Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/Ku7DGnszryBclL7Ol5tLUKMbkuQ.roa
File: Ku7DGnszryBclL7Ol5tLUKMbkuQ.roa (raw, json)
Hash identifier: 7mCHmW/6GrAIK9fa026rrymC2zTxZ2QBqLfnXyscb9Q=
Subject key identifier: 2A:EE:C3:1A:7B:33:AF:20:5C:94:BE:CE:97:9B:4B:50:A3:1B:92:E4
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 018F10D336D70C5C18D8E281AC3C5B5C01A0
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/Ku7DGnszryBclL7Ol5tLUKMbkuQ.roa
Signing time: Wed 24 Apr 2024 15:57:08 +0000
ROA not before: Wed 24 Apr 2024 15:57:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 194.169.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Aug 2024 07:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:d3:36:d7:0c:5c:18:d8:e2:81:ac:3c:5b:5c:01:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Apr 24 15:57:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aeec31a7b33af205c94bece979b4b50a31b92e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f5:dc:5d:d9:ac:80:4f:d7:94:c7:48:3b:75:
59:a5:ac:d0:b1:9b:1a:38:55:3e:d0:f8:5f:bf:27:
09:d0:e4:00:59:d9:1d:b8:48:24:b9:27:90:0d:76:
c4:53:d6:72:2c:05:c4:84:c9:43:d2:7d:13:c1:bd:
77:22:db:3f:29:63:b7:c7:7c:c2:ff:24:9c:d2:b9:
79:26:ec:e5:e6:38:ef:b4:d5:1d:74:98:43:ff:d5:
5c:6e:22:52:63:a7:2e:b3:6d:54:30:d0:4a:ae:96:
25:cb:fb:9b:f3:41:09:6e:13:86:8c:7e:28:1c:6b:
e2:ab:b5:ba:f8:d4:90:b5:c6:60:0c:e5:ab:73:8e:
41:43:b2:8c:55:23:e0:81:dc:bb:f5:58:9d:a7:f0:
c5:79:b4:b8:c9:e6:ae:1a:66:8a:65:da:d1:9d:5f:
86:cb:53:33:c2:73:3e:f2:03:4f:b1:5b:88:eb:70:
56:86:0a:1d:8f:4a:d0:1d:8b:af:98:a7:b3:6b:7f:
5b:01:6c:87:99:5a:f5:f3:d5:e0:f6:05:f0:65:3b:
cc:d5:d8:da:ac:f3:15:10:ef:ac:b0:05:ea:79:e0:
e4:f7:c9:91:06:49:4d:17:97:28:c9:ee:fb:dd:13:
70:2d:19:22:63:69:ae:a9:39:3a:ec:ed:54:cb:c2:
1d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EE:C3:1A:7B:33:AF:20:5C:94:BE:CE:97:9B:4B:50:A3:1B:92:E4
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/Ku7DGnszryBclL7Ol5tLUKMbkuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.48.0/24
Signature Algorithm: sha256WithRSAEncryption
48:19:70:76:65:3b:c0:76:84:ee:b9:1b:10:07:bf:6c:d2:b1:
36:9c:79:c9:c8:5a:9b:3b:0e:0e:6a:30:6b:e6:28:c7:06:4e:
ac:a7:3d:62:af:d7:0c:6c:a1:01:4c:60:35:26:5e:1a:19:01:
a2:3a:e3:48:6c:80:dc:1f:3d:3d:16:48:ce:ce:93:b9:df:61:
45:a3:db:02:2b:88:9a:7a:56:20:65:30:b9:ef:b5:bb:54:fa:
d2:19:c8:5a:4d:97:a2:6b:ce:7c:f2:06:e7:95:29:2a:7e:ec:
66:41:89:c7:51:58:8e:3c:67:08:05:85:99:ce:83:bf:71:7e:
3e:31:d2:03:4a:4c:cd:30:05:b4:2c:f3:c3:82:2e:65:7a:dd:
fe:fa:f3:40:a2:0c:80:3d:84:4d:d0:46:7a:12:db:26:fb:c2:
71:32:2b:ca:b7:db:3c:a4:3d:4a:5c:4a:ab:e4:26:e3:c0:00:
fa:be:59:60:7a:27:55:f6:cc:28:59:79:aa:37:53:09:41:a6:
be:24:6e:2c:93:ce:6c:72:4b:fa:6f:5f:27:a0:0b:99:51:5c:
59:6c:38:f0:35:62:04:8c:c1:4f:f3:e6:2e:9b:05:fc:13:02:
39:cf:b2:52:50:fa:ba:b0:60:8c:84:35:b3:fa:43:9c:88:83:
1a:4e:7c:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8Q0zbXDFwY2OKBrDxbXAGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjQwNDI0MTU1NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVlYzMxYTdiMzNhZjIwNWM5NGJlY2U5NzliNGI1MGEzMWI5MmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfXcXdmsgE/XlMdIO3VZpazQsZsa
OFU+0PhfvycJ0OQAWdkduEgkuSeQDXbEU9ZyLAXEhMlD0n0Twb13Its/KWO3x3zC
/ySc0rl5Juzl5jjvtNUddJhD/9VcbiJSY6cus21UMNBKrpYly/ub80EJbhOGjH4o
HGviq7W6+NSQtcZgDOWrc45BQ7KMVSPggdy79Vidp/DFebS4yeauGmaKZdrRnV+G
y1MzwnM+8gNPsVuI63BWhgodj0rQHYuvmKeza39bAWyHmVr189Xg9gXwZTvM1dja
rPMVEO+ssAXqeeDk98mRBklNF5coye773RNwLRkiY2muqTk67O1Uy8IdxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCruwxp7M68gXJS+zpebS1CjG5LkMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvS3U3REduc3pyeUJjbEw3T2w1dExVS01ia3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqkwMA0G
CSqGSIb3DQEBCwUAA4IBAQBIGXB2ZTvAdoTuuRsQB79s0rE2nHnJyFqbOw4OajBr
5ijHBk6spz1ir9cMbKEBTGA1Jl4aGQGiOuNIbIDcHz09FkjOzpO532FFo9sCK4ia
elYgZTC577W7VPrSGchaTZeia8588gbnlSkqfuxmQYnHUViOPGcIBYWZzoO/cX4+
MdIDSkzNMAW0LPPDgi5let3++vNAogyAPYRN0EZ6Etsm+8JxMivKt9s8pD1KXEqr
5CbjwAD6vllgeidV9swoWXmqN1MJQaa+JG4sk85sckv6b18noAuZUVxZbDjwNWIE
jMFP8+YumwX8EwI5z7JSUPq6sGCMhDWz+kOciIMaTnwV
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:34 2025 by rpki-client