Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/deac8a-8013-4c8c-b471-9e573e710958/1/eXF7bAwSBX7l-vhKY9MjShTdXRk.roa
File: eXF7bAwSBX7l-vhKY9MjShTdXRk.roa (raw, json)
Hash identifier: fztx6qbZVo6GVfmCldYhUQnB9xQqvbM8DaeIhFHzhYQ=
Subject key identifier: 79:71:7B:6C:0C:12:05:7E:E5:FA:F8:4A:63:D3:23:4A:14:DD:5D:19
Certificate issuer: /CN=a7ef66cb7cc350345852be9bdd75455782afe4dd
Certificate serial: 018CC5DBF962FB3D9336311661B8CB85E580
Authority key identifier: A7:EF:66:CB:7C:C3:50:34:58:52:BE:9B:DD:75:45:57:82:AF:E4:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-9my3zDUDRYUr6b3XVFV4Kv5N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/deac8a-8013-4c8c-b471-9e573e710958/1/eXF7bAwSBX7l-vhKY9MjShTdXRk.roa
Signing time: Mon 01 Jan 2024 16:29:36 +0000
ROA not before: Mon 01 Jan 2024 16:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208697
IP address blocks: 193.38.38.0/24 maxlen: 24
193.38.36.0/24 maxlen: 24
193.38.37.0/24 maxlen: 24
193.38.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f9:62:fb:3d:93:36:31:16:61:b8:cb:85:e5:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ef66cb7cc350345852be9bdd75455782afe4dd
Validity
Not Before: Jan 1 16:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79717b6c0c12057ee5faf84a63d3234a14dd5d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d0:5a:76:6f:63:ac:9e:9f:ab:0e:51:9a:94:
6a:c4:1b:b9:b8:40:11:da:fa:98:0b:9d:54:ac:b8:
c3:fe:44:9b:68:b7:9c:a5:f8:cf:82:60:6c:81:07:
d1:3b:8c:73:ca:f0:a1:5b:9c:34:92:20:41:01:5d:
d0:cf:99:76:db:f9:81:6f:8b:2c:e3:33:ad:26:1a:
ec:d6:d6:26:35:5f:6b:4d:17:98:a1:b8:cd:68:fe:
54:51:21:03:80:c9:7b:8f:16:b0:be:6d:f3:d6:b1:
b4:3f:53:3c:de:d7:a0:f1:30:a2:ed:ec:59:67:a7:
93:79:5d:d9:41:09:6a:64:8b:b2:e3:7f:62:30:48:
11:c8:d8:45:82:b9:c8:ef:e9:62:22:54:e5:ad:1e:
44:f7:6a:bc:1a:c5:b7:8b:98:d1:e0:1c:fd:66:23:
d0:f6:a1:48:57:7a:6f:68:91:37:bf:50:10:97:0f:
2d:18:17:a9:97:ff:58:4d:de:fc:4b:33:1f:39:34:
75:a3:54:2f:7d:79:4d:e9:ae:16:fe:df:61:8c:53:
2d:e3:ae:60:7d:49:31:f8:b6:64:8f:d2:81:c9:71:
08:93:2e:11:79:20:72:2e:71:da:9d:52:e4:47:4f:
a4:e5:52:3b:c9:f0:52:47:92:a2:36:bc:ae:5d:17:
46:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:71:7B:6C:0C:12:05:7E:E5:FA:F8:4A:63:D3:23:4A:14:DD:5D:19
X509v3 Authority Key Identifier:
keyid:A7:EF:66:CB:7C:C3:50:34:58:52:BE:9B:DD:75:45:57:82:AF:E4:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-9my3zDUDRYUr6b3XVFV4Kv5N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/deac8a-8013-4c8c-b471-9e573e710958/1/eXF7bAwSBX7l-vhKY9MjShTdXRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/deac8a-8013-4c8c-b471-9e573e710958/1/p-9my3zDUDRYUr6b3XVFV4Kv5N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.36.0/22
Signature Algorithm: sha256WithRSAEncryption
15:dd:28:41:c9:8c:92:35:69:6a:04:99:d6:19:08:77:b7:9f:
16:e7:32:41:8b:ed:cc:ce:87:ea:f5:cc:32:a1:cf:c5:e2:d3:
db:e0:6c:6a:16:69:e5:8b:6c:87:53:78:b0:52:7c:c2:57:7e:
ca:9a:e5:f3:eb:04:3d:21:3f:6c:98:a4:5d:3d:b2:79:8f:79:
87:cb:43:62:91:3e:5a:e2:30:60:09:16:b2:42:e9:48:20:a3:
3f:c2:ec:09:46:ad:9a:20:ba:c3:ba:3f:63:98:ac:d1:3d:21:
e4:9e:21:b7:1e:42:bc:59:8d:f2:b8:b2:eb:ec:55:a9:40:90:
eb:2b:3b:d2:cc:f5:e6:04:85:24:8b:3b:99:8d:9d:96:88:32:
0c:66:89:8b:f9:09:ba:99:de:a3:dd:36:cc:12:a3:89:55:a4:
e4:81:06:99:f2:b5:71:73:08:bf:01:d5:5b:81:22:7f:91:40:
bd:8c:23:ca:77:3c:9b:ff:44:4c:1c:de:5e:e4:7a:c1:50:fb:
b3:93:2d:56:81:d5:54:16:a1:9c:52:d8:2e:64:d1:de:8c:e9:
e7:57:cd:af:82:cc:a8:60:dc:d1:f5:13:64:51:a9:2c:dc:4f:
f2:de:7c:3d:1c:36:98:33:11:19:60:f1:a5:38:43:c4:73:6d:
aa:ce:b2:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2/li+z2TNjEWYbjLheWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZWY2NmNiN2NjMzUwMzQ1ODUyYmU5YmRkNzU0NTU3ODJh
ZmU0ZGQwHhcNMjQwMTAxMTYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTcxN2I2YzBjMTIwNTdlZTVmYWY4NGE2M2QzMjM0YTE0ZGQ1ZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdBadm9jrJ6fqw5RmpRqxBu5uEAR
2vqYC51UrLjD/kSbaLecpfjPgmBsgQfRO4xzyvChW5w0kiBBAV3Qz5l22/mBb4ss
4zOtJhrs1tYmNV9rTReYobjNaP5UUSEDgMl7jxawvm3z1rG0P1M83teg8TCi7exZ
Z6eTeV3ZQQlqZIuy439iMEgRyNhFgrnI7+liIlTlrR5E92q8GsW3i5jR4Bz9ZiPQ
9qFIV3pvaJE3v1AQlw8tGBepl/9YTd78SzMfOTR1o1QvfXlN6a4W/t9hjFMt465g
fUkx+LZkj9KByXEIky4ReSByLnHanVLkR0+k5VI7yfBSR5KiNryuXRdGdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHlxe2wMEgV+5fr4SmPTI0oU3V0ZMB8GA1UdIwQY
MBaAFKfvZst8w1A0WFK+m911RVeCr+TdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC05bXkzekRVRFJZVXI2YjNYVkZWNEt2NU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kZWFjOGEtODAxMy00YzhjLWI0NzEt
OWU1NzNlNzEwOTU4LzEvZVhGN2JBd1NCWDdsLXZoS1k5TWpTaFRkWFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kZWFjOGEtODAxMy00YzhjLWI0NzEtOWU1NzNlNzEwOTU4
LzEvcC05bXkzekRVRFJZVXI2YjNYVkZWNEt2NU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSYkMA0G
CSqGSIb3DQEBCwUAA4IBAQAV3ShByYySNWlqBJnWGQh3t58W5zJBi+3Mzofq9cwy
oc/F4tPb4GxqFmnli2yHU3iwUnzCV37KmuXz6wQ9IT9smKRdPbJ5j3mHy0NikT5a
4jBgCRayQulIIKM/wuwJRq2aILrDuj9jmKzRPSHkniG3HkK8WY3yuLLr7FWpQJDr
KzvSzPXmBIUkizuZjZ2WiDIMZomL+Qm6md6j3TbMEqOJVaTkgQaZ8rVxcwi/AdVb
gSJ/kUC9jCPKdzyb/0RMHN5e5HrBUPuzky1WgdVUFqGcUtguZNHejOnnV82vgsyo
YNzR9RNkUaks3E/y3nw9HDaYMxEZYPGlOEPEc22qzrLb
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:13:53 2025 by rpki-client