Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/be38dc-da15-4048-8851-de1dca379734/1/P7pnEROp1J8FrNTB6l6Kifjrosk.roa
File: P7pnEROp1J8FrNTB6l6Kifjrosk.roa (raw, json)
Hash identifier: nJzBjycIbI6badrWefUOxNLGyHoiy3sdHH+4+ujafl0=
Subject key identifier: 3F:BA:67:11:13:A9:D4:9F:05:AC:D4:C1:EA:5E:8A:89:F8:EB:A2:C9
Certificate issuer: /CN=efabc5c1330a3f0b0319bb16c44348cd1b819e44
Certificate serial: 0192991AA0ACF9ED16AFDB3F31EA70AC6F98
Authority key identifier: EF:AB:C5:C1:33:0A:3F:0B:03:19:BB:16:C4:43:48:CD:1B:81:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76vFwTMKPwsDGbsWxENIzRuBnkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/be38dc-da15-4048-8851-de1dca379734/1/P7pnEROp1J8FrNTB6l6Kifjrosk.roa
Signing time: Thu 17 Oct 2024 06:11:51 +0000
ROA not before: Thu 17 Oct 2024 06:11:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41549
IP address blocks: 194.0.212.0/24 maxlen: 24
2001:678:8ec::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:1a:a0:ac:f9:ed:16:af:db:3f:31:ea:70:ac:6f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efabc5c1330a3f0b0319bb16c44348cd1b819e44
Validity
Not Before: Oct 17 06:11:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fba671113a9d49f05acd4c1ea5e8a89f8eba2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c2:28:f7:43:68:29:47:77:5d:65:74:40:6e:
65:68:9f:bc:65:28:0b:3a:16:ab:82:20:54:d6:8a:
6c:50:0d:88:66:6c:90:3a:02:06:81:e9:3a:44:58:
13:3c:09:f4:0e:f5:96:2c:75:57:96:23:ba:e6:2c:
5e:c8:7e:d1:49:e8:58:44:2e:35:49:62:e6:7a:90:
30:0b:44:83:db:d3:ca:13:e9:32:02:2c:66:2a:51:
06:1f:19:5c:05:14:a6:5f:5a:65:f8:91:fb:18:06:
dc:fe:39:d0:f0:e8:a3:5b:e0:fc:ae:4e:43:e4:e1:
46:ac:fe:5a:63:0e:d4:f7:f2:10:cf:95:fb:c0:89:
10:5e:e2:14:b4:8e:46:64:4d:3c:50:f4:db:5f:31:
ad:de:4f:61:31:c4:f0:2d:2f:e3:ef:3c:17:31:5d:
de:12:7a:77:7e:1f:10:ac:31:25:df:3b:47:8d:64:
75:b1:28:f9:94:b2:1d:aa:2f:fe:8b:9f:21:40:d3:
70:7d:a5:79:bc:1f:68:c5:e7:68:2d:4d:a1:e1:f3:
f0:7b:ba:c6:7b:73:13:6a:22:e8:21:37:16:8d:5f:
8f:1c:e9:f9:8d:0b:8f:f2:df:7e:e2:ce:e4:b0:37:
28:8e:b2:e0:a0:32:ed:ee:5e:dc:de:36:73:b3:b5:
81:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:BA:67:11:13:A9:D4:9F:05:AC:D4:C1:EA:5E:8A:89:F8:EB:A2:C9
X509v3 Authority Key Identifier:
keyid:EF:AB:C5:C1:33:0A:3F:0B:03:19:BB:16:C4:43:48:CD:1B:81:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76vFwTMKPwsDGbsWxENIzRuBnkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/be38dc-da15-4048-8851-de1dca379734/1/P7pnEROp1J8FrNTB6l6Kifjrosk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/be38dc-da15-4048-8851-de1dca379734/1/76vFwTMKPwsDGbsWxENIzRuBnkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.212.0/24
IPv6:
2001:678:8ec::/48
Signature Algorithm: sha256WithRSAEncryption
67:7a:e6:7b:41:a7:bd:67:da:80:a4:85:e6:ca:0e:72:0a:a9:
3c:00:f2:34:1e:aa:c8:35:6a:aa:1c:12:e1:0a:14:c1:4c:0d:
af:56:79:7f:d8:29:28:31:0c:a4:be:c6:8b:dd:38:b0:13:bf:
87:49:69:d2:ff:02:18:c7:e5:1a:12:54:59:30:55:de:a2:ef:
e5:33:09:cd:47:0c:ca:41:15:a8:e4:b2:f7:07:51:bf:de:64:
d5:0e:ba:0d:b1:a9:96:72:a2:8d:3c:e6:a3:54:b1:c8:32:7b:
36:42:8e:b8:82:8f:ad:72:77:bc:c0:ea:43:58:a6:17:a6:27:
af:33:ad:ed:48:12:d0:ea:af:1e:e2:5f:50:0b:50:40:c9:59:
2b:de:d3:25:27:36:24:cd:53:be:c5:aa:cb:df:5a:c7:2b:d5:
75:23:74:4d:26:cf:d9:bd:56:16:fc:26:da:3c:be:12:81:17:
65:79:3e:03:78:35:de:d7:04:5e:9b:0a:d2:48:67:bd:a6:78:
39:32:ea:7d:03:a3:42:2e:62:b7:4e:fc:47:60:15:5b:22:a7:
af:34:1b:6f:bb:90:de:8b:95:06:a1:ac:a9:5e:f2:44:cf:3d:
76:38:83:38:b1:3a:b1:a2:4f:c5:ae:9b:e2:af:21:3c:97:fb:
ba:f0:27:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZKZGqCs+e0Wr9s/MepwrG+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYWJjNWMxMzMwYTNmMGIwMzE5YmIxNmM0NDM0OGNkMWI4
MTllNDQwHhcNMjQxMDE3MDYxMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmJhNjcxMTEzYTlkNDlmMDVhY2Q0YzFlYTVlOGE4OWY4ZWJhMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMIo90NoKUd3XWV0QG5laJ+8ZSgL
OhargiBU1opsUA2IZmyQOgIGgek6RFgTPAn0DvWWLHVXliO65ixeyH7RSehYRC41
SWLmepAwC0SD29PKE+kyAixmKlEGHxlcBRSmX1pl+JH7GAbc/jnQ8OijW+D8rk5D
5OFGrP5aYw7U9/IQz5X7wIkQXuIUtI5GZE08UPTbXzGt3k9hMcTwLS/j7zwXMV3e
Enp3fh8QrDEl3ztHjWR1sSj5lLIdqi/+i58hQNNwfaV5vB9oxedoLU2h4fPwe7rG
e3MTaiLoITcWjV+PHOn5jQuP8t9+4s7ksDcojrLgoDLt7l7c3jZzs7WBVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD+6ZxETqdSfBazUwepeion466LJMB8GA1UdIwQY
MBaAFO+rxcEzCj8LAxm7FsRDSM0bgZ5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZ2RndUTUtQd3NER2JzV3hFTkl6UnVCbmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9iZTM4ZGMtZGExNS00MDQ4LTg4NTEt
ZGUxZGNhMzc5NzM0LzEvUDdwbkVST3AxSjhGck5UQjZsNktpZmpyb3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9iZTM4ZGMtZGExNS00MDQ4LTg4NTEtZGUxZGNhMzc5NzM0
LzEvNzZ2RndUTUtQd3NER2JzV3hFTkl6UnVCbmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgDUMA8E
AgACMAkDBwAgAQZ4COwwDQYJKoZIhvcNAQELBQADggEBAGd65ntBp71n2oCkhebK
DnIKqTwA8jQeqsg1aqocEuEKFMFMDa9WeX/YKSgxDKS+xovdOLATv4dJadL/AhjH
5RoSVFkwVd6i7+UzCc1HDMpBFajksvcHUb/eZNUOug2xqZZyoo085qNUscgyezZC
jriCj61yd7zA6kNYphemJ68zre1IEtDqrx7iX1ALUEDJWSve0yUnNiTNU77Fqsvf
Wscr1XUjdE0mz9m9Vhb8Jto8vhKBF2V5PgN4Nd7XBF6bCtJIZ72meDky6n0Do0Iu
YrdO/EdgFVsip680G2+7kN6LlQahrKle8kTPPXY4gzixOrGiT8Wum+KvITyX+7rw
JxY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:42 2025 by rpki-client