Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/431Uh0xxr981v9H_4MBb_BRw6RU.roa
File: 431Uh0xxr981v9H_4MBb_BRw6RU.roa (raw, json)
Hash identifier: K1/LDrOrpKW23T7VPflYWIyP5IVZ971RZ+CF+Q3qWGM=
Subject key identifier: E3:7D:54:87:4C:71:AF:DF:35:BF:D1:FF:E0:C0:5B:FC:14:70:E9:15
Certificate issuer: /CN=5243ded745b05f4038e983fb9d78edf56f251346
Certificate serial: 019311F445A567F4B5F4BEF364ECEF84B6DA
Authority key identifier: 52:43:DE:D7:45:B0:5F:40:38:E9:83:FB:9D:78:ED:F5:6F:25:13:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UkPe10WwX0A46YP7nXjt9W8lE0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/431Uh0xxr981v9H_4MBb_BRw6RU.roa
Signing time: Sat 09 Nov 2024 17:24:01 +0000
ROA not before: Sat 09 Nov 2024 17:24:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200602
IP address blocks: 193.143.18.0/24 maxlen: 24
193.143.72.0/24 maxlen: 24
193.143.75.0/24 maxlen: 24
193.143.76.0/24 maxlen: 24
2a0f:8e40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:11:f4:45:a5:67:f4:b5:f4:be:f3:64:ec:ef:84:b6:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5243ded745b05f4038e983fb9d78edf56f251346
Validity
Not Before: Nov 9 17:24:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e37d54874c71afdf35bfd1ffe0c05bfc1470e915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b6:3f:13:02:9b:f7:b6:c5:18:ef:43:f8:54:
c2:26:4b:fc:1b:c9:29:2a:8a:2f:01:db:ff:d5:71:
5b:7e:c1:97:44:95:54:25:3c:e0:aa:be:6f:e0:db:
99:f2:6a:14:2f:c2:90:7f:b8:7a:46:55:6b:fd:c3:
93:3f:7d:6d:a7:a8:4e:63:07:17:6b:16:04:38:e7:
16:bd:0b:b0:f0:1c:a6:d9:fd:e0:3e:ce:3b:9d:32:
35:28:5e:ac:12:a5:ba:09:1a:2d:c6:f6:dc:1f:75:
ff:21:73:29:83:09:9a:23:c4:76:93:a5:6c:7c:3d:
fc:e5:ea:2b:f1:8a:cc:c0:df:85:36:c7:28:f6:2f:
5b:d2:2b:d7:2e:a8:a2:2e:b1:5f:02:8f:c9:71:c2:
60:d7:4b:e5:5a:39:8d:3a:3b:46:d7:7b:be:67:17:
10:50:39:72:71:41:dd:41:0e:bb:03:17:85:71:15:
a1:8c:13:35:25:a0:36:cf:26:8a:98:2b:c2:e7:fd:
10:b9:27:7a:55:6d:c3:56:ae:08:2a:f4:f4:83:1c:
e9:c0:07:04:db:36:ad:8d:1c:78:67:50:19:20:1a:
fe:9c:0c:d8:87:df:c0:2c:b0:8b:08:0c:8b:c3:ff:
e3:6d:a6:9a:33:02:61:9a:cd:b0:5b:85:52:4b:d1:
6b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7D:54:87:4C:71:AF:DF:35:BF:D1:FF:E0:C0:5B:FC:14:70:E9:15
X509v3 Authority Key Identifier:
keyid:52:43:DE:D7:45:B0:5F:40:38:E9:83:FB:9D:78:ED:F5:6F:25:13:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UkPe10WwX0A46YP7nXjt9W8lE0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/431Uh0xxr981v9H_4MBb_BRw6RU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/6633d5-8676-4ec4-a3fc-c536df5c274e/1/UkPe10WwX0A46YP7nXjt9W8lE0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.143.18.0/24
193.143.72.0/24
193.143.75.0-193.143.76.255
IPv6:
2a0f:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
a1:10:27:a9:b9:09:bb:c6:82:ff:d8:5f:13:30:05:13:c1:80:
ed:42:87:3e:e4:98:a8:f7:59:a4:41:56:56:03:d6:a9:6c:1c:
04:13:74:d9:0a:3d:57:af:51:4a:47:ee:21:8e:ed:c0:c2:67:
ec:6c:9b:43:f2:39:78:01:41:12:2b:fc:a9:a2:a1:e2:e5:3b:
13:a3:55:6a:ea:62:a9:f6:99:ba:fe:12:8a:a3:8e:d5:1a:ab:
c3:f4:29:08:e5:af:10:c5:91:bc:55:b2:0a:89:8a:60:04:11:
ac:04:d1:14:56:94:7b:2d:5f:93:bb:90:76:c9:85:78:27:79:
68:4c:07:61:06:56:90:f6:bc:fd:31:f2:b4:a2:fc:98:97:be:
ea:f3:38:3a:96:e7:84:d8:9f:25:87:eb:c1:7d:8b:3e:47:a6:
95:7c:53:79:9c:35:89:f5:ff:2f:2e:f5:4b:95:1b:33:9c:e5:
e8:17:49:e8:99:49:a3:77:73:d8:6b:2c:ce:c8:97:b4:7c:5b:
4c:ec:a7:6f:a8:36:7a:46:99:d6:c8:6f:1d:0a:c0:ed:a2:b1:
0c:b5:b3:d4:fd:57:1e:d7:14:7c:a1:ae:92:3c:83:64:20:1a:
bf:74:6a:27:3c:b2:31:78:7b:f6:de:aa:86:07:bc:03:20:f6:
06:6a:e3:a9
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZMR9EWlZ/S19L7zZOzvhLbaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNDNkZWQ3NDViMDVmNDAzOGU5ODNmYjlkNzhlZGY1NmYy
NTEzNDYwHhcNMjQxMTA5MTcyNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzdkNTQ4NzRjNzFhZmRmMzViZmQxZmZlMGMwNWJmYzE0NzBlOTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbY/EwKb97bFGO9D+FTCJkv8G8kp
KoovAdv/1XFbfsGXRJVUJTzgqr5v4NuZ8moUL8KQf7h6RlVr/cOTP31tp6hOYwcX
axYEOOcWvQuw8Bym2f3gPs47nTI1KF6sEqW6CRotxvbcH3X/IXMpgwmaI8R2k6Vs
fD385eor8YrMwN+FNsco9i9b0ivXLqiiLrFfAo/JccJg10vlWjmNOjtG13u+ZxcQ
UDlycUHdQQ67AxeFcRWhjBM1JaA2zyaKmCvC5/0QuSd6VW3DVq4IKvT0gxzpwAcE
2zatjRx4Z1AZIBr+nAzYh9/ALLCLCAyLw//jbaaaMwJhms2wW4VSS9FrbwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFON9VIdMca/fNb/R/+DAW/wUcOkVMB8GA1UdIwQY
MBaAFFJD3tdFsF9AOOmD+5147fVvJRNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWtQZTEwV3dYMEE0NllQN25YanQ5VzhsRTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni82NjMzZDUtODY3Ni00ZWM0LWEzZmMt
YzUzNmRmNWMyNzRlLzEvNDMxVWgweHhyOTgxdjlIXzRNQmJfQlJ3NlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni82NjMzZDUtODY3Ni00ZWM0LWEzZmMtYzUzNmRmNWMyNzRl
LzEvVWtQZTEwV3dYMEE0NllQN25YanQ5VzhsRTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwY8SAwQA
wY9IMAwDBADBj0sDBADBj0wwDQQCAAIwBwMFAyoPjkAwDQYJKoZIhvcNAQELBQAD
ggEBAKEQJ6m5CbvGgv/YXxMwBRPBgO1Chz7kmKj3WaRBVlYD1qlsHAQTdNkKPVev
UUpH7iGO7cDCZ+xsm0PyOXgBQRIr/KmioeLlOxOjVWrqYqn2mbr+EoqjjtUaq8P0
KQjlrxDFkbxVsgqJimAEEawE0RRWlHstX5O7kHbJhXgneWhMB2EGVpD2vP0x8rSi
/JiXvurzODqW54TYnyWH68F9iz5HppV8U3mcNYn1/y8u9UuVGzOc5egXSeiZSaN3
c9hrLM7Il7R8W0zsp2+oNnpGmdbIbx0KwO2isQy1s9T9Vx7XFHyhrpI8g2QgGr90
aic8sjF4e/beqoYHvAMg9gZq46k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:45 2025 by rpki-client