Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/fMLJ1YpmkhbG68QAWkcBmTkFfL4.roa
File: fMLJ1YpmkhbG68QAWkcBmTkFfL4.roa (raw, json)
Hash identifier: c3WugMSDN5G2w70GjeX321iCVABxJlkDjOA2lW7KmOc=
Subject key identifier: 7C:C2:C9:D5:8A:66:92:16:C6:EB:C4:00:5A:47:01:99:39:05:7C:BE
Certificate issuer: /CN=c0ea1ddba4cbd3cb57ec860d85ff4ff9301afce5
Certificate serial: 01928F46C15ABEB341307E05AD611B6E6253
Authority key identifier: C0:EA:1D:DB:A4:CB:D3:CB:57:EC:86:0D:85:FF:4F:F9:30:1A:FC:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOod26TL08tX7IYNhf9P-TAa_OU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/fMLJ1YpmkhbG68QAWkcBmTkFfL4.roa
Signing time: Tue 15 Oct 2024 08:23:51 +0000
ROA not before: Tue 15 Oct 2024 08:23:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3292
IP address blocks: 193.105.30.0/23 maxlen: 23
194.99.114.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:46:c1:5a:be:b3:41:30:7e:05:ad:61:1b:6e:62:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0ea1ddba4cbd3cb57ec860d85ff4ff9301afce5
Validity
Not Before: Oct 15 08:23:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cc2c9d58a669216c6ebc4005a47019939057cbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:de:62:21:24:c3:29:75:ad:84:9f:26:4d:28:
a2:23:01:30:5a:91:b8:3c:81:c6:aa:cf:fc:26:27:
37:b0:f1:9d:a6:e3:74:21:a1:7e:cb:87:72:cc:94:
b6:a9:2e:7a:ae:51:7b:be:30:34:c3:ed:7a:e9:fd:
d1:86:e2:52:5f:2e:81:11:2f:82:df:2f:3b:f9:37:
c5:3a:be:6c:bd:6e:92:21:37:c3:4a:9e:22:95:40:
c0:08:69:6f:a2:48:f2:77:36:cb:c9:e9:58:54:a0:
ab:65:0d:26:6c:38:d8:a7:0e:fc:3a:cd:9b:8a:46:
89:45:4a:55:04:49:45:ab:75:8e:6c:a2:59:fe:c5:
9f:96:38:f1:06:6e:36:fa:f8:eb:e9:5e:40:5a:eb:
4f:0b:10:52:cf:b7:0d:60:cd:5a:ee:1f:bc:0c:eb:
e8:6e:54:3e:fa:68:ac:2a:54:49:90:c1:51:4f:9f:
92:5f:f3:ba:87:ec:0c:85:82:8f:ab:a5:b5:79:8a:
91:ba:09:50:1a:e9:67:26:44:59:7a:a8:49:49:bc:
41:15:e1:a4:bc:06:9d:c6:3f:34:99:15:78:a9:e6:
ce:8d:59:1b:5f:22:cc:d5:bb:00:a7:aa:6b:bc:27:
6b:0b:c6:c2:a9:99:a5:c6:6b:63:d8:47:f5:81:85:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C2:C9:D5:8A:66:92:16:C6:EB:C4:00:5A:47:01:99:39:05:7C:BE
X509v3 Authority Key Identifier:
keyid:C0:EA:1D:DB:A4:CB:D3:CB:57:EC:86:0D:85:FF:4F:F9:30:1A:FC:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOod26TL08tX7IYNhf9P-TAa_OU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/fMLJ1YpmkhbG68QAWkcBmTkFfL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/2d953c-96bc-407b-ad6a-3cfd6c3fdca4/1/wOod26TL08tX7IYNhf9P-TAa_OU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.30.0/23
194.99.114.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:ab:1b:1f:81:c5:7a:ac:c2:fb:4a:64:a7:e9:6c:8f:dd:6a:
2e:8a:b1:5e:c0:a5:dd:91:f4:30:ff:2e:c8:fd:69:f3:c0:09:
65:c9:27:9d:06:6f:45:1c:12:95:f0:5e:d9:11:ce:8e:7a:55:
8e:47:52:e7:b7:e2:1a:d0:da:25:03:9c:e3:fc:05:02:93:26:
6d:2e:45:80:66:87:c9:0a:09:4e:0d:d1:7f:26:5f:3c:b8:5e:
75:ff:fe:dc:9d:21:09:a0:5f:cc:72:b1:20:5f:f3:cc:85:eb:
e9:20:26:1d:82:60:ce:fa:37:aa:32:83:47:db:c1:b8:57:48:
2f:4f:fd:20:23:ba:56:6e:3b:e6:84:55:ea:97:1a:65:78:d9:
ac:44:5d:42:8c:35:93:fa:31:06:6c:28:2a:6f:de:61:dc:a3:
6c:1d:86:15:b4:72:4b:de:aa:bb:55:46:42:17:99:2f:47:5f:
41:24:55:17:a7:1e:8e:d2:64:7f:5d:3a:ea:06:10:59:5f:fa:
e8:e5:e5:d4:54:12:a0:d6:bc:a2:c8:73:80:ae:65:7b:0d:50:
00:38:c1:53:b8:f9:66:70:55:fd:61:db:57:84:9d:9a:07:ce:
1e:72:54:92:92:77:9f:ab:f1:10:46:d5:d7:84:76:84:45:d1:
cf:44:8f:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKPRsFavrNBMH4FrWEbbmJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZWExZGRiYTRjYmQzY2I1N2VjODYwZDg1ZmY0ZmY5MzAx
YWZjZTUwHhcNMjQxMDE1MDgyMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2MyYzlkNThhNjY5MjE2YzZlYmM0MDA1YTQ3MDE5OTM5MDU3Y2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw95iISTDKXWthJ8mTSiiIwEwWpG4
PIHGqs/8Jic3sPGdpuN0IaF+y4dyzJS2qS56rlF7vjA0w+166f3RhuJSXy6BES+C
3y87+TfFOr5svW6SITfDSp4ilUDACGlvokjydzbLyelYVKCrZQ0mbDjYpw78Os2b
ikaJRUpVBElFq3WObKJZ/sWfljjxBm42+vjr6V5AWutPCxBSz7cNYM1a7h+8DOvo
blQ++misKlRJkMFRT5+SX/O6h+wMhYKPq6W1eYqRuglQGulnJkRZeqhJSbxBFeGk
vAadxj80mRV4qebOjVkbXyLM1bsAp6prvCdrC8bCqZmlxmtj2Ef1gYUrNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHzCydWKZpIWxuvEAFpHAZk5BXy+MB8GA1UdIwQY
MBaAFMDqHduky9PLV+yGDYX/T/kwGvzlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09vZDI2VEwwOHRYN0lZTmhmOVAtVEFhX09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yZDk1M2MtOTZiYy00MDdiLWFkNmEt
M2NmZDZjM2ZkY2E0LzEvZk1MSjFZcG1raGJHNjhRQVdrY0JtVGtGZkw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yZDk1M2MtOTZiYy00MDdiLWFkNmEtM2NmZDZjM2ZkY2E0
LzEvd09vZDI2VEwwOHRYN0lZTmhmOVAtVEFhX09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwWkeAwQB
wmNyMA0GCSqGSIb3DQEBCwUAA4IBAQAKqxsfgcV6rML7SmSn6WyP3WouirFewKXd
kfQw/y7I/WnzwAllySedBm9FHBKV8F7ZEc6OelWOR1Lnt+Ia0NolA5zj/AUCkyZt
LkWAZofJCglODdF/Jl88uF51//7cnSEJoF/McrEgX/PMhevpICYdgmDO+jeqMoNH
28G4V0gvT/0gI7pWbjvmhFXqlxpleNmsRF1CjDWT+jEGbCgqb95h3KNsHYYVtHJL
3qq7VUZCF5kvR19BJFUXpx6O0mR/XTrqBhBZX/ro5eXUVBKg1ryiyHOArmV7DVAA
OMFTuPlmcFX9YdtXhJ2aB84eclSSknefq/EQRtXXhHaERdHPRI+J
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:57 2025 by rpki-client