Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/R2bzRCJVjXkJ1WocESffoaDedFY.roa
File: R2bzRCJVjXkJ1WocESffoaDedFY.roa (raw, json)
Hash identifier: WHpRJALcoOGXZQFRZXME6Zohe9p80f3xb1msLOkvZdw=
Subject key identifier: 47:66:F3:44:22:55:8D:79:09:D5:6A:1C:11:27:DF:A1:A0:DE:74:56
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019425FD4EA4316409377087D3A30B0B4D07
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/R2bzRCJVjXkJ1WocESffoaDedFY.roa
Signing time: Thu 02 Jan 2025 07:49:05 +0000
ROA not before: Thu 02 Jan 2025 07:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3218
IP address blocks: 193.232.0.0/22 maxlen: 22
193.232.2.0/24 maxlen: 24
193.232.4.0/23 maxlen: 23
193.232.6.0/24 maxlen: 24
193.232.8.0/21 maxlen: 21
193.232.16.0/22 maxlen: 22
193.232.22.0/23 maxlen: 23
193.232.24.0/21 maxlen: 21
193.232.192.0/22 maxlen: 22
193.232.196.0/23 maxlen: 23
193.232.207.0/24 maxlen: 24
193.232.208.0/23 maxlen: 23
193.232.212.0/24 maxlen: 24
193.232.218.0/23 maxlen: 23
194.85.208.0/23 maxlen: 23
194.85.212.0/23 maxlen: 23
194.85.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 10:11:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:4e:a4:31:64:09:37:70:87:d3:a3:0b:0b:4d:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 07:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4766f34422558d7909d56a1c1127dfa1a0de7456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:06:a1:9f:fe:6f:7c:9a:98:7c:c7:30:c0:dd:
2b:cf:7d:c6:90:63:3d:fc:f6:6b:ca:a3:eb:02:4e:
8b:2e:b5:ad:2b:28:78:ba:f1:2f:eb:d0:be:75:92:
a7:fc:c9:93:fa:c1:5c:2d:4d:1c:6e:4d:7f:4a:e7:
0a:00:2c:1c:87:4f:8e:15:c9:5f:b4:86:78:78:b1:
23:6f:24:63:5d:36:17:b5:7d:3a:ed:54:3e:29:c1:
d9:ab:e5:ea:68:6c:1e:4b:79:ce:3a:7e:8d:1f:87:
bb:45:49:38:40:8c:c8:ff:af:72:61:a5:65:c4:66:
80:1e:e4:ea:ba:a3:e8:2d:fc:ee:49:23:2c:4b:a5:
fd:ed:55:3f:ca:29:59:94:66:cc:94:f1:f0:94:81:
fa:c7:35:f0:66:54:38:91:96:9f:81:67:45:c5:4b:
e9:2d:f8:ca:12:e1:9d:05:2e:79:8e:80:7a:ae:1b:
7d:88:9c:10:ee:84:28:35:a9:ba:f9:07:05:8e:69:
ed:23:92:6a:ea:ca:02:31:34:42:42:e4:d6:a0:57:
3d:97:bd:ee:0c:b8:c0:d0:89:36:98:8b:ad:b4:bc:
40:a5:a8:b8:24:87:13:c8:11:06:d7:b4:fc:aa:35:
83:cb:40:3f:70:49:47:91:49:02:c5:2f:5e:39:98:
48:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:66:F3:44:22:55:8D:79:09:D5:6A:1C:11:27:DF:A1:A0:DE:74:56
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/R2bzRCJVjXkJ1WocESffoaDedFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.0.0-193.232.6.255
193.232.8.0-193.232.19.255
193.232.22.0-193.232.31.255
193.232.192.0-193.232.197.255
193.232.207.0-193.232.209.255
193.232.212.0/24
193.232.218.0/23
194.85.208.0/23
194.85.212.0/23
Signature Algorithm: sha256WithRSAEncryption
48:db:22:07:ff:e1:66:14:c3:96:b5:cf:9b:48:9d:a6:6e:ff:
c7:d3:3c:3b:25:81:f0:3a:1a:0b:55:a6:0d:01:c0:40:43:73:
a8:38:ee:45:8f:d1:1a:90:89:9e:37:a4:9f:1e:87:33:ea:aa:
9c:2e:ce:c1:cc:dc:7c:95:07:85:07:01:c6:8b:29:4f:56:c2:
cd:e3:9c:c9:47:a8:84:7b:e4:ce:e8:36:e7:f8:ce:71:3e:8f:
e6:59:79:a9:34:5a:26:8a:40:39:4d:5d:db:c2:69:0b:aa:2e:
52:dd:02:1e:a5:43:1a:b9:e6:4d:db:aa:14:0d:c2:f2:4d:29:
32:34:f4:1f:fc:59:47:0e:33:47:41:c5:16:2d:eb:23:be:88:
f0:bd:c0:b0:49:89:13:0d:c1:ab:af:4b:0f:bc:cd:ba:6d:3b:
62:0b:a0:69:e8:1d:b7:f5:b7:31:cc:73:24:41:ff:b8:a0:1d:
55:01:78:df:4e:c5:58:f5:e7:b3:ee:53:e0:57:c0:46:78:6a:
b2:4f:53:c6:fa:1a:d2:22:4e:8f:54:5a:d1:43:47:b1:95:9e:
fc:2a:14:1b:6c:e8:87:91:67:9c:b7:79:b6:3c:8e:3c:b2:de:
da:77:06:d0:c6:73:59:8d:51:c4:08:66:dd:06:49:e8:e0:43:
e6:22:32:15
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZQl/U6kMWQJN3CH06MLC00HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMTAyMDc0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzY2ZjM0NDIyNTU4ZDc5MDlkNTZhMWMxMTI3ZGZhMWEwZGU3NDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgahn/5vfJqYfMcwwN0rz33GkGM9
/PZryqPrAk6LLrWtKyh4uvEv69C+dZKn/MmT+sFcLU0cbk1/SucKACwch0+OFclf
tIZ4eLEjbyRjXTYXtX067VQ+KcHZq+XqaGweS3nOOn6NH4e7RUk4QIzI/69yYaVl
xGaAHuTquqPoLfzuSSMsS6X97VU/yilZlGbMlPHwlIH6xzXwZlQ4kZafgWdFxUvp
LfjKEuGdBS55joB6rht9iJwQ7oQoNam6+QcFjmntI5Jq6soCMTRCQuTWoFc9l73u
DLjA0Ik2mIuttLxApai4JIcTyBEG17T8qjWDy0A/cElHkUkCxS9eOZhIjQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFEdm80QiVY15CdVqHBEn36Gg3nRWMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvUjJielJDSlZqWGtKMVdvY0VTZmZvYURlZEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBjBAIAATBdMAsDAwPB6AME
AMHoBjAMAwQDwegIAwQCwegQMAwDBAHB6BYDBAXB6AAwDAMEBsHowAMEAcHoxDAM
AwQAwejPAwQBwejQAwQAwejUAwQBwejaAwQBwlXQAwQBwlXUMA0GCSqGSIb3DQEB
CwUAA4IBAQBI2yIH/+FmFMOWtc+bSJ2mbv/H0zw7JYHwOhoLVaYNAcBAQ3OoOO5F
j9EakImeN6SfHocz6qqcLs7BzNx8lQeFBwHGiylPVsLN45zJR6iEe+TO6Dbn+M5x
Po/mWXmpNFomikA5TV3bwmkLqi5S3QIepUMaueZN26oUDcLyTSkyNPQf/FlHDjNH
QcUWLesjvojwvcCwSYkTDcGrr0sPvM26bTtiC6Bp6B239bcxzHMkQf+4oB1VAXjf
TsVY9eez7lPgV8BGeGqyT1PG+hrSIk6PVFrRQ0exlZ78KhQbbOiHkWect3m2PI48
st7adwbQxnNZjVHECGbdBkno4EPmIjIV
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:13:43 2025 by rpki-client