Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/sA8rc4icZC5WbjerYNZtsiU5DAs.roa
File: sA8rc4icZC5WbjerYNZtsiU5DAs.roa (raw, json)
Hash identifier: kAkn/DnR1VvHqoH6MVNjbRoGOgAUI/pMjM4s1+yhfsk=
Subject key identifier: B0:0F:2B:73:88:9C:64:2E:56:6E:37:AB:60:D6:6D:B2:25:39:0C:0B
Certificate issuer: /CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Certificate serial: 01918A713E030887FC7069B4EAC0DCBF7FE4
Authority key identifier: D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/sA8rc4icZC5WbjerYNZtsiU5DAs.roa
Signing time: Sun 25 Aug 2024 16:49:22 +0000
ROA not before: Sun 25 Aug 2024 16:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 194.169.48.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 20:27:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8a:71:3e:03:08:87:fc:70:69:b4:ea:c0:dc:bf:7f:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98247d3f81472dbba06dbea9bd19c785d18babe
Validity
Not Before: Aug 25 16:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b00f2b73889c642e566e37ab60d66db225390c0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:78:0e:01:9f:f3:dc:3f:ed:aa:a5:e4:69:96:
e3:86:72:3d:1c:9f:1f:c4:49:94:a8:50:27:74:91:
8b:28:e9:6c:1b:d9:79:42:ea:f6:9a:2b:b0:87:44:
d7:f1:8d:68:ec:47:c6:d8:9d:98:c3:9b:4f:47:1b:
c5:ab:99:96:80:8e:3c:4e:d7:b0:90:b1:2c:45:45:
d6:05:42:b8:c2:ae:9c:df:48:8e:93:97:a7:1a:b1:
4c:2a:7d:ca:29:95:78:4f:7d:f2:48:30:20:1e:39:
43:4c:74:ed:f4:db:2d:ad:55:ae:58:28:b2:58:5d:
c7:d6:87:46:a1:fa:fc:c1:94:a1:cb:97:73:64:7d:
f1:43:bb:a0:39:9e:0b:86:c0:01:b5:3a:46:9f:85:
da:34:01:e6:1c:ba:f3:14:8e:2c:25:45:ed:95:49:
b1:d3:16:e8:2a:fb:67:30:3c:8c:54:85:dc:52:ae:
d2:8a:ab:14:66:ea:86:e4:ee:62:90:73:c9:f1:7f:
7b:48:b1:63:f1:06:7e:76:1c:96:88:f5:30:91:1f:
bc:28:4a:ec:81:22:dd:5a:d1:91:91:f8:2c:19:87:
03:dc:99:f0:c5:da:3b:fd:5f:8a:fe:94:ae:73:71:
43:a3:de:8b:82:79:77:06:0d:c8:b6:6a:5d:e5:19:
0d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0F:2B:73:88:9C:64:2E:56:6E:37:AB:60:D6:6D:B2:25:39:0C:0B
X509v3 Authority Key Identifier:
keyid:D9:82:47:D3:F8:14:72:DB:BA:06:DB:EA:9B:D1:9C:78:5D:18:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YJH0_gUctu6Btvqm9GceF0Yur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/sA8rc4icZC5WbjerYNZtsiU5DAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6dbc99-bfa9-4ef7-a798-a3032615660c/1/2YJH0_gUctu6Btvqm9GceF0Yur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.48.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:a0:81:59:94:32:8c:19:1b:bc:fa:cb:68:e1:d2:02:0b:99:
21:4c:a0:c8:ef:f6:dd:1a:72:13:a0:a0:89:74:6c:2e:e3:a3:
0b:ef:fa:30:a4:20:af:d0:33:43:08:09:32:16:30:ff:9a:3b:
a7:59:d4:9b:99:7b:48:b7:63:02:fe:47:da:2a:a9:20:f7:ee:
b2:d2:f9:c7:76:7a:8b:cb:43:31:f6:d4:f4:0f:58:48:0f:f0:
04:5b:ca:e3:b5:6e:00:a9:87:d3:fe:9e:1f:5a:54:ab:23:5e:
7e:ac:b5:c6:26:cb:8e:21:d5:83:2f:89:e3:f3:cf:82:5b:67:
c3:da:b0:50:5c:d5:70:54:d7:d2:9e:aa:e1:3c:50:3b:56:e9:
d4:c2:09:77:38:cc:1e:74:2f:f8:52:ef:52:75:38:04:59:a8:
5e:fa:a8:a6:5e:3a:e7:7c:23:aa:8e:09:22:d7:ff:0a:f1:87:
45:bb:ff:3b:5d:cb:fe:a2:e9:21:f4:f2:1d:b4:87:68:7d:68:
1c:32:16:c2:c5:e5:fd:0f:93:cb:aa:d2:5f:28:72:46:6e:74:
b0:8b:21:57:ff:a5:29:1b:dd:7a:56:e9:25:d5:db:8f:65:4f:
a0:31:42:9a:9c:d7:1e:47:cd:f7:23:36:76:c2:1c:fd:d1:8c:
79:38:c8:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGKcT4DCIf8cGm06sDcv3/kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODI0N2QzZjgxNDcyZGJiYTA2ZGJlYTliZDE5Yzc4NWQx
OGJhYmUwHhcNMjQwODI1MTY0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDBmMmI3Mzg4OWM2NDJlNTY2ZTM3YWI2MGQ2NmRiMjI1MzkwYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXgOAZ/z3D/tqqXkaZbjhnI9HJ8f
xEmUqFAndJGLKOlsG9l5Qur2miuwh0TX8Y1o7EfG2J2Yw5tPRxvFq5mWgI48Ttew
kLEsRUXWBUK4wq6c30iOk5enGrFMKn3KKZV4T33ySDAgHjlDTHTt9NstrVWuWCiy
WF3H1odGofr8wZShy5dzZH3xQ7ugOZ4LhsABtTpGn4XaNAHmHLrzFI4sJUXtlUmx
0xboKvtnMDyMVIXcUq7SiqsUZuqG5O5ikHPJ8X97SLFj8QZ+dhyWiPUwkR+8KErs
gSLdWtGRkfgsGYcD3Jnwxdo7/V+K/pSuc3FDo96Lgnl3Bg3Itmpd5RkNBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAPK3OInGQuVm43q2DWbbIlOQwLMB8GA1UdIwQY
MBaAFNmCR9P4FHLbugbb6pvRnHhdGLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgt
YTMwMzI2MTU2NjBjLzEvc0E4cmM0aWNaQzVXYmplcllOWnRzaVU1REFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZGJjOTktYmZhOS00ZWY3LWE3OTgtYTMwMzI2MTU2NjBj
LzEvMllKSDBfZ1VjdHU2QnR2cW05R2NlRjBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqkwMA0G
CSqGSIb3DQEBCwUAA4IBAQBPoIFZlDKMGRu8+sto4dICC5khTKDI7/bdGnIToKCJ
dGwu46ML7/owpCCv0DNDCAkyFjD/mjunWdSbmXtIt2MC/kfaKqkg9+6y0vnHdnqL
y0Mx9tT0D1hID/AEW8rjtW4AqYfT/p4fWlSrI15+rLXGJsuOIdWDL4nj88+CW2fD
2rBQXNVwVNfSnqrhPFA7VunUwgl3OMwedC/4Uu9SdTgEWahe+qimXjrnfCOqjgki
1/8K8YdFu/87Xcv+oukh9PIdtIdofWgcMhbCxeX9D5PLqtJfKHJGbnSwiyFX/6Up
G916Vukl1duPZU+gMUKanNceR833IzZ2whz90Yx5OMii
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:00:57 2025 by rpki-client