Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/699efa-94f7-4125-b62f-41569abc37cc/1/L15gHzKIWYcxu59j3zo0_k9NVxE.roa
File: L15gHzKIWYcxu59j3zo0_k9NVxE.roa (raw, json)
Hash identifier: Ii5q0rO4/ACbJL1DrlHcS9ofaEeyebFO1EXSJvIdBcw=
Subject key identifier: 2F:5E:60:1F:32:88:59:87:31:BB:9F:63:DF:3A:34:FE:4F:4D:57:11
Certificate issuer: /CN=d92b8a5ed46ac3046d45014723a0b92facf2a49b
Certificate serial: 019396DEE4CD460B8BBD1BEE492530CB18A3
Authority key identifier: D9:2B:8A:5E:D4:6A:C3:04:6D:45:01:47:23:A0:B9:2F:AC:F2:A4:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2SuKXtRqwwRtRQFHI6C5L6zypJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/699efa-94f7-4125-b62f-41569abc37cc/1/L15gHzKIWYcxu59j3zo0_k9NVxE.roa
Signing time: Thu 05 Dec 2024 12:50:10 +0000
ROA not before: Thu 05 Dec 2024 12:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197882
IP address blocks: 193.47.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:de:e4:cd:46:0b:8b:bd:1b:ee:49:25:30:cb:18:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d92b8a5ed46ac3046d45014723a0b92facf2a49b
Validity
Not Before: Dec 5 12:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f5e601f3288598731bb9f63df3a34fe4f4d5711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:79:ec:1f:10:96:26:31:0a:55:8a:9b:b9:
d8:71:fd:24:2f:74:b9:72:34:12:a3:de:a2:1b:a9:
30:ce:6c:83:a4:3a:4c:46:1e:4e:2d:fa:d2:d2:2d:
92:7a:71:c8:1d:c4:0f:b1:f3:db:ad:22:6f:63:45:
72:24:e0:b6:13:67:a8:1b:e6:18:b4:4e:6b:32:f6:
bf:61:d5:4e:3d:e7:58:74:1e:46:4d:86:c4:70:4c:
df:a4:18:99:4c:e6:a0:5e:59:20:fe:37:11:d4:df:
ae:54:f2:cc:2d:13:d5:70:65:cf:7a:b3:15:16:e3:
54:61:5b:dd:e6:b3:09:77:2b:96:4a:ef:22:8a:ff:
87:0a:68:ac:19:34:ce:06:c5:c6:f5:2c:73:db:fd:
bc:a6:bc:65:61:c8:92:a2:3c:d6:89:dc:fd:7c:de:
58:9a:8d:7a:55:38:f0:2e:c8:b9:86:22:12:35:49:
19:1a:60:05:ae:e4:16:48:ff:c1:dd:36:98:b6:5c:
23:2a:0f:31:5f:f0:94:96:34:c4:79:ed:da:50:16:
3c:49:57:e9:0a:fb:26:0f:43:31:18:51:d9:1d:5b:
a9:7f:35:7c:35:30:04:1b:7f:64:36:0f:51:86:35:
87:41:83:ab:3f:13:75:6b:40:3f:34:21:69:67:7f:
98:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5E:60:1F:32:88:59:87:31:BB:9F:63:DF:3A:34:FE:4F:4D:57:11
X509v3 Authority Key Identifier:
keyid:D9:2B:8A:5E:D4:6A:C3:04:6D:45:01:47:23:A0:B9:2F:AC:F2:A4:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SuKXtRqwwRtRQFHI6C5L6zypJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/699efa-94f7-4125-b62f-41569abc37cc/1/L15gHzKIWYcxu59j3zo0_k9NVxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/699efa-94f7-4125-b62f-41569abc37cc/1/2SuKXtRqwwRtRQFHI6C5L6zypJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.189.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ec:56:3c:90:72:a6:4c:2f:02:f0:2a:af:87:e1:9f:2e:b0:
71:ce:8f:8d:50:ff:ee:89:31:cb:b1:8b:7d:3d:41:b8:a0:a6:
b3:0f:77:ba:c4:a4:ca:72:a3:b3:43:d8:3f:0f:4d:c0:ca:64:
13:55:05:da:11:3b:64:e8:ef:11:59:be:02:1a:91:13:32:29:
c9:d9:a9:ef:7e:97:49:28:14:65:01:3e:63:b1:4a:00:ec:a6:
0e:f4:42:86:19:ff:a3:06:cc:75:9e:d2:a4:2e:c4:a5:9c:bc:
f6:6f:0a:87:e3:54:25:43:34:61:41:bc:67:97:79:a0:bd:79:
4e:5e:1d:fc:21:9e:c8:29:d9:93:25:0e:bc:0e:df:18:eb:c1:
dd:f6:9b:19:c9:09:a7:6b:29:9d:2d:01:04:e2:99:ea:e1:14:
c5:33:54:dd:5e:8b:c4:c7:16:51:57:f0:49:e7:6e:d9:5d:7b:
5f:de:b5:2e:4d:55:96:0b:b7:11:68:2b:75:62:af:f2:bd:a9:
35:6e:cd:6b:c0:1e:ea:dd:f3:a6:15:31:53:5d:22:ee:99:a7:
72:93:b4:b8:fa:44:1f:d3:6d:d4:03:cc:8c:4c:f3:3e:d2:e6:
d0:23:9d:84:88:f6:76:3b:ad:d0:81:b5:9c:f9:99:bd:13:6e:
d3:2a:93:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOW3uTNRguLvRvuSSUwyxijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MmI4YTVlZDQ2YWMzMDQ2ZDQ1MDE0NzIzYTBiOTJmYWNm
MmE0OWIwHhcNMjQxMjA1MTI1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjVlNjAxZjMyODg1OTg3MzFiYjlmNjNkZjNhMzRmZTRmNGQ1NzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMt57B8QliYxClWKm7nYcf0kL3S5
cjQSo96iG6kwzmyDpDpMRh5OLfrS0i2SenHIHcQPsfPbrSJvY0VyJOC2E2eoG+YY
tE5rMva/YdVOPedYdB5GTYbEcEzfpBiZTOagXlkg/jcR1N+uVPLMLRPVcGXPerMV
FuNUYVvd5rMJdyuWSu8iiv+HCmisGTTOBsXG9Sxz2/28prxlYciSojzWidz9fN5Y
mo16VTjwLsi5hiISNUkZGmAFruQWSP/B3TaYtlwjKg8xX/CUljTEee3aUBY8SVfp
CvsmD0MxGFHZHVupfzV8NTAEG39kNg9RhjWHQYOrPxN1a0A/NCFpZ3+Y3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9eYB8yiFmHMbufY986NP5PTVcRMB8GA1UdIwQY
MBaAFNkril7UasMEbUUBRyOguS+s8qSbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlN1S1h0UnF3d1J0UlFGSEk2QzVMNnp5cEpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS82OTllZmEtOTRmNy00MTI1LWI2MmYt
NDE1NjlhYmMzN2NjLzEvTDE1Z0h6S0lXWWN4dTU5ajN6bzBfazlOVnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS82OTllZmEtOTRmNy00MTI1LWI2MmYtNDE1NjlhYmMzN2Nj
LzEvMlN1S1h0UnF3d1J0UlFGSEk2QzVMNnp5cEpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS+9MA0G
CSqGSIb3DQEBCwUAA4IBAQBo7FY8kHKmTC8C8Cqvh+GfLrBxzo+NUP/uiTHLsYt9
PUG4oKazD3e6xKTKcqOzQ9g/D03AymQTVQXaETtk6O8RWb4CGpETMinJ2anvfpdJ
KBRlAT5jsUoA7KYO9EKGGf+jBsx1ntKkLsSlnLz2bwqH41QlQzRhQbxnl3mgvXlO
Xh38IZ7IKdmTJQ68Dt8Y68Hd9psZyQmnaymdLQEE4pnq4RTFM1TdXovExxZRV/BJ
527ZXXtf3rUuTVWWC7cRaCt1Yq/yvak1bs1rwB7q3fOmFTFTXSLumadyk7S4+kQf
023UA8yMTPM+0ubQI52EiPZ2O63QgbWc+Zm9E27TKpO5
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:23:26 2025 by rpki-client