Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/cf7c19-1c7d-4ebe-b4dd-cbccf90455fe/1/1-I4AdBznds9GaGHbjjQJdTfr6lg.roa
File: 1-I4AdBznds9GaGHbjjQJdTfr6lg.roa (raw, json)
Hash identifier: ZrLQTh80NyOs52m9dL7lhb8lh/88jGNHaleIrbUUHFo=
Subject key identifier: F8:8E:00:74:1C:E7:76:CF:46:68:61:DB:8E:34:09:75:37:EB:EA:58
Certificate issuer: /CN=2d2d7d9743de2efa2f633378a268f58f2aa16050
Certificate serial: 018CC2DB02DEE9B288157EC79383C81E2618
Authority key identifier: 2D:2D:7D:97:43:DE:2E:FA:2F:63:33:78:A2:68:F5:8F:2A:A1:60:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LS19l0PeLvovYzN4omj1jyqhYFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/cf7c19-1c7d-4ebe-b4dd-cbccf90455fe/1/1-I4AdBznds9GaGHbjjQJdTfr6lg.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207656
IP address blocks: 193.218.118.0/24 maxlen: 24
193.218.119.0/24 maxlen: 24
2a0f:e586::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:02:de:e9:b2:88:15:7e:c7:93:83:c8:1e:26:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2d7d9743de2efa2f633378a268f58f2aa16050
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f88e00741ce776cf466861db8e34097537ebea58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2b:d5:3b:ba:47:ac:f5:42:cd:5f:39:1d:42:
08:31:5e:ad:f8:01:4f:73:e3:7f:51:95:a4:10:d1:
6e:8c:36:74:6e:86:80:19:bd:61:e8:18:8d:60:d9:
bf:44:7a:95:2e:b1:1d:2c:3c:9f:02:2a:03:5b:85:
15:67:80:55:f2:cf:fc:84:87:1d:84:91:c3:83:30:
3e:a2:f1:2d:23:02:a1:32:d7:1a:05:c1:a4:00:c9:
3c:53:ff:bd:79:e7:47:c8:23:de:07:68:65:75:da:
ee:1f:77:40:48:31:f0:53:06:29:0f:73:a2:e3:18:
33:a0:67:cc:df:8d:24:ef:b6:22:f4:89:e5:09:1c:
ba:c7:80:1e:b8:b8:e9:75:b7:60:34:34:cc:fa:38:
2f:a0:35:91:42:62:dd:0b:38:2f:15:de:2a:95:49:
7d:d7:ac:47:8f:80:4c:58:42:8e:9c:6b:94:18:a1:
00:46:25:37:53:a3:bc:1e:9e:6d:9f:26:e7:54:1a:
18:a2:95:33:15:96:73:5b:ab:3d:0a:04:99:29:fd:
e1:59:e6:c9:c3:c4:be:5e:17:88:a5:e3:2d:2e:1c:
fc:c1:8f:d3:58:7c:98:62:b0:d4:35:f0:f2:71:b3:
12:b8:cf:3b:72:1f:25:42:83:8e:b4:97:7d:1b:e4:
46:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8E:00:74:1C:E7:76:CF:46:68:61:DB:8E:34:09:75:37:EB:EA:58
X509v3 Authority Key Identifier:
keyid:2D:2D:7D:97:43:DE:2E:FA:2F:63:33:78:A2:68:F5:8F:2A:A1:60:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS19l0PeLvovYzN4omj1jyqhYFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/cf7c19-1c7d-4ebe-b4dd-cbccf90455fe/1/1-I4AdBznds9GaGHbjjQJdTfr6lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/cf7c19-1c7d-4ebe-b4dd-cbccf90455fe/1/LS19l0PeLvovYzN4omj1jyqhYFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.118.0/23
IPv6:
2a0f:e586::/32
Signature Algorithm: sha256WithRSAEncryption
b7:86:64:9f:59:60:50:6c:63:3f:15:f5:1f:5e:83:7e:f7:65:
fc:ef:ab:67:85:78:ba:1d:ca:81:dd:2a:6d:e3:0c:0c:8c:2e:
40:fe:c1:74:08:75:e4:a5:c9:37:19:73:bf:ab:f2:39:54:23:
c0:dd:9c:07:3c:1a:71:83:94:1a:33:0d:5f:b3:66:9c:0f:75:
8e:0a:f7:4f:7f:15:36:c5:26:16:1a:f4:be:9e:b1:52:54:87:
95:2c:f6:de:4d:d4:51:f9:97:80:59:3c:fa:b0:85:04:3c:89:
12:13:a3:c3:9e:d3:f0:6e:13:4d:de:dd:ad:f8:2f:71:be:7b:
27:be:f7:db:12:f0:45:8e:48:28:42:82:8e:e7:08:d0:3d:31:
f4:be:52:2f:c2:52:31:84:2d:28:e2:8f:f4:b5:17:48:a2:05:
78:c3:28:36:d9:b4:14:50:16:85:b2:0b:fb:7d:23:3f:b4:2a:
38:52:74:50:e4:02:23:59:09:29:f9:73:a5:bd:6a:d8:62:4f:
86:51:81:e7:c2:f1:99:aa:07:05:3d:ce:4a:a9:e7:bd:ae:fd:
0f:e2:85:0a:b8:4d:4d:d0:e5:6b:47:2f:ae:98:e2:44:33:f4:
19:8b:1b:06:03:a9:1b:58:e7:31:ba:07:b7:a8:5f:f8:b4:1c:
42:33:70:7a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzC2wLe6bKIFX7Hk4PIHiYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmQ3ZDk3NDNkZTJlZmEyZjYzMzM3OGEyNjhmNThmMmFh
MTYwNTAwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODhlMDA3NDFjZTc3NmNmNDY2ODYxZGI4ZTM0MDk3NTM3ZWJlYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SvVO7pHrPVCzV85HUIIMV6t+AFP
c+N/UZWkENFujDZ0boaAGb1h6BiNYNm/RHqVLrEdLDyfAioDW4UVZ4BV8s/8hIcd
hJHDgzA+ovEtIwKhMtcaBcGkAMk8U/+9eedHyCPeB2hlddruH3dASDHwUwYpD3Oi
4xgzoGfM340k77Yi9InlCRy6x4AeuLjpdbdgNDTM+jgvoDWRQmLdCzgvFd4qlUl9
16xHj4BMWEKOnGuUGKEARiU3U6O8Hp5tnybnVBoYopUzFZZzW6s9CgSZKf3hWebJ
w8S+XheIpeMtLhz8wY/TWHyYYrDUNfDycbMSuM87ch8lQoOOtJd9G+RGYwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPiOAHQc53bPRmhh2440CXU36+pYMB8GA1UdIwQY
MBaAFC0tfZdD3i76L2MzeKJo9Y8qoWBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFMxOWwwUGVMdm92WXpONG9tajFqeXFoWUZBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jZjdjMTktMWM3ZC00ZWJlLWI0ZGQt
Y2JjY2Y5MDQ1NWZlLzEvMS1JNEFkQnpuZHM5R2FHSGJqalFKZFRmcjZsZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODMvY2Y3YzE5LTFjN2QtNGViZS1iNGRkLWNiY2NmOTA0NTVm
ZS8xL0xTMTlsMFBlTHZvdll6TjRvbWoxanlxaFlGQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAcHadjAN
BAIAAjAHAwUAKg/lhjANBgkqhkiG9w0BAQsFAAOCAQEAt4Zkn1lgUGxjPxX1H16D
fvdl/O+rZ4V4uh3Kgd0qbeMMDIwuQP7BdAh15KXJNxlzv6vyOVQjwN2cBzwacYOU
GjMNX7NmnA91jgr3T38VNsUmFhr0vp6xUlSHlSz23k3UUfmXgFk8+rCFBDyJEhOj
w57T8G4TTd7drfgvcb57J7732xLwRY5IKEKCjucI0D0x9L5SL8JSMYQtKOKP9LUX
SKIFeMMoNtm0FFAWhbIL+30jP7QqOFJ0UOQCI1kJKflzpb1q2GJPhlGB58LxmaoH
BT3OSqnnva79D+KFCrhNTdDla0cvrpjiRDP0GYsbBgOpG1jnMboHt6hf+LQcQjNw
eg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:29 2025 by rpki-client