Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/12e905-7854-473c-950b-cf4bd4f3f29d/1/AtnFp3H26qY3Bd2YsmxYakU92-E.roa
File: AtnFp3H26qY3Bd2YsmxYakU92-E.roa (raw, json)
Hash identifier: AgO7V1unEntNLV7iGiDPjJmnCCbNPTXtbtAci+ix/WA=
Subject key identifier: 02:D9:C5:A7:71:F6:EA:A6:37:05:DD:98:B2:6C:58:6A:45:3D:DB:E1
Certificate issuer: /CN=e204a1c2ca4a4db033375e360de323790ba6a5b9
Certificate serial: 018CC6B8C0F3284DB0203F73CE37E80F1FFA
Authority key identifier: E2:04:A1:C2:CA:4A:4D:B0:33:37:5E:36:0D:E3:23:79:0B:A6:A5:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4gShwspKTbAzN142DeMjeQumpbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/12e905-7854-473c-950b-cf4bd4f3f29d/1/AtnFp3H26qY3Bd2YsmxYakU92-E.roa
Signing time: Mon 01 Jan 2024 20:30:45 +0000
ROA not before: Mon 01 Jan 2024 20:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8412
IP address blocks: 193.84.112.0/24 maxlen: 24
195.248.73.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:c0:f3:28:4d:b0:20:3f:73:ce:37:e8:0f:1f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e204a1c2ca4a4db033375e360de323790ba6a5b9
Validity
Not Before: Jan 1 20:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02d9c5a771f6eaa63705dd98b26c586a453ddbe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:84:a0:ff:92:c5:88:ca:46:f8:6d:8a:4e:27:
17:09:04:2b:ee:cb:cb:b2:aa:30:8f:0a:77:ca:8c:
67:e5:26:ce:bf:8a:9c:32:a3:54:04:a5:fe:ac:d3:
c6:fa:c0:71:2d:dd:38:2b:96:d3:c2:94:ca:9d:a1:
2c:1b:7a:c3:fe:3b:97:04:bd:ff:a9:72:26:6b:7e:
78:60:60:04:6e:70:8b:b8:72:16:d7:58:0a:e9:96:
49:4d:31:d8:00:52:64:24:cf:c7:f5:d3:54:9f:1b:
24:c4:10:ac:7e:58:0e:96:f3:ae:21:6b:de:e1:f6:
03:05:ae:10:56:e0:1d:3f:ff:36:6e:e0:2d:3e:3a:
52:a5:09:97:d3:cd:0d:86:33:2d:4f:25:d3:17:a4:
17:bc:f8:0b:d3:4b:bd:24:8e:d4:71:cc:bb:92:98:
db:d5:49:65:39:d0:75:5b:83:aa:31:fd:3f:35:ac:
8e:71:e6:67:8d:93:c1:56:87:e4:d8:8b:78:4d:fe:
ad:c4:92:3d:00:a5:cc:fc:59:8e:48:60:e4:95:e3:
74:7f:ec:e3:78:4c:5b:78:ae:a4:2b:03:e4:79:93:
03:43:ab:2c:70:34:60:dd:5b:c4:2b:1e:a6:d3:24:
14:6b:d3:b8:55:65:5c:03:ab:96:50:9d:d7:13:9d:
f2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D9:C5:A7:71:F6:EA:A6:37:05:DD:98:B2:6C:58:6A:45:3D:DB:E1
X509v3 Authority Key Identifier:
keyid:E2:04:A1:C2:CA:4A:4D:B0:33:37:5E:36:0D:E3:23:79:0B:A6:A5:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4gShwspKTbAzN142DeMjeQumpbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/12e905-7854-473c-950b-cf4bd4f3f29d/1/AtnFp3H26qY3Bd2YsmxYakU92-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/12e905-7854-473c-950b-cf4bd4f3f29d/1/4gShwspKTbAzN142DeMjeQumpbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.112.0/24
195.248.73.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:9b:f1:b3:f8:6f:83:b1:93:a0:fd:25:33:cc:91:e9:7c:1e:
4e:2e:df:88:05:c3:af:d0:69:03:a7:0a:54:02:90:0a:de:8f:
bb:c8:b0:6c:02:d5:09:ea:c0:cf:01:8c:db:af:d1:a5:89:bb:
04:25:3f:fc:65:fe:ec:bf:6e:3c:1d:b4:36:79:0a:72:f7:37:
df:4d:3a:ef:0e:0e:ae:5e:f0:77:54:c5:85:81:9b:e3:9a:4a:
27:6a:40:eb:a7:84:48:b3:54:92:7f:64:fd:a1:74:f8:60:c0:
6a:35:25:3c:71:5b:f6:e6:3b:e0:b9:59:74:a8:0a:7b:6d:a0:
1a:1b:e6:1a:17:4f:2b:79:81:55:3e:18:f3:c2:bf:3c:1f:f1:
57:2f:6b:92:33:e8:74:a3:28:d8:3a:b5:a7:54:6b:c0:6a:9a:
f8:17:1c:23:b6:92:88:bd:26:f0:25:b9:22:c0:c4:a3:a7:3b:
f2:42:66:98:1f:55:06:17:23:f3:dd:e9:66:a2:c3:de:e0:78:
8b:ff:5c:54:04:bf:d7:1e:31:1d:dd:ff:92:af:cd:e0:aa:a8:
f9:26:2b:74:bc:51:2a:d5:ce:ba:71:b5:27:e2:c9:10:c6:cf:
0f:b5:65:ad:42:86:24:e6:1b:2a:66:85:bb:31:79:43:43:c7:
6b:0f:f8:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuMDzKE2wID9zzjfoDx/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMDRhMWMyY2E0YTRkYjAzMzM3NWUzNjBkZTMyMzc5MGJh
NmE1YjkwHhcNMjQwMTAxMjAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQ5YzVhNzcxZjZlYWE2MzcwNWRkOThiMjZjNTg2YTQ1M2RkYmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYSg/5LFiMpG+G2KTicXCQQr7svL
sqowjwp3yoxn5SbOv4qcMqNUBKX+rNPG+sBxLd04K5bTwpTKnaEsG3rD/juXBL3/
qXIma354YGAEbnCLuHIW11gK6ZZJTTHYAFJkJM/H9dNUnxskxBCsflgOlvOuIWve
4fYDBa4QVuAdP/82buAtPjpSpQmX080NhjMtTyXTF6QXvPgL00u9JI7Uccy7kpjb
1UllOdB1W4OqMf0/NayOceZnjZPBVofk2It4Tf6txJI9AKXM/FmOSGDkleN0f+zj
eExbeK6kKwPkeZMDQ6sscDRg3VvEKx6m0yQUa9O4VWVcA6uWUJ3XE53ymwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFALZxadx9uqmNwXdmLJsWGpFPdvhMB8GA1UdIwQY
MBaAFOIEocLKSk2wMzdeNg3jI3kLpqW5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGdTaHdzcEtUYkF6TjE0MkRlTWplUXVtcGJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xMmU5MDUtNzg1NC00NzNjLTk1MGIt
Y2Y0YmQ0ZjNmMjlkLzEvQXRuRnAzSDI2cVkzQmQyWXNteFlha1U5Mi1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xMmU5MDUtNzg1NC00NzNjLTk1MGItY2Y0YmQ0ZjNmMjlk
LzEvNGdTaHdzcEtUYkF6TjE0MkRlTWplUXVtcGJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwVRwAwQA
w/hJMA0GCSqGSIb3DQEBCwUAA4IBAQCOm/Gz+G+DsZOg/SUzzJHpfB5OLt+IBcOv
0GkDpwpUApAK3o+7yLBsAtUJ6sDPAYzbr9GlibsEJT/8Zf7sv248HbQ2eQpy9zff
TTrvDg6uXvB3VMWFgZvjmkonakDrp4RIs1SSf2T9oXT4YMBqNSU8cVv25jvguVl0
qAp7baAaG+YaF08reYFVPhjzwr88H/FXL2uSM+h0oyjYOrWnVGvAapr4FxwjtpKI
vSbwJbkiwMSjpzvyQmaYH1UGFyPz3elmosPe4HiL/1xUBL/XHjEd3f+Sr83gqqj5
Jit0vFEq1c66cbUn4skQxs8PtWWtQoYk5hsqZoW7MXlDQ8drD/hK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:01 2025 by rpki-client