Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hBFWdJvf8NKyb1fPTpkTlHeAQdc.roa
File: hBFWdJvf8NKyb1fPTpkTlHeAQdc.roa (raw, json)
Hash identifier: DUdDozdrBtMCG/jGzcNnBM0oHBsosLpd0R4JW5a+m3M=
Subject key identifier: 84:11:56:74:9B:DF:F0:D2:B2:6F:57:CF:4E:99:13:94:77:80:41:D7
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 018CC5DBFE2B4DF239408A11FF70D1422B5F
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hBFWdJvf8NKyb1fPTpkTlHeAQdc.roa
Signing time: Mon 01 Jan 2024 16:29:38 +0000
ROA not before: Mon 01 Jan 2024 16:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202656
IP address blocks: 193.203.51.0/24 maxlen: 24
193.203.50.0/24 maxlen: 24
193.203.50.0/23 maxlen: 23
2a13:f580:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 11 Apr 2024 09:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fe:2b:4d:f2:39:40:8a:11:ff:70:d1:42:2b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Jan 1 16:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=841156749bdff0d2b26f57cf4e991394778041d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a0:d2:6c:9c:5f:48:1f:72:bd:df:c2:06:88:
4e:fc:fc:11:86:ae:3a:d6:fd:ee:cf:06:62:d3:02:
87:df:78:1c:ee:02:dc:46:dd:7e:c0:00:0b:b2:f6:
29:36:3f:c1:d0:ed:1f:89:1d:a8:c3:c7:b3:72:bf:
0d:d4:38:1c:c4:d4:ad:73:3e:12:d0:3d:79:ad:93:
23:69:32:9a:69:95:f2:bc:bf:63:9f:73:fb:ff:25:
17:86:62:34:7e:1a:99:f7:83:25:27:41:a7:4e:17:
e7:42:4c:22:8d:c3:d5:47:31:55:7b:f0:5b:2f:c9:
0a:ee:14:a5:3f:bb:c5:8f:bf:ec:45:12:f7:f7:57:
33:72:1c:d2:c8:73:09:7e:57:06:28:da:81:8a:25:
03:de:03:a3:51:9f:fc:c7:2b:db:7b:42:81:33:6c:
e0:bd:48:7a:b5:a4:ba:07:98:4d:36:ca:63:61:97:
ed:8b:2a:1f:1b:c4:e0:62:8c:59:57:5d:9d:32:80:
64:c1:f2:93:0e:98:1b:57:e9:2a:9c:ba:03:da:f5:
0c:2d:11:11:ec:fe:87:a4:97:81:df:8b:a7:75:49:
5f:30:6f:b0:59:e3:64:08:fe:18:77:de:d9:fa:82:
73:34:ea:e4:ff:d5:96:75:14:7e:96:52:c4:29:3f:
91:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:11:56:74:9B:DF:F0:D2:B2:6F:57:CF:4E:99:13:94:77:80:41:D7
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/hBFWdJvf8NKyb1fPTpkTlHeAQdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.50.0/23
IPv6:
2a13:f580:7::/48
Signature Algorithm: sha256WithRSAEncryption
85:12:8d:29:77:75:cf:8f:38:ba:73:42:db:99:ca:41:7b:c5:
f0:92:40:58:c5:97:d9:2e:75:09:b7:65:ad:97:ef:50:cf:06:
a6:be:41:05:a9:8c:cf:d2:ff:47:72:1e:a3:13:95:66:74:17:
c0:ca:9f:2c:09:bc:74:e2:cf:6d:c7:e5:f5:1a:0e:78:14:cf:
46:32:54:a1:17:7e:92:9a:43:11:d9:d0:85:4d:fb:44:04:23:
9c:02:1b:b6:60:b0:8c:b3:6c:2d:c8:d5:e5:20:de:36:30:b2:
b5:aa:72:ea:e2:a2:74:96:8b:59:a9:1b:3f:1f:50:76:ad:7c:
75:fe:ab:4b:3a:b6:6b:65:d0:b9:87:5a:c8:dc:9f:4e:cf:10:
74:6f:83:d5:46:3d:4a:61:ff:75:6d:75:cc:6d:59:64:06:60:
9b:25:54:8c:d9:49:2a:c6:a6:98:48:98:84:4b:5e:a8:6e:e0:
5d:0e:e6:41:35:1f:eb:c8:2d:01:61:a2:1f:e9:c1:41:e5:09:
e3:87:83:12:91:03:18:9b:c8:fe:f1:31:b1:8d:bb:95:3d:c3:
51:7c:f8:cc:d0:41:80:c1:75:25:96:6a:e0:ff:23:54:bc:80:
77:e6:0d:94:27:f4:dc:06:f3:10:2b:0b:bb:7f:aa:7b:eb:78:
4d:e7:18:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF2/4rTfI5QIoR/3DRQitfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDExNTY3NDliZGZmMGQyYjI2ZjU3Y2Y0ZTk5MTM5NDc3ODA0MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaDSbJxfSB9yvd/CBohO/PwRhq46
1v3uzwZi0wKH33gc7gLcRt1+wAALsvYpNj/B0O0fiR2ow8ezcr8N1DgcxNStcz4S
0D15rZMjaTKaaZXyvL9jn3P7/yUXhmI0fhqZ94MlJ0GnThfnQkwijcPVRzFVe/Bb
L8kK7hSlP7vFj7/sRRL391czchzSyHMJflcGKNqBiiUD3gOjUZ/8xyvbe0KBM2zg
vUh6taS6B5hNNspjYZftiyofG8TgYoxZV12dMoBkwfKTDpgbV+kqnLoD2vUMLRER
7P6HpJeB34undUlfMG+wWeNkCP4Yd97Z+oJzNOrk/9WWdRR+llLEKT+RRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIQRVnSb3/DSsm9Xz06ZE5R3gEHXMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvaEJGV2RKdmY4Tkt5YjFmUFRwa1RsSGVBUWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwcsyMA8E
AgACMAkDBwAqE/WAAAcwDQYJKoZIhvcNAQELBQADggEBAIUSjSl3dc+POLpzQtuZ
ykF7xfCSQFjFl9kudQm3Za2X71DPBqa+QQWpjM/S/0dyHqMTlWZ0F8DKnywJvHTi
z23H5fUaDngUz0YyVKEXfpKaQxHZ0IVN+0QEI5wCG7ZgsIyzbC3I1eUg3jYwsrWq
curionSWi1mpGz8fUHatfHX+q0s6tmtl0LmHWsjcn07PEHRvg9VGPUph/3Vtdcxt
WWQGYJslVIzZSSrGpphImIRLXqhu4F0O5kE1H+vILQFhoh/pwUHlCeOHgxKRAxib
yP7xMbGNu5U9w1F8+MzQQYDBdSWWauD/I1S8gHfmDZQn9NwG8xArC7t/qnvreE3n
GMs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:36:29 2025 by rpki-client