Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/rDJI0kMJANImZwMrFhnvz49H938.roa
File: rDJI0kMJANImZwMrFhnvz49H938.roa (raw, json)
Hash identifier: 0dWXhf5yTHIumGuEHlKT445s/dvtl7wqm/7B3UuCjZ8=
Subject key identifier: AC:32:48:D2:43:09:00:D2:26:67:03:2B:16:19:EF:CF:8F:47:F7:7F
Certificate issuer: /CN=6c6f6391139638cef8318114132ccf26e167d3a4
Certificate serial: 018CC492DE83F385096B6CD63563D0023793
Authority key identifier: 6C:6F:63:91:13:96:38:CE:F8:31:81:14:13:2C:CF:26:E1:67:D3:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bG9jkROWOM74MYEUEyzPJuFn06Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/rDJI0kMJANImZwMrFhnvz49H938.roa
Signing time: Mon 01 Jan 2024 10:30:08 +0000
ROA not before: Mon 01 Jan 2024 10:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212373
IP address blocks: 193.163.168.0/24 maxlen: 24
2a10:8ac0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:de:83:f3:85:09:6b:6c:d6:35:63:d0:02:37:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c6f6391139638cef8318114132ccf26e167d3a4
Validity
Not Before: Jan 1 10:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac3248d2430900d22667032b1619efcf8f47f77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:96:cb:40:d9:fb:c7:aa:16:88:0c:37:38:34:
05:89:db:18:ac:ab:f3:9d:bb:01:bd:39:fa:79:e3:
47:64:03:d7:0f:d3:08:5b:e2:69:48:a1:14:40:af:
da:cd:75:ce:e5:ca:63:37:16:27:db:3d:98:b8:c7:
17:d2:e2:aa:6d:32:3e:ab:de:cd:d1:c9:99:d5:ec:
b3:85:0f:d2:05:4d:bf:1b:ae:17:3e:e8:4d:aa:7b:
25:d9:cb:47:99:8c:6d:ce:e2:00:ab:e5:ce:85:82:
56:cc:e4:bc:06:f2:f4:c2:3f:06:7c:a0:56:d6:54:
c1:be:57:b8:12:f2:cf:88:82:d0:89:e3:b5:9c:a1:
f1:35:1a:21:0e:4c:40:cd:e8:b8:21:53:ac:45:15:
0a:58:89:ff:93:a4:23:e8:24:34:dd:c8:ad:ba:60:
83:88:eb:5d:3c:fa:82:db:d0:f7:ff:b0:a9:e2:1b:
f6:6b:df:23:9d:2e:64:89:56:c6:ab:75:a0:80:a4:
4c:a9:27:97:a9:9f:63:b2:5d:02:a4:cc:7c:1a:be:
25:6c:5a:51:4b:d4:28:9c:8e:01:88:b4:c5:ab:96:
d2:c5:fd:a0:04:3a:62:ec:c7:95:d5:19:eb:ec:c6:
b6:8b:3f:2d:5f:e4:13:24:13:b8:61:81:b0:e7:da:
98:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:32:48:D2:43:09:00:D2:26:67:03:2B:16:19:EF:CF:8F:47:F7:7F
X509v3 Authority Key Identifier:
keyid:6C:6F:63:91:13:96:38:CE:F8:31:81:14:13:2C:CF:26:E1:67:D3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bG9jkROWOM74MYEUEyzPJuFn06Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/rDJI0kMJANImZwMrFhnvz49H938.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/95a6f4-8220-46dc-b238-34ad1c853599/1/bG9jkROWOM74MYEUEyzPJuFn06Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.168.0/24
IPv6:
2a10:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
78:ec:65:55:7d:dd:df:5e:58:78:e3:f1:a2:d4:4e:be:80:86:
16:e8:61:dd:57:db:96:b3:b4:85:bb:13:e5:ca:9c:bd:44:b3:
50:5f:fb:82:ed:7f:4c:c5:48:32:49:27:e5:7c:33:71:7e:6c:
00:1f:ff:95:80:28:de:4d:ee:27:70:f8:4e:01:4a:4f:e9:06:
65:d4:95:36:26:c9:2d:e5:f2:f6:ef:6e:73:8f:5f:33:41:a0:
fd:7b:56:f3:39:c5:c9:5b:9b:1e:30:57:ba:4c:7e:2f:5b:d4:
97:b0:33:46:f8:15:c8:9e:ca:8e:d3:f4:7a:03:ce:4e:37:e1:
26:c9:5f:bb:90:46:f7:56:ee:f4:cc:d8:e4:ac:3c:98:ab:4e:
53:5e:a1:c6:ef:8b:f2:b7:33:10:91:fd:97:1d:82:74:b1:44:
49:a2:c0:ea:c7:f9:da:05:2e:d8:23:f2:f4:37:ad:22:c6:a4:
b0:68:05:45:e9:80:b2:24:b0:a4:b8:d0:3e:13:50:a7:3c:d5:
18:ce:e0:c8:40:ef:2f:54:72:c9:63:51:37:0e:6a:82:ce:0e:
47:74:aa:92:ec:b2:fd:bd:ac:e3:13:db:28:f9:cd:97:70:9d:
7b:5c:57:c7:db:17:61:15:bc:c9:f2:2c:be:c2:7f:89:bb:fd:
2e:4d:81:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEkt6D84UJa2zWNWPQAjeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNmY2MzkxMTM5NjM4Y2VmODMxODExNDEzMmNjZjI2ZTE2
N2QzYTQwHhcNMjQwMTAxMTAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzMyNDhkMjQzMDkwMGQyMjY2NzAzMmIxNjE5ZWZjZjhmNDdmNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpbLQNn7x6oWiAw3ODQFidsYrKvz
nbsBvTn6eeNHZAPXD9MIW+JpSKEUQK/azXXO5cpjNxYn2z2YuMcX0uKqbTI+q97N
0cmZ1eyzhQ/SBU2/G64XPuhNqnsl2ctHmYxtzuIAq+XOhYJWzOS8BvL0wj8GfKBW
1lTBvle4EvLPiILQieO1nKHxNRohDkxAzei4IVOsRRUKWIn/k6Qj6CQ03citumCD
iOtdPPqC29D3/7Cp4hv2a98jnS5kiVbGq3WggKRMqSeXqZ9jsl0CpMx8Gr4lbFpR
S9QonI4BiLTFq5bSxf2gBDpi7MeV1Rnr7Ma2iz8tX+QTJBO4YYGw59qYIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKwySNJDCQDSJmcDKxYZ78+PR/d/MB8GA1UdIwQY
MBaAFGxvY5ETljjO+DGBFBMszybhZ9OkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkc5amtST1dPTTc0TVlFVUV5elBKdUZuMDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS85NWE2ZjQtODIyMC00NmRjLWIyMzgt
MzRhZDFjODUzNTk5LzEvckRKSTBrTUpBTkltWndNckZobnZ6NDlIOTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS85NWE2ZjQtODIyMC00NmRjLWIyMzgtMzRhZDFjODUzNTk5
LzEvYkc5amtST1dPTTc0TVlFVUV5elBKdUZuMDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaOoMA0E
AgACMAcDBQMqEIrAMA0GCSqGSIb3DQEBCwUAA4IBAQB47GVVfd3fXlh44/Gi1E6+
gIYW6GHdV9uWs7SFuxPlypy9RLNQX/uC7X9MxUgySSflfDNxfmwAH/+VgCjeTe4n
cPhOAUpP6QZl1JU2Jskt5fL2725zj18zQaD9e1bzOcXJW5seMFe6TH4vW9SXsDNG
+BXInsqO0/R6A85ON+EmyV+7kEb3Vu70zNjkrDyYq05TXqHG74vytzMQkf2XHYJ0
sURJosDqx/naBS7YI/L0N60ixqSwaAVF6YCyJLCkuNA+E1CnPNUYzuDIQO8vVHLJ
Y1E3DmqCzg5HdKqS7LL9vazjE9so+c2XcJ17XFfH2xdhFbzJ8iy+wn+Ju/0uTYES
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:04 2025 by rpki-client