Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/Z2mexHtMcdthgKG9aSJsNeohI4w.roa
File: Z2mexHtMcdthgKG9aSJsNeohI4w.roa (raw, json)
Hash identifier: m0OcAXOPeYDed+OvgfUkVLJfkMlAG78Dgwf4DizGZQ8=
Subject key identifier: 67:69:9E:C4:7B:4C:71:DB:61:80:A1:BD:69:22:6C:35:EA:21:23:8C
Certificate issuer: /CN=9e3533d662c3f0d6bb1e692f3fab6d7ba3824c28
Certificate serial: 019426D9E322270821D80F3EA827FFB8F463
Authority key identifier: 9E:35:33:D6:62:C3:F0:D6:BB:1E:69:2F:3F:AB:6D:7B:A3:82:4C:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njUz1mLD8Na7HmkvP6tte6OCTCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/Z2mexHtMcdthgKG9aSJsNeohI4w.roa
Signing time: Thu 02 Jan 2025 11:50:01 +0000
ROA not before: Thu 02 Jan 2025 11:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215009
IP address blocks: 193.34.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 09:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:e3:22:27:08:21:d8:0f:3e:a8:27:ff:b8:f4:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e3533d662c3f0d6bb1e692f3fab6d7ba3824c28
Validity
Not Before: Jan 2 11:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67699ec47b4c71db6180a1bd69226c35ea21238c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:66:aa:2b:3b:7a:79:2b:ce:0d:9d:57:76:f4:
81:29:3d:45:ed:d2:fd:38:c2:cd:ef:1b:80:c4:29:
6a:d7:e8:6e:f2:63:fc:eb:e7:00:c3:bb:98:70:52:
5b:b7:60:c4:dd:62:9f:59:62:fc:8e:bc:d2:79:21:
7a:5a:0a:e4:c1:4a:70:27:3d:33:de:8f:90:91:5d:
31:8a:8c:42:f7:e0:cc:7a:bf:8a:0e:5e:a1:54:9a:
fc:38:68:81:15:7a:7f:88:26:b7:d2:96:82:6c:03:
80:df:f3:51:58:52:eb:13:47:01:c2:de:82:98:3b:
13:72:4f:57:19:4b:68:ae:f3:e1:c5:7e:df:11:26:
aa:8f:d7:00:85:ba:e7:89:a9:27:34:a2:3e:ce:80:
6e:13:2d:04:45:6e:63:ad:c0:22:f0:73:78:8b:4c:
3d:69:aa:bd:69:e1:e8:9e:fb:a4:9e:47:e6:89:a8:
a2:b6:83:65:56:d3:07:d2:0d:2f:b7:f2:da:49:d0:
9e:b6:a1:39:44:6d:7c:a9:96:58:23:76:98:d4:83:
49:4c:3c:b8:b2:19:54:0d:2e:70:6f:57:83:bf:1f:
f9:56:3f:ca:22:47:3d:de:5a:1e:a3:11:b1:f8:41:
69:5c:12:5f:3a:1a:1f:bb:a3:c5:c8:e5:47:85:c6:
d9:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:69:9E:C4:7B:4C:71:DB:61:80:A1:BD:69:22:6C:35:EA:21:23:8C
X509v3 Authority Key Identifier:
keyid:9E:35:33:D6:62:C3:F0:D6:BB:1E:69:2F:3F:AB:6D:7B:A3:82:4C:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njUz1mLD8Na7HmkvP6tte6OCTCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/Z2mexHtMcdthgKG9aSJsNeohI4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/njUz1mLD8Na7HmkvP6tte6OCTCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.49.0/24
Signature Algorithm: sha256WithRSAEncryption
60:7b:cb:35:55:c7:ec:ff:4b:c8:ae:7f:98:67:17:c6:92:e3:
4d:75:4f:0a:05:fa:c5:78:25:ce:c2:25:ae:e7:e7:6b:ba:ef:
df:9d:f5:ae:e2:9d:4e:69:be:5b:06:dd:17:9c:08:c9:7b:12:
c3:27:6f:91:78:5c:63:f8:03:13:92:e7:79:2e:72:c1:f2:e6:
6c:f5:b2:03:9c:ec:29:5b:e8:fc:19:b6:b4:3b:e5:7e:6c:6c:
ca:83:71:3d:27:61:eb:78:c3:bb:fa:25:cc:a1:85:f6:97:1d:
c3:67:38:b5:25:44:7d:df:68:e4:c7:fc:c7:50:07:e6:28:1c:
c8:99:f6:00:25:88:54:ed:25:7e:f9:8f:cb:4b:d9:1f:6c:d1:
29:87:4f:7d:c0:52:a6:d2:23:34:f8:02:87:02:14:6d:56:f2:
ff:e8:56:06:22:78:1b:ea:51:be:dd:ab:d8:ed:32:c1:86:ab:
b6:f8:94:fb:8a:c3:a9:15:85:f9:71:62:94:55:17:64:95:87:
47:b4:62:ff:e6:2d:ea:ca:ea:fe:05:d4:9e:b6:81:db:e7:e9:
ee:3c:0c:28:f7:82:e5:60:18:cb:f3:89:68:84:88:58:da:5a:
cd:d2:2c:59:d2:89:81:2c:b9:61:ee:6e:c1:d2:1a:1d:e0:5d:
6d:cb:79:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2eMiJwgh2A8+qCf/uPRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzUzM2Q2NjJjM2YwZDZiYjFlNjkyZjNmYWI2ZDdiYTM4
MjRjMjgwHhcNMjUwMTAyMTE1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzY5OWVjNDdiNGM3MWRiNjE4MGExYmQ2OTIyNmMzNWVhMjEyMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWaqKzt6eSvODZ1XdvSBKT1F7dL9
OMLN7xuAxClq1+hu8mP86+cAw7uYcFJbt2DE3WKfWWL8jrzSeSF6WgrkwUpwJz0z
3o+QkV0xioxC9+DMer+KDl6hVJr8OGiBFXp/iCa30paCbAOA3/NRWFLrE0cBwt6C
mDsTck9XGUtorvPhxX7fESaqj9cAhbrniaknNKI+zoBuEy0ERW5jrcAi8HN4i0w9
aaq9aeHonvuknkfmiaiitoNlVtMH0g0vt/LaSdCetqE5RG18qZZYI3aY1INJTDy4
shlUDS5wb1eDvx/5Vj/KIkc93loeoxGx+EFpXBJfOhofu6PFyOVHhcbZWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdpnsR7THHbYYChvWkibDXqISOMMB8GA1UdIwQY
MBaAFJ41M9Ziw/DWux5pLz+rbXujgkwoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpVejFtTEQ4TmE3SG1rdlA2dHRlNk9DVENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iZWJlNmQtMTZiMy00YjAyLWIyMDUt
YTc4MzQxMzA5OWQzLzEvWjJtZXhIdE1jZHRoZ0tHOWFTSnNOZW9oSTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iZWJlNmQtMTZiMy00YjAyLWIyMDUtYTc4MzQxMzA5OWQz
LzEvbmpVejFtTEQ4TmE3SG1rdlA2dHRlNk9DVENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSIxMA0G
CSqGSIb3DQEBCwUAA4IBAQBge8s1Vcfs/0vIrn+YZxfGkuNNdU8KBfrFeCXOwiWu
5+druu/fnfWu4p1Oab5bBt0XnAjJexLDJ2+ReFxj+AMTkud5LnLB8uZs9bIDnOwp
W+j8Gba0O+V+bGzKg3E9J2HreMO7+iXMoYX2lx3DZzi1JUR932jkx/zHUAfmKBzI
mfYAJYhU7SV++Y/LS9kfbNEph099wFKm0iM0+AKHAhRtVvL/6FYGIngb6lG+3avY
7TLBhqu2+JT7isOpFYX5cWKUVRdklYdHtGL/5i3qyur+BdSetoHb5+nuPAwo94Ll
YBjL84lohIhY2lrN0ixZ0omBLLlh7m7B0hod4F1ty3k/
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:39:34 2025 by rpki-client