Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ca4815-0e00-49bf-88f5-caca8b80c91c/1/BcUswtxymwzYduqEQIH5hHnHC8s.roa
File: BcUswtxymwzYduqEQIH5hHnHC8s.roa (raw, json)
Hash identifier: gGCClIz6VX+uIWheQ90JLTbV/0qrq4VKnqp0vgGMPos=
Subject key identifier: 05:C5:2C:C2:DC:72:9B:0C:D8:76:EA:84:40:81:F9:84:79:C7:0B:CB
Certificate issuer: /CN=67c3acf929a22338f2b380180cc852db4779aad0
Certificate serial: 0193CEBF47DEB5AF02825AC7E7F23BFD6F45
Authority key identifier: 67:C3:AC:F9:29:A2:23:38:F2:B3:80:18:0C:C8:52:DB:47:79:AA:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8Os-SmiIzjys4AYDMhS20d5qtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ca4815-0e00-49bf-88f5-caca8b80c91c/1/BcUswtxymwzYduqEQIH5hHnHC8s.roa
Signing time: Mon 16 Dec 2024 09:14:22 +0000
ROA not before: Mon 16 Dec 2024 09:14:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34380
IP address blocks: 193.43.244.0/22 maxlen: 24
193.43.244.0/24 maxlen: 24
193.43.245.0/24 maxlen: 24
193.43.246.0/24 maxlen: 24
193.43.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:bf:47:de:b5:af:02:82:5a:c7:e7:f2:3b:fd:6f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67c3acf929a22338f2b380180cc852db4779aad0
Validity
Not Before: Dec 16 09:14:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05c52cc2dc729b0cd876ea844081f98479c70bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1e:31:c0:4f:67:f3:c1:53:34:66:c9:5a:da:
6f:6a:18:3d:f3:5c:10:b6:d9:d3:e6:83:50:07:3d:
0e:01:ab:ec:18:c3:af:a0:1c:0a:ab:f3:b0:f5:2c:
aa:0e:14:51:ea:5b:34:de:fd:ea:7b:48:55:1e:1c:
a9:ed:27:78:8b:c7:01:8c:6c:d7:23:27:28:dc:7f:
7c:85:2a:2a:83:25:08:a6:f2:51:af:c2:5c:f1:b8:
80:55:34:0e:4a:59:7b:82:7e:2b:6c:48:75:8f:68:
ea:4f:8f:7c:48:57:b3:9a:eb:02:4e:9c:32:5a:51:
02:f9:bf:45:b3:8e:12:14:6f:ba:66:5c:f6:56:30:
58:d7:d5:8b:97:3f:01:14:ac:a9:7c:84:27:f0:0f:
62:58:8a:79:3d:ad:3e:6e:62:61:09:ee:b6:f2:e8:
3f:9f:2d:49:4b:26:6b:d6:18:72:e3:9e:ee:cc:a7:
b5:7a:77:8b:29:93:69:bf:9a:94:e3:a0:bd:67:a8:
ad:aa:37:5d:a3:26:0c:7b:46:6c:1f:00:3f:23:b6:
34:7e:8b:d3:22:47:40:0e:b9:57:23:de:b2:01:00:
2d:e1:3f:48:36:52:47:6c:87:95:96:45:4c:20:7d:
40:c9:31:6d:80:fb:0c:3d:b7:0d:4c:52:77:6c:28:
47:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C5:2C:C2:DC:72:9B:0C:D8:76:EA:84:40:81:F9:84:79:C7:0B:CB
X509v3 Authority Key Identifier:
keyid:67:C3:AC:F9:29:A2:23:38:F2:B3:80:18:0C:C8:52:DB:47:79:AA:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8Os-SmiIzjys4AYDMhS20d5qtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ca4815-0e00-49bf-88f5-caca8b80c91c/1/BcUswtxymwzYduqEQIH5hHnHC8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ca4815-0e00-49bf-88f5-caca8b80c91c/1/Z8Os-SmiIzjys4AYDMhS20d5qtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.244.0/22
Signature Algorithm: sha256WithRSAEncryption
46:f3:81:8c:18:ec:dd:df:69:4b:e1:67:5d:fb:03:96:56:a4:
0a:d7:d1:d5:ee:0b:07:98:04:44:3a:7b:0e:e1:7b:b7:58:94:
48:15:37:bb:22:3c:17:94:96:97:e6:3e:d8:c3:eb:4f:af:1b:
34:74:40:65:ef:bb:84:fb:69:b2:62:a0:fb:dd:fa:ea:77:7f:
c2:02:7b:dc:ff:77:05:a7:ed:98:f9:d1:dc:02:1c:13:da:c2:
94:84:e0:d9:2e:28:ce:1e:c5:8b:87:99:ff:d9:f9:6f:63:cf:
1d:8a:06:93:18:b8:9b:27:87:50:4f:ac:0c:ff:67:45:65:03:
4d:77:1c:19:06:64:a9:96:86:11:18:9b:04:75:ec:2d:04:eb:
e1:81:1b:70:54:fa:13:86:50:cb:e4:4a:4d:59:a0:33:6a:22:
a9:c7:6a:fe:22:8e:ef:45:77:b8:d9:82:6c:ed:2a:33:cd:70:
52:a9:aa:fc:85:14:58:b0:a9:8f:eb:bf:f9:51:cd:ea:8d:59:
35:5f:e7:7d:6d:2d:b3:1c:13:1f:e4:81:5c:59:14:69:e4:8a:
68:7d:a4:26:12:45:7f:df:d9:4e:4c:b4:b6:3d:53:79:14:a2:
02:18:d0:fb:df:eb:5a:4a:14:a7:e1:ab:ee:a4:71:c9:7f:a6:
72:57:fc:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPOv0feta8CglrH5/I7/W9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YzNhY2Y5MjlhMjIzMzhmMmIzODAxODBjYzg1MmRiNDc3
OWFhZDAwHhcNMjQxMjE2MDkxNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM1MmNjMmRjNzI5YjBjZDg3NmVhODQ0MDgxZjk4NDc5YzcwYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB4xwE9n88FTNGbJWtpvahg981wQ
ttnT5oNQBz0OAavsGMOvoBwKq/Ow9SyqDhRR6ls03v3qe0hVHhyp7Sd4i8cBjGzX
Iyco3H98hSoqgyUIpvJRr8Jc8biAVTQOSll7gn4rbEh1j2jqT498SFezmusCTpwy
WlEC+b9Fs44SFG+6Zlz2VjBY19WLlz8BFKypfIQn8A9iWIp5Pa0+bmJhCe628ug/
ny1JSyZr1hhy457uzKe1eneLKZNpv5qU46C9Z6itqjddoyYMe0ZsHwA/I7Y0fovT
IkdADrlXI96yAQAt4T9INlJHbIeVlkVMIH1AyTFtgPsMPbcNTFJ3bChHwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXFLMLccpsM2HbqhECB+YR5xwvLMB8GA1UdIwQY
MBaAFGfDrPkpoiM48rOAGAzIUttHearQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhPcy1TbWlJemp5czRBWURNaFMyMGQ1cXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9jYTQ4MTUtMGUwMC00OWJmLTg4ZjUt
Y2FjYThiODBjOTFjLzEvQmNVc3d0eHltd3pZZHVxRVFJSDVoSG5IQzhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9jYTQ4MTUtMGUwMC00OWJmLTg4ZjUtY2FjYThiODBjOTFj
LzEvWjhPcy1TbWlJemp5czRBWURNaFMyMGQ1cXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSv0MA0G
CSqGSIb3DQEBCwUAA4IBAQBG84GMGOzd32lL4Wdd+wOWVqQK19HV7gsHmAREOnsO
4Xu3WJRIFTe7IjwXlJaX5j7Yw+tPrxs0dEBl77uE+2myYqD73frqd3/CAnvc/3cF
p+2Y+dHcAhwT2sKUhODZLijOHsWLh5n/2flvY88digaTGLibJ4dQT6wM/2dFZQNN
dxwZBmSploYRGJsEdewtBOvhgRtwVPoThlDL5EpNWaAzaiKpx2r+Io7vRXe42YJs
7SozzXBSqar8hRRYsKmP67/5Uc3qjVk1X+d9bS2zHBMf5IFcWRRp5IpofaQmEkV/
39lOTLS2PVN5FKICGND73+taShSn4avupHHJf6ZyV/wF
-----END CERTIFICATE-----
Generated at Sun Apr 13 13:57:09 2025 by rpki-client