Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/pBduEXeJe7CWLYI1dzrSRIFWDTk.roa
File: pBduEXeJe7CWLYI1dzrSRIFWDTk.roa (raw, json)
Hash identifier: VyxqF9GZ6xD01NEGZGy/4Yw22QAHhbk5WHmFUVWO/ig=
Subject key identifier: A4:17:6E:11:77:89:7B:B0:96:2D:82:35:77:3A:D2:44:81:56:0D:39
Certificate issuer: /CN=09b0110ae4b81794a508831fcb5edcc8d5fd2f1b
Certificate serial: 019098A7C42C60166290ECA2113CA7AC3D32
Authority key identifier: 09:B0:11:0A:E4:B8:17:94:A5:08:83:1F:CB:5E:DC:C8:D5:FD:2F:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/pBduEXeJe7CWLYI1dzrSRIFWDTk.roa
Signing time: Tue 09 Jul 2024 18:00:49 +0000
ROA not before: Tue 09 Jul 2024 18:00:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212807
IP address blocks: 194.15.40.0/24 maxlen: 24
194.15.41.0/24 maxlen: 24
194.15.42.0/24 maxlen: 24
2a0f:7480::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:a7:c4:2c:60:16:62:90:ec:a2:11:3c:a7:ac:3d:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b0110ae4b81794a508831fcb5edcc8d5fd2f1b
Validity
Not Before: Jul 9 18:00:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4176e1177897bb0962d8235773ad24481560d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bb:89:f8:ec:23:00:2c:00:4a:a5:f9:e0:49:
51:d5:f9:45:2e:ef:04:e0:57:e7:f7:f5:56:69:8d:
76:83:7e:e0:3b:22:2e:2c:24:d6:a7:6e:42:93:08:
7f:2d:db:e3:f2:bf:56:c6:f1:88:ee:25:86:fe:0d:
2a:e4:68:9b:ac:9c:ef:23:13:3c:7f:e2:83:9b:1a:
98:4b:67:70:8a:69:a6:26:55:50:c4:f6:3a:fa:e5:
ef:0c:2f:da:bb:c1:8d:0d:0d:fe:75:f9:29:98:2b:
40:64:fb:9f:be:e9:19:56:ce:09:b0:3d:d1:77:a1:
5a:95:c0:15:a8:29:75:c4:81:ee:e0:46:df:b7:4b:
81:4f:ee:25:56:08:2e:e7:4c:47:a5:23:63:d4:9b:
ae:6d:5f:a5:39:8e:61:53:eb:c3:70:43:cd:92:b7:
79:d1:96:1a:39:91:b5:73:e9:08:ff:be:b0:52:24:
71:e8:9b:fd:a2:ad:ae:15:5e:29:ee:1b:eb:42:bf:
16:7a:fe:34:99:53:17:a8:a2:25:54:f9:a9:55:6b:
70:94:e7:9b:40:19:37:2a:3c:c6:b7:6e:03:1e:86:
07:1a:41:8c:1e:0e:3d:93:10:94:2e:35:13:d0:87:
2b:ac:54:37:31:d9:39:fb:a4:d5:9e:9c:c4:cd:d1:
4d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:17:6E:11:77:89:7B:B0:96:2D:82:35:77:3A:D2:44:81:56:0D:39
X509v3 Authority Key Identifier:
keyid:09:B0:11:0A:E4:B8:17:94:A5:08:83:1F:CB:5E:DC:C8:D5:FD:2F:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbARCuS4F5SlCIMfy17cyNX9Lxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/pBduEXeJe7CWLYI1dzrSRIFWDTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/b3ce1b-f1f7-40cb-b3d0-6d20f5c197f6/1/CbARCuS4F5SlCIMfy17cyNX9Lxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.40.0-194.15.42.255
IPv6:
2a0f:7480::/29
Signature Algorithm: sha256WithRSAEncryption
39:61:28:cd:45:c5:0c:32:98:aa:22:5e:21:cd:57:94:fe:26:
3c:fb:ba:42:74:78:cf:f0:eb:24:29:de:0d:66:08:73:f9:cb:
ad:6f:66:b3:63:80:f7:4a:e6:2e:4b:d8:ab:f6:3d:88:18:f0:
da:f8:bd:63:c0:b5:b4:ae:e3:e7:bc:90:aa:59:59:30:25:90:
ad:bb:bf:38:70:10:af:7f:e9:fb:e7:2b:5d:4b:44:22:d7:70:
0e:4d:b8:00:06:44:3c:e2:98:79:a0:a5:44:97:27:a0:13:ee:
d8:fb:6b:d8:00:66:a6:0c:bf:40:07:ec:a1:a8:8c:a9:77:b6:
c0:5a:c5:19:4e:0c:42:a0:51:a8:e3:f9:d0:02:25:f2:b7:8e:
5e:1b:89:b3:ea:0b:aa:f9:05:d0:51:1c:20:39:81:ab:f1:fe:
30:dd:65:f8:8f:f6:2c:48:92:53:c5:88:23:d7:4e:86:64:47:
be:c6:37:6f:6a:7d:08:c7:c9:12:e4:ba:74:2d:e0:ad:9a:a4:
c6:c9:cf:e7:a6:08:21:5b:cc:91:92:a5:46:0a:aa:93:c2:53:
51:9d:fb:75:ca:33:c5:dc:1a:90:48:0a:7b:87:06:6d:cc:5e:
f9:83:a9:04:5d:2b:ea:7d:2b:ad:79:8b:38:59:25:76:e5:73:
f3:ea:8e:6d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZCYp8QsYBZikOyiETynrD0yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YjAxMTBhZTRiODE3OTRhNTA4ODMxZmNiNWVkY2M4ZDVm
ZDJmMWIwHhcNMjQwNzA5MTgwMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDE3NmUxMTc3ODk3YmIwOTYyZDgyMzU3NzNhZDI0NDgxNTYwZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8buJ+OwjACwASqX54ElR1flFLu8E
4Ffn9/VWaY12g37gOyIuLCTWp25Ckwh/Ldvj8r9WxvGI7iWG/g0q5GibrJzvIxM8
f+KDmxqYS2dwimmmJlVQxPY6+uXvDC/au8GNDQ3+dfkpmCtAZPufvukZVs4JsD3R
d6FalcAVqCl1xIHu4Ebft0uBT+4lVggu50xHpSNj1JuubV+lOY5hU+vDcEPNkrd5
0ZYaOZG1c+kI/76wUiRx6Jv9oq2uFV4p7hvrQr8Wev40mVMXqKIlVPmpVWtwlOeb
QBk3KjzGt24DHoYHGkGMHg49kxCULjUT0IcrrFQ3Mdk5+6TVnpzEzdFNVQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKQXbhF3iXuwli2CNXc60kSBVg05MB8GA1UdIwQY
MBaAFAmwEQrkuBeUpQiDH8te3MjV/S8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2JBUkN1UzRGNVNsQ0lNZnkxN2N5Tlg5THhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9iM2NlMWItZjFmNy00MGNiLWIzZDAt
NmQyMGY1YzE5N2Y2LzEvcEJkdUVYZUplN0NXTFlJMWR6clNSSUZXRFRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9iM2NlMWItZjFmNy00MGNiLWIzZDAtNmQyMGY1YzE5N2Y2
LzEvQ2JBUkN1UzRGNVNsQ0lNZnkxN2N5Tlg5THhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAPCDygD
BADCDyowDQQCAAIwBwMFAyoPdIAwDQYJKoZIhvcNAQELBQADggEBADlhKM1FxQwy
mKoiXiHNV5T+Jjz7ukJ0eM/w6yQp3g1mCHP5y61vZrNjgPdK5i5L2Kv2PYgY8Nr4
vWPAtbSu4+e8kKpZWTAlkK27vzhwEK9/6fvnK11LRCLXcA5NuAAGRDzimHmgpUSX
J6AT7tj7a9gAZqYMv0AH7KGojKl3tsBaxRlODEKgUajj+dACJfK3jl4bibPqC6r5
BdBRHCA5gavx/jDdZfiP9ixIklPFiCPXToZkR77GN29qfQjHyRLkunQt4K2apMbJ
z+emCCFbzJGSpUYKqpPCU1Gd+3XKM8XcGpBICnuHBm3MXvmDqQRdK+p9K615izhZ
JXblc/Pqjm0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:49 2025 by rpki-client