsq+krku6PG+F15T+z5cqosZfUl8SoWU30kkRdi2WZBUo67G2Mv0
z/WqO3lfAVEgWqNlDP/WnJDq0K0/XOs4LnIdeO3lmINfzPckc01eSUoV+TjHo20K
r2qbdJQI9HjNiAp0rIKtFAYe5d8oASD+k9Ngpebq78wcujy+Qr1raZeIAtO3prrw
7GmnEpo6hqbTti8J0TBHj7wsySSjkKAh5X35uly46Tq1g8D65VOucY4EQADv4U5g
LjQjPE2k8awBGSyEegL2Mlr4BOOixKbvSD2VT/UcwiGodYnD1FXimjrPowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhwviapQLmhXmM/mk+snD7vOJaDMB8GA1UdIwQY
MBaAFHsr3+vkWSId2jX1LFo5lQIOT7t6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXl2ZjYtUlpJaDNhTmZVc1dqbVZBZzVQdTNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNmI2MTctNzZlMi00MjZhLTgwNzEt
MzRjNzZkOTc1NmRkLzEvYUhDLUpxbEF1YUZlWXotYVQ2eWNQdTg0bG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9lNmI2MTctNzZlMi00MjZhLTgwNzEtMzRjNzZkOTc1NmRk
LzEvZXl2ZjYtUlpJaDNhTmZVc1dqbVZBZzVQdTNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRBlMA0G
CSqGSIb3DQEBCwUAA4IBAQADYcal90txpOGgdcsfGCfY5Lep2tY/2BUM7zSgSn+n
ZDWT/FZL2FM7uvEoHsxEd58VSFJieuY72pMzlf5Ek3Pm+Np2Uu39tQggDWIAZRZK
JltQtP+A4wEcQh+JTwUZa2AyGAz7VnfBdLXtR8KLgkAmahzNn3UvhcSIMLG2KKaO
ZnpMP6eXMQm9xwIm37BKsIGzi9RBQpqcQNIyJiZA81iWb3SKbeEiFEyD1neNtCpT
57IvsKq69dyKbiaPDpYdo5OFAmNwvnD+kBJovpr6j1L8USYkFOocQh2dNdcmpX45
yRdkNDd8QY6rC09GAt+6aTUxYgUJR/LvetiLgbNhrFdy
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:15 2025 by rpki-client