Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/8edca0-2706-4ec7-94eb-2b20894adec0/1/C_-arnkefbvNOXQCjDzbJxo_gyY.roa
File: C_-arnkefbvNOXQCjDzbJxo_gyY.roa (raw, json)
Hash identifier: i+/+9BUah7eTRvN/IFmxahi2UatdLVp3PN95tPUaD3o=
Subject key identifier: 0B:FF:9A:AE:79:1E:7D:BB:CD:39:74:02:8C:3C:DB:27:1A:3F:83:26
Certificate issuer: /CN=855dd93f2c7e6f522f2b2894b0359f6679bc8dfb
Certificate serial: 018CCA2B96337D4CBF94050A4A4A237412D2
Authority key identifier: 85:5D:D9:3F:2C:7E:6F:52:2F:2B:28:94:B0:35:9F:66:79:BC:8D:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hV3ZPyx-b1IvKyiUsDWfZnm8jfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/8edca0-2706-4ec7-94eb-2b20894adec0/1/C_-arnkefbvNOXQCjDzbJxo_gyY.roa
Signing time: Tue 02 Jan 2024 12:35:03 +0000
ROA not before: Tue 02 Jan 2024 12:35:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216453
IP address blocks: 193.7.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:96:33:7d:4c:bf:94:05:0a:4a:4a:23:74:12:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=855dd93f2c7e6f522f2b2894b0359f6679bc8dfb
Validity
Not Before: Jan 2 12:35:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bff9aae791e7dbbcd3974028c3cdb271a3f8326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:30:12:9c:c1:55:ce:1d:b2:aa:03:60:ad:ab:
35:61:ac:d2:82:1a:43:ba:a8:1c:ee:ba:b0:5d:a2:
90:a8:b5:c1:58:62:44:ef:4c:d4:6c:bf:8b:df:d0:
74:a5:cd:07:7b:a8:e9:8e:22:a0:4a:c9:a7:3a:ed:
b2:fb:8c:46:3c:ca:40:72:1f:e7:d3:fa:01:8f:c8:
f6:c6:75:f6:67:67:69:b4:2f:32:fe:83:07:e5:53:
ae:37:30:ae:a7:1e:7d:aa:01:54:9d:5f:b9:22:bc:
89:eb:84:a9:f1:2c:4c:6e:66:9c:db:62:7d:bb:a5:
23:42:f1:aa:ef:26:aa:48:4d:f1:22:4d:90:bf:e6:
4a:15:c5:6a:6e:a0:cf:8a:8f:c4:97:25:48:66:3b:
aa:c6:d8:d7:62:52:43:3c:0d:14:13:f0:f4:4b:e5:
15:3e:de:4f:60:e2:f2:f6:ea:c1:99:df:a4:4b:b4:
48:6a:e6:d1:5d:1c:52:31:da:1a:c2:a5:92:16:7d:
54:bc:ed:6a:7a:c5:9c:cb:fb:17:f7:2c:31:03:80:
4c:ab:a4:24:8a:70:c4:92:d6:fb:cb:c8:97:57:53:
e3:e1:2f:d2:cc:58:5a:ee:80:0e:be:6b:9c:91:13:
96:2c:ec:68:0b:a6:a8:b2:b2:2b:9b:f7:21:35:fa:
49:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:FF:9A:AE:79:1E:7D:BB:CD:39:74:02:8C:3C:DB:27:1A:3F:83:26
X509v3 Authority Key Identifier:
keyid:85:5D:D9:3F:2C:7E:6F:52:2F:2B:28:94:B0:35:9F:66:79:BC:8D:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hV3ZPyx-b1IvKyiUsDWfZnm8jfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/8edca0-2706-4ec7-94eb-2b20894adec0/1/C_-arnkefbvNOXQCjDzbJxo_gyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/8edca0-2706-4ec7-94eb-2b20894adec0/1/hV3ZPyx-b1IvKyiUsDWfZnm8jfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.7.209.0/24
Signature Algorithm: sha256WithRSAEncryption
47:10:62:d2:4b:89:74:a5:4b:4f:a8:bc:38:ab:8b:bb:03:db:
47:38:0d:c2:8c:5a:63:54:52:6b:da:7d:2f:ae:8e:69:09:26:
20:37:91:31:ac:4b:97:7a:99:d0:bf:12:f3:07:d2:59:b2:fa:
d4:39:4b:05:f1:46:de:97:b0:9f:1f:7f:d4:c5:49:3c:4f:2a:
72:ef:40:a1:d9:ef:65:23:64:0f:72:0c:5c:d4:1e:f7:82:7e:
a2:a8:24:a4:9e:1f:00:19:95:ee:ea:e6:d9:17:09:e8:96:6c:
cc:55:d3:ab:31:fd:1e:13:48:f2:6c:90:bc:7d:5c:25:90:e0:
16:a4:a7:3a:13:53:30:8a:02:2d:a0:97:d5:f6:bd:cb:bc:d7:
de:a4:78:f9:7b:ab:1e:a6:78:e7:32:75:1d:fe:5b:00:2a:8d:
34:17:da:48:c8:0c:55:d5:31:ee:17:39:05:58:af:3d:be:ea:
7c:e3:e5:ed:80:80:3f:f9:a9:d7:00:ad:d9:e8:92:91:74:a0:
c1:3e:ea:94:54:bf:62:ee:e6:a4:67:71:54:ca:fd:0e:43:9b:
bd:db:02:d1:e8:cc:27:6c:fc:1c:4d:8e:39:b4:21:95:bb:4b:
2a:95:a5:11:6f:ab:bd:3a:51:20:05:96:26:d6:ae:b8:90:1c:
27:2e:d6:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK5YzfUy/lAUKSkojdBLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NWRkOTNmMmM3ZTZmNTIyZjJiMjg5NGIwMzU5ZjY2Nzli
YzhkZmIwHhcNMjQwMTAyMTIzNTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmZmOWFhZTc5MWU3ZGJiY2QzOTc0MDI4YzNjZGIyNzFhM2Y4MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDASnMFVzh2yqgNgras1YazSghpD
uqgc7rqwXaKQqLXBWGJE70zUbL+L39B0pc0He6jpjiKgSsmnOu2y+4xGPMpAch/n
0/oBj8j2xnX2Z2dptC8y/oMH5VOuNzCupx59qgFUnV+5IryJ64Sp8SxMbmac22J9
u6UjQvGq7yaqSE3xIk2Qv+ZKFcVqbqDPio/ElyVIZjuqxtjXYlJDPA0UE/D0S+UV
Pt5PYOLy9urBmd+kS7RIaubRXRxSMdoawqWSFn1UvO1qesWcy/sX9ywxA4BMq6Qk
inDEktb7y8iXV1Pj4S/SzFha7oAOvmuckROWLOxoC6aosrIrm/chNfpJrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAv/mq55Hn27zTl0Aow82ycaP4MmMB8GA1UdIwQY
MBaAFIVd2T8sfm9SLysolLA1n2Z5vI37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFYzWlB5eC1iMUl2S3lpVXNEV2Zabm04amZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My84ZWRjYTAtMjcwNi00ZWM3LTk0ZWIt
MmIyMDg5NGFkZWMwLzEvQ18tYXJua2VmYnZOT1hRQ2pEemJKeG9fZ3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My84ZWRjYTAtMjcwNi00ZWM3LTk0ZWItMmIyMDg5NGFkZWMw
LzEvaFYzWlB5eC1iMUl2S3lpVXNEV2Zabm04amZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQfRMA0G
CSqGSIb3DQEBCwUAA4IBAQBHEGLSS4l0pUtPqLw4q4u7A9tHOA3CjFpjVFJr2n0v
ro5pCSYgN5ExrEuXepnQvxLzB9JZsvrUOUsF8Ubel7CfH3/UxUk8Typy70Ch2e9l
I2QPcgxc1B73gn6iqCSknh8AGZXu6ubZFwnolmzMVdOrMf0eE0jybJC8fVwlkOAW
pKc6E1MwigItoJfV9r3LvNfepHj5e6sepnjnMnUd/lsAKo00F9pIyAxV1THuFzkF
WK89vup84+XtgIA/+anXAK3Z6JKRdKDBPuqUVL9i7uakZ3FUyv0OQ5u92wLR6Mwn
bPwcTY45tCGVu0sqlaURb6u9OlEgBZYm1q64kBwnLtaZ
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:36:39 2025 by rpki-client