Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/on9X6u-GK2IXT4tm0mhBsbX81-o.roa
File: on9X6u-GK2IXT4tm0mhBsbX81-o.roa (raw, json)
Hash identifier: KKqmwqGAm666Qu3Xf7nXwAO1p49X/jw66S/1BrP72m4=
Subject key identifier: A2:7F:57:EA:EF:86:2B:62:17:4F:8B:66:D2:68:41:B1:B5:FC:D7:EA
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0195197CC72DEB16AC3009FFFF56A5F906F1
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/on9X6u-GK2IXT4tm0mhBsbX81-o.roa
Signing time: Tue 18 Feb 2025 14:36:02 +0000
ROA not before: Tue 18 Feb 2025 14:36:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3218
IP address blocks: 193.232.1.0/24 maxlen: 24
193.232.2.0/24 maxlen: 24
193.232.3.0/24 maxlen: 24
193.232.4.0/24 maxlen: 24
193.232.6.0/24 maxlen: 24
193.232.8.0/24 maxlen: 24
193.232.9.0/24 maxlen: 24
193.232.10.0/24 maxlen: 24
193.232.11.0/24 maxlen: 24
193.232.12.0/24 maxlen: 24
193.232.13.0/24 maxlen: 24
193.232.17.0/24 maxlen: 24
193.232.19.0/24 maxlen: 24
193.232.22.0/23 maxlen: 24
193.232.25.0/24 maxlen: 24
193.232.26.0/24 maxlen: 24
193.232.27.0/24 maxlen: 24
193.232.28.0/24 maxlen: 24
193.232.30.0/24 maxlen: 24
193.232.31.0/24 maxlen: 24
193.232.192.0/22 maxlen: 24
193.232.196.0/23 maxlen: 24
193.232.207.0/24 maxlen: 24
193.232.208.0/23 maxlen: 24
193.232.212.0/24 maxlen: 24
193.232.218.0/23 maxlen: 24
194.85.208.0/23 maxlen: 24
194.85.212.0/23 maxlen: 24
194.85.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 16:58:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:19:7c:c7:2d:eb:16:ac:30:09:ff:ff:56:a5:f9:06:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Feb 18 14:36:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a27f57eaef862b62174f8b66d26841b1b5fcd7ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:42:4e:4a:b3:77:4c:cc:33:5e:bf:bf:2c:97:
01:4d:de:ed:19:66:48:53:ef:3d:e9:c8:2c:bc:07:
63:fe:9f:87:7e:1e:b3:b4:35:ae:6d:5b:85:59:45:
71:72:9d:87:cc:82:95:43:05:7c:98:24:60:ea:70:
55:bd:d3:05:7f:4c:cd:4e:eb:98:b8:6a:9b:5e:90:
67:94:c7:e8:5e:8b:ec:cd:73:74:eb:1a:f2:7d:24:
51:94:b7:61:1b:2e:c8:d0:31:1c:e9:8e:17:81:60:
b3:76:e5:7f:69:be:23:1a:54:a6:f1:6d:f9:2d:cd:
3e:52:e2:8f:85:67:7d:89:07:ab:31:54:5a:c2:5b:
87:57:12:23:b8:b6:01:82:71:fe:54:77:62:98:8d:
05:54:63:4d:40:e2:57:3c:4d:49:3b:4a:8e:8c:41:
65:9b:ad:29:e9:d8:3c:5c:18:f2:47:3d:3d:44:19:
ab:cc:20:f8:da:82:6f:f8:cc:09:3b:ad:1b:dd:3f:
21:ff:a9:a5:e0:b9:3c:fc:c8:32:dd:32:82:05:41:
5b:8b:1c:e3:38:27:ae:59:45:bf:98:e7:70:53:82:
e7:cb:4b:b6:94:50:33:7e:3f:0c:a9:67:bc:f9:00:
e2:1c:31:9f:28:56:86:94:f0:5f:bb:f3:7e:36:47:
c9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7F:57:EA:EF:86:2B:62:17:4F:8B:66:D2:68:41:B1:B5:FC:D7:EA
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/on9X6u-GK2IXT4tm0mhBsbX81-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.1.0-193.232.4.255
193.232.6.0/24
193.232.8.0-193.232.13.255
193.232.17.0/24
193.232.19.0/24
193.232.22.0/23
193.232.25.0-193.232.28.255
193.232.30.0/23
193.232.192.0-193.232.197.255
193.232.207.0-193.232.209.255
193.232.212.0/24
193.232.218.0/23
194.85.208.0/23
194.85.212.0/23
Signature Algorithm: sha256WithRSAEncryption
20:c7:f1:63:5b:bd:77:11:a7:d0:a3:9f:a3:ae:0e:4e:1e:a4:
53:5c:65:af:2e:02:23:7a:03:40:79:fc:ae:e8:f6:37:32:88:
b0:ed:d6:1d:e6:a9:bc:dc:92:9a:cf:b0:33:78:1f:05:de:7f:
77:5b:13:ec:a1:ba:e5:c5:ae:f7:cf:8e:f1:e4:9d:3b:5b:98:
5c:a1:f3:2f:62:11:bd:57:dc:e2:b5:d7:64:95:3e:90:18:6f:
36:f6:11:0e:e0:d0:c9:b9:89:43:7d:08:fc:7d:62:d4:01:68:
95:28:18:7e:4e:f4:c9:70:b5:f8:13:6b:9b:01:d8:bc:fd:7d:
9b:48:24:e7:26:7a:1f:01:d2:9c:a1:f1:d0:70:1b:f2:ed:68:
9e:64:e7:9f:21:1c:c9:db:b6:91:46:ee:05:13:8a:e9:a3:be:
d3:fe:6c:cf:06:38:e9:d9:48:e5:14:cc:d9:33:81:0e:c7:e3:
c1:f8:d6:db:1b:53:e3:4a:a9:6f:42:81:9d:cd:9a:b0:10:2b:
d9:5f:33:4e:46:35:ba:ad:88:51:fd:8b:bd:3c:0a:86:14:70:
df:52:9a:b1:8d:e7:ef:71:8d:e4:d1:56:28:5f:35:65:73:c0:
c4:5c:6c:0c:f9:56:82:f2:27:b5:f6:b0:b5:9c:56:b8:39:8b:
27:2d:ea:fa
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZUZfMct6xasMAn//1al+QbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwMjE4MTQzNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdmNTdlYWVmODYyYjYyMTc0ZjhiNjZkMjY4NDFiMWI1ZmNkN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUJOSrN3TMwzXr+/LJcBTd7tGWZI
U+896cgsvAdj/p+Hfh6ztDWubVuFWUVxcp2HzIKVQwV8mCRg6nBVvdMFf0zNTuuY
uGqbXpBnlMfoXovszXN06xryfSRRlLdhGy7I0DEc6Y4XgWCzduV/ab4jGlSm8W35
Lc0+UuKPhWd9iQerMVRawluHVxIjuLYBgnH+VHdimI0FVGNNQOJXPE1JO0qOjEFl
m60p6dg8XBjyRz09RBmrzCD42oJv+MwJO60b3T8h/6ml4Lk8/Mgy3TKCBUFbixzj
OCeuWUW/mOdwU4Lny0u2lFAzfj8MqWe8+QDiHDGfKFaGlPBfu/N+NkfJyQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFKJ/V+rvhitiF0+LZtJoQbG1/NfqMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvb245WDZ1LUdLMklYVDR0bTBtaEJzYlg4MS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfDAMAwQA
wegBAwQAwegEAwQAwegGMAwDBAPB6AgDBAHB6AwDBADB6BEDBADB6BMDBAHB6BYw
DAMEAMHoGQMEAMHoHAMEAcHoHjAMAwQGwejAAwQBwejEMAwDBADB6M8DBAHB6NAD
BADB6NQDBAHB6NoDBAHCVdADBAHCVdQwDQYJKoZIhvcNAQELBQADggEBACDH8WNb
vXcRp9Cjn6OuDk4epFNcZa8uAiN6A0B5/K7o9jcyiLDt1h3mqbzckprPsDN4HwXe
f3dbE+yhuuXFrvfPjvHknTtbmFyh8y9iEb1X3OK112SVPpAYbzb2EQ7g0Mm5iUN9
CPx9YtQBaJUoGH5O9MlwtfgTa5sB2Lz9fZtIJOcmeh8B0pyh8dBwG/LtaJ5k558h
HMnbtpFG7gUTiumjvtP+bM8GOOnZSOUUzNkzgQ7H48H41tsbU+NKqW9CgZ3NmrAQ
K9lfM05GNbqtiFH9i708CoYUcN9SmrGN5+9xjeTRVihfNWVzwMRcbAz5VoLyJ7X2
sLWcVrg5iyct6vo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:23:26 2025 by rpki-client