Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/e21325-9910-47e8-99cc-75a555c8fb41/1/KVdhPwRnYrCsJLhD0DFidKBOB8s.roa
File: KVdhPwRnYrCsJLhD0DFidKBOB8s.roa (raw, json)
Hash identifier: 5stLV1ENrqk0hpQCTZ/+ypSfs+nx/NZCNV6UJfQWrzg=
Subject key identifier: 29:57:61:3F:04:67:62:B0:AC:24:B8:43:D0:31:62:74:A0:4E:07:CB
Certificate issuer: /CN=4212e693e8e7fb8b31aa8553b30d95bef0483729
Certificate serial: 018CC726CECA5B84C2EE5CB3E0D04B9B29B2
Authority key identifier: 42:12:E6:93:E8:E7:FB:8B:31:AA:85:53:B3:0D:95:BE:F0:48:37:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhLmk-jn-4sxqoVTsw2VvvBINyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/e21325-9910-47e8-99cc-75a555c8fb41/1/KVdhPwRnYrCsJLhD0DFidKBOB8s.roa
Signing time: Mon 01 Jan 2024 22:30:58 +0000
ROA not before: Mon 01 Jan 2024 22:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9023
IP address blocks: 193.46.40.0/22 maxlen: 22
2001:67c:2418::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:ce:ca:5b:84:c2:ee:5c:b3:e0:d0:4b:9b:29:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4212e693e8e7fb8b31aa8553b30d95bef0483729
Validity
Not Before: Jan 1 22:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2957613f046762b0ac24b843d0316274a04e07cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ef:77:11:01:b3:76:51:37:89:0e:62:c9:d6:
19:82:1b:03:70:b6:45:c7:1e:4b:4b:89:66:0d:25:
75:fc:11:a9:bd:e1:2c:b0:d7:85:c8:9b:03:06:b3:
b8:a8:64:44:b9:43:a8:9c:8c:6d:c6:2f:e9:ae:86:
62:20:3e:fc:7b:3a:65:d1:19:26:38:88:59:56:3e:
19:32:b1:c3:bb:a8:eb:cc:a2:c8:7a:3d:93:be:f5:
9f:d2:93:cf:70:20:dd:0e:68:cd:36:61:7e:a3:18:
a6:71:3e:eb:80:00:b5:f6:3f:54:da:32:63:68:1c:
9c:b1:e3:68:8a:9d:55:9a:59:23:ca:df:90:7a:f8:
1a:48:24:a5:95:0d:3f:83:81:d2:6c:1a:48:8c:14:
82:8c:d1:23:b0:04:e4:fd:67:3e:a6:70:c8:5f:e2:
8f:a5:01:ab:ca:e8:80:6e:03:d9:5c:aa:ae:f6:04:
a6:1c:f4:fd:6f:bf:c2:12:29:92:bd:ef:10:e1:9a:
67:ed:63:d4:04:32:49:36:66:0f:be:41:23:9e:c9:
d9:09:fa:a6:2c:fb:37:47:3b:cc:55:03:97:a1:35:
b9:fe:ce:c0:bc:04:35:0f:a7:37:ec:b0:9e:b2:87:
b2:39:6b:bc:46:7a:d1:a2:28:a8:ae:32:cb:9b:22:
8f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:57:61:3F:04:67:62:B0:AC:24:B8:43:D0:31:62:74:A0:4E:07:CB
X509v3 Authority Key Identifier:
keyid:42:12:E6:93:E8:E7:FB:8B:31:AA:85:53:B3:0D:95:BE:F0:48:37:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhLmk-jn-4sxqoVTsw2VvvBINyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e21325-9910-47e8-99cc-75a555c8fb41/1/KVdhPwRnYrCsJLhD0DFidKBOB8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e21325-9910-47e8-99cc-75a555c8fb41/1/QhLmk-jn-4sxqoVTsw2VvvBINyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.40.0/22
IPv6:
2001:67c:2418::/48
Signature Algorithm: sha256WithRSAEncryption
aa:2d:97:bd:61:2f:bc:47:03:ef:06:3f:c6:da:c6:e8:3d:bf:
4a:b5:bd:fe:38:c5:f6:5d:39:08:12:fd:f3:26:f3:47:1e:02:
8a:30:f3:4a:a7:d8:ad:d3:52:77:a3:65:bb:28:4f:fc:63:c7:
3d:b5:4e:56:4c:9f:28:04:b2:49:a3:7f:f9:cf:b5:5b:3d:bf:
80:ba:2a:40:34:38:59:41:39:60:26:b9:ec:76:dc:e5:b6:17:
3d:8d:06:b4:c0:d8:db:3e:15:1f:02:15:a3:37:37:3b:0b:d4:
e8:d9:34:ad:9d:ae:6a:85:a4:48:30:d7:af:cf:c0:6e:5e:1d:
15:7b:63:cd:c4:10:d1:5f:74:7c:00:15:3d:20:e1:5f:33:72:
14:23:4e:f4:a6:9b:8e:9d:30:af:43:2f:7c:88:dc:1e:12:9f:
af:7d:11:8e:db:c2:a6:be:af:7b:81:a1:39:fb:20:d0:3b:9a:
7c:d4:79:bc:2c:37:08:6f:6a:a0:27:90:5b:29:92:e4:6f:b7:
bc:62:aa:29:24:a8:d8:25:af:ee:0f:73:c7:a9:09:ad:21:91:
23:8a:c9:a5:7f:be:91:6f:9c:9b:85:ec:27:37:5e:66:36:8b:
52:15:f8:49:bf:8b:58:d1:e9:a0:dd:50:82:f1:6a:5c:f4:5a:
c9:52:db:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJs7KW4TC7lyz4NBLmymyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTJlNjkzZThlN2ZiOGIzMWFhODU1M2IzMGQ5NWJlZjA0
ODM3MjkwHhcNMjQwMTAxMjIzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU3NjEzZjA0Njc2MmIwYWMyNGI4NDNkMDMxNjI3NGEwNGUwN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+93EQGzdlE3iQ5iydYZghsDcLZF
xx5LS4lmDSV1/BGpveEssNeFyJsDBrO4qGREuUOonIxtxi/proZiID78ezpl0Rkm
OIhZVj4ZMrHDu6jrzKLIej2TvvWf0pPPcCDdDmjNNmF+oximcT7rgAC19j9U2jJj
aBycseNoip1Vmlkjyt+QevgaSCSllQ0/g4HSbBpIjBSCjNEjsATk/Wc+pnDIX+KP
pQGryuiAbgPZXKqu9gSmHPT9b7/CEimSve8Q4Zpn7WPUBDJJNmYPvkEjnsnZCfqm
LPs3RzvMVQOXoTW5/s7AvAQ1D6c37LCesoeyOWu8RnrRoiiorjLLmyKPbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFClXYT8EZ2KwrCS4Q9AxYnSgTgfLMB8GA1UdIwQY
MBaAFEIS5pPo5/uLMaqFU7MNlb7wSDcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhMbWstam4tNHN4cW9WVHN3MlZ2dkJJTnlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9lMjEzMjUtOTkxMC00N2U4LTk5Y2Mt
NzVhNTU1YzhmYjQxLzEvS1ZkaFB3Um5ZckNzSkxoRDBERmlkS0JPQjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9lMjEzMjUtOTkxMC00N2U4LTk5Y2MtNzVhNTU1YzhmYjQx
LzEvUWhMbWstam4tNHN4cW9WVHN3MlZ2dkJJTnlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwS4oMA8E
AgACMAkDBwAgAQZ8JBgwDQYJKoZIhvcNAQELBQADggEBAKotl71hL7xHA+8GP8ba
xug9v0q1vf44xfZdOQgS/fMm80ceAoow80qn2K3TUnejZbsoT/xjxz21TlZMnygE
skmjf/nPtVs9v4C6KkA0OFlBOWAmuex23OW2Fz2NBrTA2Ns+FR8CFaM3NzsL1OjZ
NK2drmqFpEgw16/PwG5eHRV7Y83EENFfdHwAFT0g4V8zchQjTvSmm46dMK9DL3yI
3B4Sn699EY7bwqa+r3uBoTn7INA7mnzUebwsNwhvaqAnkFspkuRvt7xiqikkqNgl
r+4Pc8epCa0hkSOKyaV/vpFvnJuF7Cc3XmY2i1IV+Em/i1jR6aDdUILxalz0WslS
210=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:29 2025 by rpki-client