Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/ea0863-2db8-46ff-9950-d12830b3b1e0/1/_rn7XwC2cH9C7kefAztY-ynBjzE.roa
File: _rn7XwC2cH9C7kefAztY-ynBjzE.roa (raw, json)
Hash identifier: hl1jd7QBrQZfM7FYNFEdxU0yrb8Px3CJHPmMI0L2uiU=
Subject key identifier: FE:B9:FB:5F:00:B6:70:7F:42:EE:47:9F:03:3B:58:FB:29:C1:8F:31
Certificate issuer: /CN=5c0273657ec5a1384d536f1bd99d916507fe7b29
Certificate serial: 018CC6B8D87AD614BE49ADA9293BD76A4FEC
Authority key identifier: 5C:02:73:65:7E:C5:A1:38:4D:53:6F:1B:D9:9D:91:65:07:FE:7B:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XAJzZX7FoThNU28b2Z2RZQf-eyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/ea0863-2db8-46ff-9950-d12830b3b1e0/1/_rn7XwC2cH9C7kefAztY-ynBjzE.roa
Signing time: Mon 01 Jan 2024 20:30:51 +0000
ROA not before: Mon 01 Jan 2024 20:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211178
IP address blocks: 193.3.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Apr 2024 05:52:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:d8:7a:d6:14:be:49:ad:a9:29:3b:d7:6a:4f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c0273657ec5a1384d536f1bd99d916507fe7b29
Validity
Not Before: Jan 1 20:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=feb9fb5f00b6707f42ee479f033b58fb29c18f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:45:fe:86:59:8e:9b:15:c8:4e:06:ee:b5:f9:
da:71:f6:0c:55:91:23:29:1a:e2:7a:c9:d9:d5:88:
68:4f:88:35:ef:18:5f:e7:db:1d:e2:de:cd:a9:37:
06:f3:aa:4c:06:b1:3e:bb:46:58:5e:a4:55:28:54:
73:3c:45:b4:45:ae:22:07:2e:d5:a1:a4:4e:a8:45:
f8:5e:f4:f6:3a:df:a0:cf:3e:cd:61:70:ed:09:06:
1b:7c:75:f1:fd:8c:02:76:5b:c3:c2:3c:3f:f5:57:
02:18:cf:9a:87:df:9a:3c:00:db:0a:b8:64:84:c1:
17:98:42:ff:75:e6:df:1a:3f:2b:1d:cc:89:d0:3c:
24:94:6c:17:8b:8e:90:5d:f8:c9:7e:7c:a4:49:5f:
49:9e:36:6a:3f:25:ea:f9:d5:c8:1b:09:cb:ad:44:
67:68:69:82:c6:2a:b3:0b:9d:46:38:3e:63:1a:49:
71:1f:7e:06:49:35:81:89:33:2f:f1:c1:92:2e:f7:
2e:a5:5e:33:8f:20:e3:85:6c:fd:e0:da:25:42:5a:
9f:6f:e6:3f:e9:55:5e:44:97:1c:30:e0:c0:52:98:
ed:8f:88:ff:67:bd:cf:45:79:de:90:2a:b8:4b:9c:
54:67:09:c7:90:44:fb:4d:32:42:0a:8b:29:bc:76:
f7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B9:FB:5F:00:B6:70:7F:42:EE:47:9F:03:3B:58:FB:29:C1:8F:31
X509v3 Authority Key Identifier:
keyid:5C:02:73:65:7E:C5:A1:38:4D:53:6F:1B:D9:9D:91:65:07:FE:7B:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAJzZX7FoThNU28b2Z2RZQf-eyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ea0863-2db8-46ff-9950-d12830b3b1e0/1/_rn7XwC2cH9C7kefAztY-ynBjzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ea0863-2db8-46ff-9950-d12830b3b1e0/1/XAJzZX7FoThNU28b2Z2RZQf-eyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.34.0/24
Signature Algorithm: sha256WithRSAEncryption
14:8c:5f:5c:d6:18:1e:6d:af:5c:43:28:05:e0:d8:3c:79:9d:
32:30:0d:c6:d8:99:b9:9c:4b:8a:95:d4:99:a5:cd:a7:d6:ab:
62:06:e0:de:23:dc:46:0f:ec:c9:51:33:52:b4:c0:44:ca:b6:
77:56:6d:75:0d:62:dc:5d:2e:21:98:2b:49:ec:05:a1:4c:02:
06:7d:0a:8b:82:57:f2:ba:49:f4:8b:2f:cd:84:6a:55:24:c1:
08:28:0f:cf:dd:f5:4d:b1:22:a3:c1:d4:6e:34:4b:4a:41:28:
a8:e8:00:3c:f5:18:d5:f6:f3:9f:6e:bd:0a:72:0c:16:89:87:
2b:1f:e7:6f:2b:2a:bf:59:28:04:0c:ad:25:e6:99:0e:96:b3:
6f:c5:64:74:ea:c6:f3:13:ae:94:65:c1:7c:e1:62:1e:84:da:
70:65:02:c2:68:e0:26:23:dd:2b:a1:c8:a4:4f:15:78:e3:d8:
15:2e:3d:07:ca:4e:9b:e7:33:1a:80:40:fb:8e:a4:e3:02:4a:
b5:07:28:e3:cf:b9:5d:5c:64:e8:80:0c:9b:00:7b:d2:46:5e:
90:47:7d:09:ee:2a:1b:59:f6:92:06:0c:14:24:36:ae:24:e8:
28:cb:c0:bf:ee:25:f6:e7:58:df:74:a4:b4:38:d3:8b:fb:5f:
12:ee:11:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuNh61hS+Sa2pKTvXak/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMDI3MzY1N2VjNWExMzg0ZDUzNmYxYmQ5OWQ5MTY1MDdm
ZTdiMjkwHhcNMjQwMTAxMjAzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWI5ZmI1ZjAwYjY3MDdmNDJlZTQ3OWYwMzNiNThmYjI5YzE4ZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0X+hlmOmxXITgbutfnacfYMVZEj
KRriesnZ1YhoT4g17xhf59sd4t7NqTcG86pMBrE+u0ZYXqRVKFRzPEW0Ra4iBy7V
oaROqEX4XvT2Ot+gzz7NYXDtCQYbfHXx/YwCdlvDwjw/9VcCGM+ah9+aPADbCrhk
hMEXmEL/debfGj8rHcyJ0DwklGwXi46QXfjJfnykSV9JnjZqPyXq+dXIGwnLrURn
aGmCxiqzC51GOD5jGklxH34GSTWBiTMv8cGSLvcupV4zjyDjhWz94NolQlqfb+Y/
6VVeRJccMODAUpjtj4j/Z73PRXnekCq4S5xUZwnHkET7TTJCCospvHb30QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP65+18AtnB/Qu5HnwM7WPspwY8xMB8GA1UdIwQY
MBaAFFwCc2V+xaE4TVNvG9mdkWUH/nspMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEFKelpYN0ZvVGhOVTI4YjJaMlJaUWYtZXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYTA4NjMtMmRiOC00NmZmLTk5NTAt
ZDEyODMwYjNiMWUwLzEvX3JuN1h3QzJjSDlDN2tlZkF6dFkteW5CanpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYTA4NjMtMmRiOC00NmZmLTk5NTAtZDEyODMwYjNiMWUw
LzEvWEFKelpYN0ZvVGhOVTI4YjJaMlJaUWYtZXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMiMA0G
CSqGSIb3DQEBCwUAA4IBAQAUjF9c1hgeba9cQygF4Ng8eZ0yMA3G2Jm5nEuKldSZ
pc2n1qtiBuDeI9xGD+zJUTNStMBEyrZ3Vm11DWLcXS4hmCtJ7AWhTAIGfQqLglfy
ukn0iy/NhGpVJMEIKA/P3fVNsSKjwdRuNEtKQSio6AA89RjV9vOfbr0KcgwWiYcr
H+dvKyq/WSgEDK0l5pkOlrNvxWR06sbzE66UZcF84WIehNpwZQLCaOAmI90rocik
TxV449gVLj0Hyk6b5zMagED7jqTjAkq1Byjjz7ldXGTogAybAHvSRl6QR30J7iob
WfaSBgwUJDauJOgoy8C/7iX251jfdKS0ONOL+18S7hFx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:53 2025 by rpki-client