Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/N_qYUkaIb2FHrvhvuqZlAeCEGA0.roa
File: N_qYUkaIb2FHrvhvuqZlAeCEGA0.roa (raw, json)
Hash identifier: XQGUSq+Gh7zamrvtmNUUJYmXfatCTQeJbPQVl12rKK8=
Subject key identifier: 37:FA:98:52:46:88:6F:61:47:AE:F8:6F:BA:A6:65:01:E0:84:18:0D
Certificate issuer: /CN=cd3c110dfd77f57757391c0faedeebe36086571d
Certificate serial: 018CC26D18F3C1C657B1FF59375082FD4C4A
Authority key identifier: CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/N_qYUkaIb2FHrvhvuqZlAeCEGA0.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43598
IP address blocks: 193.187.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:18:f3:c1:c6:57:b1:ff:59:37:50:82:fd:4c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3c110dfd77f57757391c0faedeebe36086571d
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37fa985246886f6147aef86fbaa66501e084180d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:33:11:92:87:f6:24:59:07:1b:31:35:b2:ff:
fb:15:f2:d8:86:d0:36:07:4d:7c:48:6e:41:6d:9c:
6c:f6:d6:dc:3d:f8:0d:99:d2:3c:69:1b:91:91:43:
4a:57:11:78:f8:d5:2f:3e:c8:c0:84:ff:5d:2e:b8:
ea:2a:2b:b4:6d:09:54:e1:d5:98:53:6c:ce:b9:03:
c7:f5:d2:0a:39:1d:71:fe:8e:03:cc:4e:6b:82:9f:
bc:87:b5:1a:37:aa:8e:2d:33:86:de:b7:06:6d:a9:
b8:b9:75:ca:c6:73:79:4d:3a:6c:52:61:ea:5d:7c:
86:ff:83:a0:29:16:8e:96:c6:2a:5c:e0:44:8b:fc:
08:68:2f:2c:43:4c:7e:5d:97:35:04:9c:04:bc:cd:
2b:b8:64:af:0d:65:d5:1a:10:ca:1a:5f:1b:8b:f1:
89:66:33:d5:4a:11:e0:94:83:33:f0:1f:5b:d9:48:
00:a8:c6:32:4c:ea:af:c6:78:c0:01:64:83:0b:55:
0a:b4:1a:1b:be:e4:2b:29:e7:1d:0f:a1:d7:11:60:
3a:51:b4:77:ae:64:94:56:a3:c5:16:6d:1a:b0:d7:
8e:c0:87:46:ce:3f:fd:c0:ec:88:bc:f9:23:d2:19:
e0:d5:f2:3e:23:23:70:ae:df:6f:ec:ba:ff:19:52:
9b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:FA:98:52:46:88:6F:61:47:AE:F8:6F:BA:A6:65:01:E0:84:18:0D
X509v3 Authority Key Identifier:
keyid:CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/N_qYUkaIb2FHrvhvuqZlAeCEGA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.187.192.0/22
Signature Algorithm: sha256WithRSAEncryption
21:87:90:01:dc:89:8f:94:00:2c:76:fb:56:cb:58:3a:80:a0:
22:77:6d:17:48:cb:f8:77:0e:b6:b6:16:3d:f6:9c:cb:cf:0e:
08:43:af:1c:32:77:97:7b:1f:1d:13:e5:7f:21:d6:84:91:14:
c7:58:66:fd:6f:bb:75:fd:c4:7e:6f:e2:7b:fb:d7:b6:6d:a2:
2b:7b:13:c8:0b:24:ab:c1:8b:fb:d6:11:e5:05:8f:00:9b:73:
5f:2f:5d:5c:2c:7b:c6:9a:dd:f8:ae:4a:6f:bf:fc:16:44:ad:
55:d6:a9:c9:c9:ad:95:72:93:f6:49:a6:2f:63:9c:0f:61:ea:
43:59:1e:74:7a:7d:6f:7a:9e:39:59:48:fe:ee:76:85:6c:85:
33:2f:2d:30:f2:c3:96:a9:86:71:65:50:fa:8d:4a:70:80:5c:
fa:be:0b:c4:fb:df:71:b3:b4:96:4e:5d:ce:7f:88:e0:68:0d:
00:dc:1f:c6:95:ff:c2:7d:9d:39:a9:59:c7:48:f9:34:c6:39:
89:4a:ff:89:f3:31:93:a0:82:6c:de:a4:9b:4d:bc:1b:8c:cc:
97:98:4e:fd:fd:b7:06:48:6d:f5:49:fa:a5:0e:98:48:68:c7:
20:01:12:11:1d:a6:ab:65:69:3d:22:75:9f:a2:53:06:11:e9:
5c:6b:79:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbRjzwcZXsf9ZN1CC/UxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2MxMTBkZmQ3N2Y1Nzc1NzM5MWMwZmFlZGVlYmUzNjA4
NjU3MWQwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2ZhOTg1MjQ2ODg2ZjYxNDdhZWY4NmZiYWE2NjUwMWUwODQxODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDMRkof2JFkHGzE1sv/7FfLYhtA2
B018SG5BbZxs9tbcPfgNmdI8aRuRkUNKVxF4+NUvPsjAhP9dLrjqKiu0bQlU4dWY
U2zOuQPH9dIKOR1x/o4DzE5rgp+8h7UaN6qOLTOG3rcGbam4uXXKxnN5TTpsUmHq
XXyG/4OgKRaOlsYqXOBEi/wIaC8sQ0x+XZc1BJwEvM0ruGSvDWXVGhDKGl8bi/GJ
ZjPVShHglIMz8B9b2UgAqMYyTOqvxnjAAWSDC1UKtBobvuQrKecdD6HXEWA6UbR3
rmSUVqPFFm0asNeOwIdGzj/9wOyIvPkj0hng1fI+IyNwrt9v7Lr/GVKbuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDf6mFJGiG9hR674b7qmZQHghBgNMB8GA1UdIwQY
MBaAFM08EQ39d/V3VzkcD67e6+NghlcdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYt
NmMwMmVjMTliODA5LzEvTl9xWVVrYUliMkZIcnZodnVxWmxBZUNFR0EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYtNmMwMmVjMTliODA5
LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwbvAMA0G
CSqGSIb3DQEBCwUAA4IBAQAhh5AB3ImPlAAsdvtWy1g6gKAid20XSMv4dw62thY9
9pzLzw4IQ68cMneXex8dE+V/IdaEkRTHWGb9b7t1/cR+b+J7+9e2baIrexPICySr
wYv71hHlBY8Am3NfL11cLHvGmt34rkpvv/wWRK1V1qnJya2VcpP2SaYvY5wPYepD
WR50en1vep45WUj+7naFbIUzLy0w8sOWqYZxZVD6jUpwgFz6vgvE+99xs7SWTl3O
f4jgaA0A3B/Glf/CfZ05qVnHSPk0xjmJSv+J8zGToIJs3qSbTbwbjMyXmE79/bcG
SG31SfqlDphIaMcgARIRHaarZWk9InWfolMGEelca3k0
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:47 2025 by rpki-client