Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/9cb34a-c372-482e-81ca-8f639c5a1a72/1/krWnUEwfBVebc8oUvVh4ulzx9sM.roa
File: krWnUEwfBVebc8oUvVh4ulzx9sM.roa (raw, json)
Hash identifier: bBbWpM1SGI08q7IfroxFvahjCLJRWjtSVFO1xByQLbA=
Subject key identifier: 92:B5:A7:50:4C:1F:05:57:9B:73:CA:14:BD:58:78:BA:5C:F1:F6:C3
Certificate issuer: /CN=d0b7fc8b058d1f499901a8c2f86e62ae95136797
Certificate serial: 018CC6B8F463DE6880088B7CD660BCAEE5E7
Authority key identifier: D0:B7:FC:8B:05:8D:1F:49:99:01:A8:C2:F8:6E:62:AE:95:13:67:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Lf8iwWNH0mZAajC-G5irpUTZ5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/9cb34a-c372-482e-81ca-8f639c5a1a72/1/krWnUEwfBVebc8oUvVh4ulzx9sM.roa
Signing time: Mon 01 Jan 2024 20:30:58 +0000
ROA not before: Mon 01 Jan 2024 20:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24728
IP address blocks: 193.105.67.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f4:63:de:68:80:08:8b:7c:d6:60:bc:ae:e5:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b7fc8b058d1f499901a8c2f86e62ae95136797
Validity
Not Before: Jan 1 20:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92b5a7504c1f05579b73ca14bd5878ba5cf1f6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:12:bb:d5:82:9b:e4:f4:2b:40:7f:29:64:ac:
8e:08:c0:9a:6a:8f:0d:14:98:bc:62:76:f0:d0:f2:
31:9d:42:fc:52:29:95:f3:ac:93:02:2a:f4:f8:60:
37:5b:67:08:14:37:34:83:8b:39:21:ec:7d:7c:05:
fa:ad:6a:4c:ac:b2:d9:fd:6a:dd:68:82:80:ff:00:
f1:a3:d5:38:f5:02:a3:ac:0f:7c:7f:e6:70:0b:48:
c5:01:da:d3:5a:25:f7:db:c3:1d:b8:09:23:f2:dc:
da:1f:81:39:cd:f2:80:88:1a:7d:39:5b:42:ab:94:
88:9c:14:4b:50:3b:9d:ee:79:b0:87:be:69:26:8c:
6a:cc:d6:8f:f9:d2:a5:54:b5:84:59:d5:b5:b0:f2:
6f:86:a7:76:db:21:ac:af:f3:57:13:29:8d:cc:9a:
77:d7:7a:35:03:c5:ae:ef:d3:ce:23:a0:b0:8c:3d:
0e:0c:0e:f1:c3:b7:27:28:8b:73:7a:24:f2:47:45:
05:45:a6:0f:47:9b:01:ca:8d:62:6d:b3:f7:78:c1:
7c:e9:16:48:7b:8a:a6:63:a7:27:3f:45:91:aa:df:
2e:40:0f:45:38:71:a4:1d:a0:5a:f9:23:36:c8:02:
92:5a:11:80:a4:a1:65:8a:8c:37:6d:be:6b:21:ad:
7b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B5:A7:50:4C:1F:05:57:9B:73:CA:14:BD:58:78:BA:5C:F1:F6:C3
X509v3 Authority Key Identifier:
keyid:D0:B7:FC:8B:05:8D:1F:49:99:01:A8:C2:F8:6E:62:AE:95:13:67:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Lf8iwWNH0mZAajC-G5irpUTZ5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9cb34a-c372-482e-81ca-8f639c5a1a72/1/krWnUEwfBVebc8oUvVh4ulzx9sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9cb34a-c372-482e-81ca-8f639c5a1a72/1/0Lf8iwWNH0mZAajC-G5irpUTZ5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.67.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:ca:96:93:02:21:ab:72:f1:67:95:8e:93:ea:ed:cc:8f:01:
5a:c8:b0:6a:df:a6:83:8a:9c:cf:4c:5d:50:57:80:eb:62:8c:
37:af:db:91:64:c4:d8:41:db:1b:84:16:6e:08:f9:84:b3:ca:
46:b2:f1:83:58:12:23:7b:43:72:aa:cc:79:da:58:a7:df:a9:
f0:97:93:81:fd:4a:31:70:3b:a1:f8:5c:31:0e:62:d7:0f:89:
67:d3:22:9e:0d:f1:4b:8c:e2:6d:04:17:7e:65:17:dc:a5:6b:
b1:cc:d8:2d:f7:bc:5f:24:e0:47:e8:e6:ec:2a:d0:fc:7e:39:
01:c9:2c:b3:e2:5b:ab:a2:8c:05:70:3f:27:bb:b4:d3:42:3d:
37:45:99:f7:68:fc:05:1c:d5:de:3b:71:78:6b:18:4a:22:a8:
ee:68:14:01:91:cb:bc:f8:03:99:89:98:d3:1b:8c:29:7f:7c:
86:63:4a:94:69:14:43:32:05:8d:80:7b:20:d6:b4:8d:42:1d:
6f:20:54:0f:81:fa:a2:be:ec:90:5e:14:87:e7:cf:43:33:9c:
3c:e3:95:5b:04:01:64:de:a5:60:3c:8c:9d:70:87:fb:65:fe:
01:78:ad:53:8a:b5:92:c4:45:87:90:a8:f9:58:fa:6b:2b:8a:
b7:45:bd:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuPRj3miACIt81mC8ruXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjdmYzhiMDU4ZDFmNDk5OTAxYThjMmY4NmU2MmFlOTUx
MzY3OTcwHhcNMjQwMTAxMjAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmI1YTc1MDRjMWYwNTU3OWI3M2NhMTRiZDU4NzhiYTVjZjFmNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxK71YKb5PQrQH8pZKyOCMCaao8N
FJi8Ynbw0PIxnUL8UimV86yTAir0+GA3W2cIFDc0g4s5Iex9fAX6rWpMrLLZ/Wrd
aIKA/wDxo9U49QKjrA98f+ZwC0jFAdrTWiX328MduAkj8tzaH4E5zfKAiBp9OVtC
q5SInBRLUDud7nmwh75pJoxqzNaP+dKlVLWEWdW1sPJvhqd22yGsr/NXEymNzJp3
13o1A8Wu79POI6CwjD0ODA7xw7cnKItzeiTyR0UFRaYPR5sByo1ibbP3eMF86RZI
e4qmY6cnP0WRqt8uQA9FOHGkHaBa+SM2yAKSWhGApKFliow3bb5rIa17uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJK1p1BMHwVXm3PKFL1YeLpc8fbDMB8GA1UdIwQY
MBaAFNC3/IsFjR9JmQGowvhuYq6VE2eXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExmOGl3V05IMG1aQWFqQy1HNWlycFVUWjVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85Y2IzNGEtYzM3Mi00ODJlLTgxY2Et
OGY2MzljNWExYTcyLzEva3JXblVFd2ZCVmViYzhvVXZWaDR1bHp4OXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85Y2IzNGEtYzM3Mi00ODJlLTgxY2EtOGY2MzljNWExYTcy
LzEvMExmOGl3V05IMG1aQWFqQy1HNWlycFVUWjVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWlDMA0G
CSqGSIb3DQEBCwUAA4IBAQAuypaTAiGrcvFnlY6T6u3MjwFayLBq36aDipzPTF1Q
V4DrYow3r9uRZMTYQdsbhBZuCPmEs8pGsvGDWBIje0Nyqsx52lin36nwl5OB/Uox
cDuh+FwxDmLXD4ln0yKeDfFLjOJtBBd+ZRfcpWuxzNgt97xfJOBH6ObsKtD8fjkB
ySyz4luroowFcD8nu7TTQj03RZn3aPwFHNXeO3F4axhKIqjuaBQBkcu8+AOZiZjT
G4wpf3yGY0qUaRRDMgWNgHsg1rSNQh1vIFQPgfqivuyQXhSH589DM5w845VbBAFk
3qVgPIydcIf7Zf4BeK1TirWSxEWHkKj5WPprK4q3Rb0z
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:01 2025 by rpki-client