Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/8a22f1-e4ff-4469-82eb-d30ea968bfa7/1/9KyMWWH0uXJlRfoABs64FnebNaw.roa
File: 9KyMWWH0uXJlRfoABs64FnebNaw.roa (raw, json)
Hash identifier: YBXj6V4lpAynvtO7t3Y8JVyivHnaMIZAz5M9zcl/6zE=
Subject key identifier: F4:AC:8C:59:61:F4:B9:72:65:45:FA:00:06:CE:B8:16:77:9B:35:AC
Certificate issuer: /CN=7e9360205b48af4954566314230e6b1296d9aec4
Certificate serial: 018F2A598D045A7D9E9266B48315F83649C9
Authority key identifier: 7E:93:60:20:5B:48:AF:49:54:56:63:14:23:0E:6B:12:96:D9:AE:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fpNgIFtIr0lUVmMUIw5rEpbZrsQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/8a22f1-e4ff-4469-82eb-d30ea968bfa7/1/9KyMWWH0uXJlRfoABs64FnebNaw.roa
Signing time: Mon 29 Apr 2024 14:54:22 +0000
ROA not before: Mon 29 Apr 2024 14:54:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35805
IP address blocks: 193.138.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 12:23:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:59:8d:04:5a:7d:9e:92:66:b4:83:15:f8:36:49:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e9360205b48af4954566314230e6b1296d9aec4
Validity
Not Before: Apr 29 14:54:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4ac8c5961f4b9726545fa0006ceb816779b35ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:4b:39:99:f9:0f:0c:fc:6b:64:ef:5b:c9:7c:
53:15:ba:f8:e2:aa:97:ba:8c:7a:a7:1a:55:25:3f:
a0:3a:99:98:07:3b:3e:80:05:d1:26:7d:c4:45:88:
a7:d6:f2:a9:50:45:d4:e8:d6:3b:0f:ac:6a:5c:59:
25:23:92:41:eb:d3:d5:5e:79:49:58:20:82:4f:f8:
76:3d:27:e0:ec:78:89:c8:35:84:18:51:d5:01:25:
b8:ea:36:c3:d9:5b:0c:7d:7b:58:a4:60:04:94:10:
80:4c:18:ee:7a:70:d1:cb:64:de:93:04:3d:36:52:
d1:63:91:fb:9b:fe:4f:50:ee:72:98:c9:00:95:c5:
ba:88:f2:5e:51:ff:96:32:c6:17:fd:b3:28:aa:2c:
ae:49:e7:dc:c3:8d:7c:73:ab:1e:06:f8:b6:c7:0d:
28:4b:00:82:40:a2:dc:52:a2:c0:ea:e3:47:c4:8f:
03:49:f1:14:f8:38:c3:d6:66:dc:05:d1:7d:34:e6:
77:ca:e4:5e:2e:5f:07:52:62:06:71:4e:10:89:f9:
e0:69:da:b3:55:63:ba:28:cb:cf:b2:6a:e9:bd:2c:
6e:85:96:ce:9f:a2:f1:f7:f4:72:eb:9e:df:4b:ec:
bb:21:47:bd:42:6c:41:6d:71:b2:41:86:b8:4d:4d:
e2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AC:8C:59:61:F4:B9:72:65:45:FA:00:06:CE:B8:16:77:9B:35:AC
X509v3 Authority Key Identifier:
keyid:7E:93:60:20:5B:48:AF:49:54:56:63:14:23:0E:6B:12:96:D9:AE:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fpNgIFtIr0lUVmMUIw5rEpbZrsQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8a22f1-e4ff-4469-82eb-d30ea968bfa7/1/9KyMWWH0uXJlRfoABs64FnebNaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/8a22f1-e4ff-4469-82eb-d30ea968bfa7/1/fpNgIFtIr0lUVmMUIw5rEpbZrsQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.138.97.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:5d:8b:22:9f:6d:08:fb:40:6e:f0:e8:e8:45:de:51:bc:42:
67:31:cd:43:5f:d6:73:dc:de:4f:b6:d9:21:04:95:d6:b6:bf:
b7:b1:c3:18:4e:a6:e6:01:84:34:6d:b0:fe:f8:c4:b8:14:c4:
55:b1:26:c0:d0:75:6b:4d:f8:1f:68:a5:fe:96:fb:5b:68:a5:
f8:59:7d:b3:01:20:a5:70:47:7a:71:91:24:f5:dc:b3:8f:f3:
e5:bb:4b:c5:e0:0c:cc:2b:38:e0:55:f9:1e:25:a8:12:08:41:
16:2c:fa:73:1d:9e:97:b0:86:47:5f:aa:c7:b0:1a:15:90:a7:
0e:a9:db:fc:6b:1f:33:1d:f9:7b:6c:d6:89:07:fd:17:80:d3:
5d:af:e1:30:33:ff:43:39:b0:33:aa:65:d2:41:54:95:89:76:
df:d8:24:c1:fd:d7:10:0f:ee:8a:e4:3b:91:4a:e4:8b:1e:33:
f6:7c:66:fa:23:48:d6:cb:2e:b0:88:70:3c:dd:66:a4:a2:03:
54:56:41:2d:26:64:43:bc:09:a6:52:3f:21:1b:32:a7:b1:e7:
e3:2a:d0:1f:8d:cd:8b:33:1a:21:27:0a:4b:24:be:25:e8:93:
58:e1:78:59:e3:6a:a3:aa:70:63:70:88:96:f6:5b:79:05:21:
99:2f:af:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8qWY0EWn2ekma0gxX4NknJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlOTM2MDIwNWI0OGFmNDk1NDU2NjMxNDIzMGU2YjEyOTZk
OWFlYzQwHhcNMjQwNDI5MTQ1NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFjOGM1OTYxZjRiOTcyNjU0NWZhMDAwNmNlYjgxNjc3OWIzNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Es5mfkPDPxrZO9byXxTFbr44qqX
uox6pxpVJT+gOpmYBzs+gAXRJn3ERYin1vKpUEXU6NY7D6xqXFklI5JB69PVXnlJ
WCCCT/h2PSfg7HiJyDWEGFHVASW46jbD2VsMfXtYpGAElBCATBjuenDRy2TekwQ9
NlLRY5H7m/5PUO5ymMkAlcW6iPJeUf+WMsYX/bMoqiyuSefcw418c6seBvi2xw0o
SwCCQKLcUqLA6uNHxI8DSfEU+DjD1mbcBdF9NOZ3yuReLl8HUmIGcU4Qifngadqz
VWO6KMvPsmrpvSxuhZbOn6Lx9/Ry657fS+y7IUe9QmxBbXGyQYa4TU3ivwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSsjFlh9LlyZUX6AAbOuBZ3mzWsMB8GA1UdIwQY
MBaAFH6TYCBbSK9JVFZjFCMOaxKW2a7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnBOZ0lGdElyMGxVVm1NVUl3NXJFcGJacnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS84YTIyZjEtZTRmZi00NDY5LTgyZWIt
ZDMwZWE5NjhiZmE3LzEvOUt5TVdXSDB1WEpsUmZvQUJzNjRGbmViTmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS84YTIyZjEtZTRmZi00NDY5LTgyZWItZDMwZWE5NjhiZmE3
LzEvZnBOZ0lGdElyMGxVVm1NVUl3NXJFcGJacnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYphMA0G
CSqGSIb3DQEBCwUAA4IBAQBqXYsin20I+0Bu8OjoRd5RvEJnMc1DX9Zz3N5Pttkh
BJXWtr+3scMYTqbmAYQ0bbD++MS4FMRVsSbA0HVrTfgfaKX+lvtbaKX4WX2zASCl
cEd6cZEk9dyzj/Plu0vF4AzMKzjgVfkeJagSCEEWLPpzHZ6XsIZHX6rHsBoVkKcO
qdv8ax8zHfl7bNaJB/0XgNNdr+EwM/9DObAzqmXSQVSViXbf2CTB/dcQD+6K5DuR
SuSLHjP2fGb6I0jWyy6wiHA83WakogNUVkEtJmRDvAmmUj8hGzKnsefjKtAfjc2L
MxohJwpLJL4l6JNY4XhZ42qjqnBjcIiW9lt5BSGZL69R
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:53:58 2025 by rpki-client