Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/28Pth53wKhWgK1J2V3VEf5zc6dw.roa
File: 28Pth53wKhWgK1J2V3VEf5zc6dw.roa (raw, json)
Hash identifier: Dxnox5Uo6i9Gkwk4VTAU+c7xVJK2oc5ivhC+9xu5gFk=
Subject key identifier: DB:C3:ED:87:9D:F0:2A:15:A0:2B:52:76:57:75:44:7F:9C:DC:E9:DC
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 018CC3B6A765A79CA0A53C8E87DD6577910A
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/28Pth53wKhWgK1J2V3VEf5zc6dw.roa
Signing time: Mon 01 Jan 2024 06:29:36 +0000
ROA not before: Mon 01 Jan 2024 06:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211360
IP address blocks: 193.84.108.0/24 maxlen: 24
2a10:ba80::/31 maxlen: 31
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a7:65:a7:9c:a0:a5:3c:8e:87:dd:65:77:91:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 1 06:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbc3ed879df02a15a02b52765775447f9cdce9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:41:f9:38:2a:ba:d8:7c:9f:1c:b1:ad:30:fb:
78:62:f1:6e:fb:d7:aa:e9:ac:4a:57:d3:b1:31:80:
13:b8:00:ff:16:d1:75:40:c9:e2:04:46:5d:d5:d1:
17:d2:5f:c3:49:96:c3:9a:e7:fe:19:27:54:16:26:
7c:20:81:43:fd:52:5d:be:3c:45:ce:4e:61:8b:ba:
f1:b1:47:9c:79:fa:ea:20:b4:29:82:60:86:60:97:
5d:35:38:4b:a1:d0:eb:8c:0d:23:bc:32:de:4b:b4:
ae:c3:67:63:a7:91:6d:71:20:8f:84:cc:ed:a4:65:
53:c5:3b:db:17:90:2a:27:9e:3a:5a:a7:e2:55:ef:
75:b4:af:2c:4f:34:ea:a9:a6:37:27:03:08:84:75:
10:b5:0a:b2:23:77:96:2a:90:f5:20:5b:f3:c8:aa:
f8:f2:68:39:dd:fd:36:68:ce:2d:ae:95:c4:08:02:
87:77:19:90:52:da:87:60:49:c1:e7:92:e2:77:6c:
30:18:c0:4f:f6:8d:b6:f1:7a:ce:43:d3:05:ba:97:
0d:8c:44:84:2f:a8:60:42:b9:f4:10:6f:82:9a:eb:
66:c3:7b:6d:e1:6c:ba:4f:86:5b:99:2f:8d:1e:e7:
09:0e:0d:0c:7b:ae:ae:dd:6c:e1:38:6f:34:1e:ad:
5c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:C3:ED:87:9D:F0:2A:15:A0:2B:52:76:57:75:44:7F:9C:DC:E9:DC
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/28Pth53wKhWgK1J2V3VEf5zc6dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.108.0/24
IPv6:
2a10:ba80::/31
Signature Algorithm: sha256WithRSAEncryption
11:2f:04:c2:97:c0:ea:ae:08:3f:58:d5:a6:53:24:40:43:33:
9b:ab:a1:7f:fe:35:4b:49:5f:33:c8:67:23:41:91:89:55:b8:
18:63:a5:e6:b1:da:88:7d:86:fa:14:2c:73:ec:4f:5c:41:0d:
20:58:fd:03:18:1b:21:91:33:13:30:cc:62:d5:dc:9a:d7:fd:
09:25:51:24:b9:c2:e8:3a:4d:79:f3:46:db:d3:7e:c7:b7:89:
72:69:9b:c3:97:20:a5:05:e1:24:c8:c0:9a:e2:c3:9f:d8:f3:
23:55:ad:3d:0d:06:f7:02:d6:04:27:71:70:30:1c:7f:21:84:
9f:42:ae:ad:24:fa:aa:08:92:b7:a8:22:3c:84:fa:2f:56:19:
1a:ac:07:51:94:90:4b:1e:3d:e7:b5:88:08:67:43:2a:15:6d:
bf:08:35:ee:35:3a:2f:ff:3f:85:8f:46:27:04:93:59:11:e1:
d3:9d:79:9f:de:76:54:bd:84:18:d0:7a:07:7f:40:58:63:86:
01:14:47:6c:90:00:ab:46:6f:d4:7d:20:dd:86:06:76:cd:8f:
87:ba:83:72:8d:b8:18:20:86:9a:b0:d0:6d:39:47:e2:1a:fd:
6f:a6:89:7f:f0:a5:23:06:17:6a:3e:e3:80:45:12:01:87:28:
01:35:f8:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtqdlp5ygpTyOh91ld5EKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjQwMTAxMDYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmMzZWQ4NzlkZjAyYTE1YTAyYjUyNzY1Nzc1NDQ3ZjljZGNlOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEH5OCq62HyfHLGtMPt4YvFu+9eq
6axKV9OxMYATuAD/FtF1QMniBEZd1dEX0l/DSZbDmuf+GSdUFiZ8IIFD/VJdvjxF
zk5hi7rxsUecefrqILQpgmCGYJddNThLodDrjA0jvDLeS7Suw2djp5FtcSCPhMzt
pGVTxTvbF5AqJ546WqfiVe91tK8sTzTqqaY3JwMIhHUQtQqyI3eWKpD1IFvzyKr4
8mg53f02aM4trpXECAKHdxmQUtqHYEnB55Lid2wwGMBP9o228XrOQ9MFupcNjESE
L6hgQrn0EG+Cmutmw3tt4Wy6T4ZbmS+NHucJDg0Me66u3WzhOG80Hq1caQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNvD7Yed8CoVoCtSdld1RH+c3OncMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvMjhQdGg1M3dLaFdnSzFKMlYzVkVmNXpjNmR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwVRsMA0E
AgACMAcDBQEqELqAMA0GCSqGSIb3DQEBCwUAA4IBAQARLwTCl8Dqrgg/WNWmUyRA
QzObq6F//jVLSV8zyGcjQZGJVbgYY6XmsdqIfYb6FCxz7E9cQQ0gWP0DGBshkTMT
MMxi1dya1/0JJVEkucLoOk1580bb037Ht4lyaZvDlyClBeEkyMCa4sOf2PMjVa09
DQb3AtYEJ3FwMBx/IYSfQq6tJPqqCJK3qCI8hPovVhkarAdRlJBLHj3ntYgIZ0Mq
FW2/CDXuNTov/z+Fj0YnBJNZEeHTnXmf3nZUvYQY0HoHf0BYY4YBFEdskACrRm/U
fSDdhgZ2zY+HuoNyjbgYIIaasNBtOUfiGv1vpol/8KUjBhdqPuOARRIBhygBNfhr
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:55 2025 by rpki-client