Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/a43850-02a2-4859-9bde-564ebdcf3f96/1/jdtmdNwPEglji36Uo3X_YpWq8qQ.roa
File: jdtmdNwPEglji36Uo3X_YpWq8qQ.roa (raw, json)
Hash identifier: kXNF3O3oqWUVfDc4jdBXKpBE4uOWNeUSiU5u/sX71nM=
Subject key identifier: 8D:DB:66:74:DC:0F:12:09:63:8B:7E:94:A3:75:FF:62:95:AA:F2:A4
Certificate issuer: /CN=7c3532e52eaafef948c42c8b1d51145cac9d4c96
Certificate serial: 018CC4245333FF204AEF8E7513672F83776D
Authority key identifier: 7C:35:32:E5:2E:AA:FE:F9:48:C4:2C:8B:1D:51:14:5C:AC:9D:4C:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fDUy5S6q_vlIxCyLHVEUXKydTJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/a43850-02a2-4859-9bde-564ebdcf3f96/1/jdtmdNwPEglji36Uo3X_YpWq8qQ.roa
Signing time: Mon 01 Jan 2024 08:29:24 +0000
ROA not before: Mon 01 Jan 2024 08:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204591
IP address blocks: 193.22.232.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:53:33:ff:20:4a:ef:8e:75:13:67:2f:83:77:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3532e52eaafef948c42c8b1d51145cac9d4c96
Validity
Not Before: Jan 1 08:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ddb6674dc0f1209638b7e94a375ff6295aaf2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:db:76:3c:93:91:85:0a:52:31:c8:76:bf:56:
f8:10:ab:d2:60:33:0c:d5:cb:a3:0e:9e:3a:54:82:
a8:e0:1a:a5:60:bb:bf:9e:f2:f6:35:0e:dd:e6:60:
31:67:98:63:a8:4b:fd:94:1c:d4:2d:75:6b:af:ed:
c4:b0:bc:4d:ec:4d:fb:10:37:54:de:b5:b3:66:14:
92:07:56:dd:05:5a:d3:de:46:c7:ab:b6:aa:20:f7:
93:ab:63:08:6b:64:9d:1a:47:5c:aa:72:d2:af:78:
18:95:bb:71:4b:43:43:cd:e7:d9:ca:5e:3f:3c:7b:
1e:60:d1:92:3b:b4:93:27:4d:70:52:08:75:6c:86:
6a:f7:c0:50:2c:19:ae:f7:77:f8:82:be:cf:bd:ab:
97:11:2e:57:84:35:29:2a:26:47:dd:f3:a8:dc:d1:
66:9d:b6:fe:73:7c:ba:10:c4:36:5c:df:fc:61:bf:
29:6a:a3:ab:e7:35:06:63:f4:fb:87:ee:93:5a:30:
d8:b9:63:76:a6:ab:a3:2d:9c:4c:1d:1b:32:9b:be:
af:05:65:6a:93:41:b5:b6:18:ad:b8:2d:97:a4:19:
e5:a2:76:5e:4b:8d:8c:16:75:0c:61:54:1a:76:09:
04:a9:ab:c9:a1:e2:6d:d9:ee:bd:4c:d6:f0:68:c4:
8e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:DB:66:74:DC:0F:12:09:63:8B:7E:94:A3:75:FF:62:95:AA:F2:A4
X509v3 Authority Key Identifier:
keyid:7C:35:32:E5:2E:AA:FE:F9:48:C4:2C:8B:1D:51:14:5C:AC:9D:4C:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fDUy5S6q_vlIxCyLHVEUXKydTJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/a43850-02a2-4859-9bde-564ebdcf3f96/1/jdtmdNwPEglji36Uo3X_YpWq8qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/a43850-02a2-4859-9bde-564ebdcf3f96/1/fDUy5S6q_vlIxCyLHVEUXKydTJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.232.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:54:25:fa:a9:86:ba:ca:76:b2:40:b6:93:76:5e:e0:12:e5:
16:e4:a9:73:73:b1:49:ce:9e:a4:ef:dd:14:87:b0:cd:9e:6f:
07:12:5b:6f:a4:2a:a9:e3:85:9e:f2:87:28:b8:a2:c7:58:1c:
af:2b:89:3d:fa:be:96:c7:65:f4:00:d1:b4:60:09:c9:ae:c5:
b2:06:42:ad:76:18:2e:27:d0:76:c1:6f:1a:5f:f1:f1:47:ac:
21:49:dd:48:42:37:ec:83:12:19:30:d2:76:94:33:fe:5c:a3:
67:0a:55:e4:e4:70:41:10:6f:71:e8:a1:13:3b:5b:e6:9c:4a:
95:06:7a:06:bd:51:07:ac:56:d3:a1:44:b2:c7:01:66:d7:c1:
9d:97:61:f0:73:cb:dd:e8:13:cc:90:06:64:97:79:fb:70:9d:
2e:4f:1c:18:cf:4d:5a:eb:c4:a1:46:a3:9c:02:43:49:38:94:
c8:e1:03:0e:1f:3f:d0:18:a2:fa:5c:5b:fc:ce:7b:84:f0:d8:
1a:02:0f:51:26:ff:ec:ff:1e:bb:10:73:da:c2:89:d4:e8:c3:
1c:7d:39:13:8f:8c:56:42:61:37:81:e7:71:45:cf:f7:91:43:
66:e6:8d:7a:11:0f:3c:de:63:c1:a8:04:11:f4:74:04:a9:04:
74:e2:d5:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFMz/yBK7451E2cvg3dtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMzUzMmU1MmVhYWZlZjk0OGM0MmM4YjFkNTExNDVjYWM5
ZDRjOTYwHhcNMjQwMTAxMDgyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGRiNjY3NGRjMGYxMjA5NjM4YjdlOTRhMzc1ZmY2Mjk1YWFmMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9t2PJORhQpSMch2v1b4EKvSYDMM
1cujDp46VIKo4BqlYLu/nvL2NQ7d5mAxZ5hjqEv9lBzULXVrr+3EsLxN7E37EDdU
3rWzZhSSB1bdBVrT3kbHq7aqIPeTq2MIa2SdGkdcqnLSr3gYlbtxS0NDzefZyl4/
PHseYNGSO7STJ01wUgh1bIZq98BQLBmu93f4gr7PvauXES5XhDUpKiZH3fOo3NFm
nbb+c3y6EMQ2XN/8Yb8paqOr5zUGY/T7h+6TWjDYuWN2pqujLZxMHRsym76vBWVq
k0G1thituC2XpBnlonZeS42MFnUMYVQadgkEqavJoeJt2e69TNbwaMSO5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI3bZnTcDxIJY4t+lKN1/2KVqvKkMB8GA1UdIwQY
MBaAFHw1MuUuqv75SMQsix1RFFysnUyWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkRVeTVTNnFfdmxJeEN5TEhWRVVYS3lkVEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9hNDM4NTAtMDJhMi00ODU5LTliZGUt
NTY0ZWJkY2YzZjk2LzEvamR0bWROd1BFZ2xqaTM2VW8zWF9ZcFdxOHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9hNDM4NTAtMDJhMi00ODU5LTliZGUtNTY0ZWJkY2YzZjk2
LzEvZkRVeTVTNnFfdmxJeEN5TEhWRVVYS3lkVEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwRboMA0G
CSqGSIb3DQEBCwUAA4IBAQCLVCX6qYa6ynayQLaTdl7gEuUW5Klzc7FJzp6k790U
h7DNnm8HEltvpCqp44We8ocouKLHWByvK4k9+r6Wx2X0ANG0YAnJrsWyBkKtdhgu
J9B2wW8aX/HxR6whSd1IQjfsgxIZMNJ2lDP+XKNnClXk5HBBEG9x6KETO1vmnEqV
BnoGvVEHrFbToUSyxwFm18Gdl2Hwc8vd6BPMkAZkl3n7cJ0uTxwYz01a68ShRqOc
AkNJOJTI4QMOHz/QGKL6XFv8znuE8NgaAg9RJv/s/x67EHPawonU6MMcfTkTj4xW
QmE3gedxRc/3kUNm5o16EQ883mPBqAQR9HQEqQR04tUB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:25 2025 by rpki-client