Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/vDzcgYpPVqHrzmI2nuoEayj2xao.roa
File: vDzcgYpPVqHrzmI2nuoEayj2xao.roa (raw, json)
Hash identifier: Mq6dMQKLNz4r0pGiEDIpH/F5ToFkkkJAiLsd9AHYDy8=
Subject key identifier: BC:3C:DC:81:8A:4F:56:A1:EB:CE:62:36:9E:EA:04:6B:28:F6:C5:AA
Certificate issuer: /CN=77ca53a8a5a03b055cb3f340fcbeb85d7ad487a8
Certificate serial: 0191FF05FF49F995D208F7C4A69CDBD3029B
Authority key identifier: 77:CA:53:A8:A5:A0:3B:05:5C:B3:F3:40:FC:BE:B8:5D:7A:D4:87:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8pTqKWgOwVcs_NA_L64XXrUh6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/vDzcgYpPVqHrzmI2nuoEayj2xao.roa
Signing time: Tue 17 Sep 2024 08:07:48 +0000
ROA not before: Tue 17 Sep 2024 08:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16019
IP address blocks: 188.94.232.0/21 maxlen: 21
2001:36c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:05:ff:49:f9:95:d2:08:f7:c4:a6:9c:db:d3:02:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77ca53a8a5a03b055cb3f340fcbeb85d7ad487a8
Validity
Not Before: Sep 17 08:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc3cdc818a4f56a1ebce62369eea046b28f6c5aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b6:b2:60:23:15:c6:cb:31:e6:05:84:e5:2e:
2d:cf:ff:79:6e:30:41:4d:44:e3:b9:0a:64:31:2d:
a9:5a:47:52:ca:04:3c:d5:fa:0e:31:3e:1f:26:f1:
12:7e:23:fd:f2:a5:9a:99:3b:04:5a:fc:9d:f7:34:
c8:49:9c:40:0d:4e:4b:08:02:da:12:2c:38:1e:e6:
7d:63:14:ce:7b:dd:39:a9:d0:89:68:76:11:6a:96:
12:a5:2c:93:8e:20:39:47:a2:73:52:f1:8c:39:5e:
d7:77:e2:4a:04:51:ed:6c:79:e6:4d:5a:a1:cf:2e:
ca:b9:74:11:5d:a7:5c:70:78:58:a9:5b:32:a3:9d:
44:10:43:c3:2f:6b:8d:77:1c:b2:fb:d9:02:66:6c:
de:14:bc:e1:57:0b:5b:2b:6c:3b:10:ba:ba:cf:46:
0b:29:d8:f5:77:64:c9:dd:b6:fe:0d:8d:f0:72:67:
a2:27:c6:21:80:49:7e:b8:f9:19:bd:90:4f:49:62:
84:7d:ba:56:19:2a:39:34:c2:e7:65:c6:11:55:42:
b8:4d:68:d6:e0:6b:08:0b:ac:f0:44:5b:df:1d:3a:
33:d7:76:7b:4d:24:fc:cb:c2:ad:0e:fc:dd:66:11:
4e:7c:a5:3d:36:ec:91:af:e4:4b:c7:19:7c:76:4d:
5a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3C:DC:81:8A:4F:56:A1:EB:CE:62:36:9E:EA:04:6B:28:F6:C5:AA
X509v3 Authority Key Identifier:
keyid:77:CA:53:A8:A5:A0:3B:05:5C:B3:F3:40:FC:BE:B8:5D:7A:D4:87:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8pTqKWgOwVcs_NA_L64XXrUh6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/vDzcgYpPVqHrzmI2nuoEayj2xao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/0d79a4-88ae-42e4-928c-cc3e78f62dc2/1/d8pTqKWgOwVcs_NA_L64XXrUh6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.94.232.0/21
IPv6:
2001:36c0::/32
Signature Algorithm: sha256WithRSAEncryption
02:2e:c4:63:1e:ec:c0:5b:0b:aa:04:b1:e7:24:b2:6a:2d:3a:
07:43:51:72:71:21:93:31:35:00:bd:6b:c3:56:20:77:6f:af:
a3:78:b4:4c:4c:4a:25:35:41:20:87:32:50:fb:66:f5:df:ca:
b2:9a:f1:49:be:94:0f:50:2b:e9:c7:08:bd:30:2d:0c:df:fa:
30:eb:de:e5:6c:d2:59:b1:65:1d:10:ce:d8:db:1c:9a:57:36:
c9:60:8e:ca:79:46:70:1e:f7:70:3a:8c:5b:50:5a:ae:2f:5b:
f7:15:62:ad:31:79:c3:0a:1b:00:e0:f7:bc:4d:02:41:6c:8f:
a5:c4:85:19:0b:84:16:6a:81:1b:99:48:ac:39:b0:d1:61:96:
6b:ad:99:1d:ce:a4:7e:aa:48:4e:4a:f1:f0:8f:7c:85:cf:e7:
aa:1d:cf:1b:b0:3b:4a:aa:5a:77:9c:f0:a5:a6:e1:c3:cf:cf:
c9:3a:40:4e:c4:56:34:bc:2a:73:e2:5b:85:95:8d:e5:e7:2b:
14:1a:c2:d1:12:4c:e9:c3:0a:21:d1:06:06:97:a3:68:60:d1:
95:28:77:84:b7:01:76:86:27:c6:fc:d6:98:a3:fa:7e:9f:03:
4f:62:46:89:08:50:a3:94:6e:38:a0:6d:c1:1d:44:31:df:7f:
27:38:6e:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZH/Bf9J+ZXSCPfEppzb0wKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3Y2E1M2E4YTVhMDNiMDU1Y2IzZjM0MGZjYmViODVkN2Fk
NDg3YTgwHhcNMjQwOTE3MDgwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNjZGM4MThhNGY1NmExZWJjZTYyMzY5ZWVhMDQ2YjI4ZjZjNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbayYCMVxssx5gWE5S4tz/95bjBB
TUTjuQpkMS2pWkdSygQ81foOMT4fJvESfiP98qWamTsEWvyd9zTISZxADU5LCALa
Eiw4HuZ9YxTOe905qdCJaHYRapYSpSyTjiA5R6JzUvGMOV7Xd+JKBFHtbHnmTVqh
zy7KuXQRXadccHhYqVsyo51EEEPDL2uNdxyy+9kCZmzeFLzhVwtbK2w7ELq6z0YL
Kdj1d2TJ3bb+DY3wcmeiJ8YhgEl+uPkZvZBPSWKEfbpWGSo5NMLnZcYRVUK4TWjW
4GsIC6zwRFvfHToz13Z7TST8y8KtDvzdZhFOfKU9NuyRr+RLxxl8dk1a4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLw83IGKT1ah685iNp7qBGso9sWqMB8GA1UdIwQY
MBaAFHfKU6iloDsFXLPzQPy+uF161IeoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDhwVHFLV2dPd1Zjc19OQV9MNjRYWHJVaDZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wZDc5YTQtODhhZS00MmU0LTkyOGMt
Y2MzZTc4ZjYyZGMyLzEvdkR6Y2dZcFBWcUhyem1JMm51b0VheWoyeGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wZDc5YTQtODhhZS00MmU0LTkyOGMtY2MzZTc4ZjYyZGMy
LzEvZDhwVHFLV2dPd1Zjc19OQV9MNjRYWHJVaDZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDvF7oMA0E
AgACMAcDBQAgATbAMA0GCSqGSIb3DQEBCwUAA4IBAQACLsRjHuzAWwuqBLHnJLJq
LToHQ1FycSGTMTUAvWvDViB3b6+jeLRMTEolNUEghzJQ+2b138qymvFJvpQPUCvp
xwi9MC0M3/ow697lbNJZsWUdEM7Y2xyaVzbJYI7KeUZwHvdwOoxbUFquL1v3FWKt
MXnDChsA4Pe8TQJBbI+lxIUZC4QWaoEbmUisObDRYZZrrZkdzqR+qkhOSvHwj3yF
z+eqHc8bsDtKqlp3nPClpuHDz8/JOkBOxFY0vCpz4luFlY3l5ysUGsLREkzpwwoh
0QYGl6NoYNGVKHeEtwF2hifG/NaYo/p+nwNPYkaJCFCjlG44oG3BHUQx338nOG4Z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:33 2025 by rpki-client