Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/zBiHGtZ1U_hXpv25D7nkb-3evqY.roa
File: zBiHGtZ1U_hXpv25D7nkb-3evqY.roa (raw, json)
Hash identifier: 8lXdrGqs7gfioSucO6taQG48PUXV8gXetTOqoM+haUw=
Subject key identifier: CC:18:87:1A:D6:75:53:F8:57:A6:FD:B9:0F:B9:E4:6F:ED:DE:BE:A6
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0193BBAF85D79177828DF10F2AF32BF3D2F7
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/zBiHGtZ1U_hXpv25D7nkb-3evqY.roa
Signing time: Thu 12 Dec 2024 16:24:22 +0000
ROA not before: Thu 12 Dec 2024 16:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214077
IP address blocks: 194.226.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:bb:af:85:d7:91:77:82:8d:f1:0f:2a:f3:2b:f3:d2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Dec 12 16:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc18871ad67553f857a6fdb90fb9e46feddebea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1a:eb:51:69:5c:80:d0:4b:52:18:fb:b6:83:
08:50:5a:42:49:22:fe:eb:a8:ab:5f:7b:db:4d:fb:
6b:60:6b:24:8d:cf:c5:70:30:a0:fd:39:f9:1f:9e:
90:0e:46:22:7b:11:9e:ac:27:bc:e9:25:6c:03:e1:
3b:f2:8c:c9:fd:15:03:1b:51:9b:e6:a8:c7:84:3d:
b1:00:b9:59:bd:de:9f:79:9f:9b:97:24:33:38:e9:
44:bd:4b:ec:5e:dc:16:73:99:c5:9f:fd:4f:bd:dd:
67:af:a2:85:50:bc:57:1b:b7:73:b2:fe:ae:16:ad:
57:83:25:cf:36:22:57:a8:d1:90:26:49:2c:9c:d9:
79:57:e3:a8:33:0c:9f:f9:92:58:7a:2c:08:35:29:
32:d6:a5:27:be:c5:d0:2d:49:7f:06:e9:0e:fb:7a:
9a:44:9f:7a:a5:f2:2a:04:c1:d2:43:dd:ec:46:17:
2d:16:54:38:60:e9:91:2c:89:0c:7b:4c:46:3f:8c:
f7:16:3f:7d:e8:59:35:a1:87:31:62:4a:2b:50:e6:
54:3c:4b:49:37:fa:b9:74:73:bd:11:2e:34:39:b6:
c4:cd:30:33:1d:d6:e8:94:0f:43:56:4e:a2:ad:ec:
bb:a0:43:66:07:bb:5c:45:9c:b0:28:9c:d0:4a:e8:
81:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:18:87:1A:D6:75:53:F8:57:A6:FD:B9:0F:B9:E4:6F:ED:DE:BE:A6
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/zBiHGtZ1U_hXpv25D7nkb-3evqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.226.249.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:b1:be:de:62:92:2e:df:76:9e:78:16:c9:e3:09:f3:53:af:
87:af:5f:60:2f:ba:1c:8b:86:ee:36:cf:e9:f6:61:b8:e0:2d:
15:08:dd:18:66:10:24:78:e5:39:c7:be:29:c8:45:77:25:91:
f8:20:fc:c0:4e:66:3a:bd:c4:6c:b6:ce:d3:b3:00:26:e9:a8:
19:fd:d6:0d:d3:8c:60:3b:d9:27:c8:b3:65:0c:1d:e7:d2:fa:
e3:f1:09:fd:24:c0:00:5b:1c:82:83:34:ff:2b:29:a9:98:d7:
28:33:7e:9b:2f:32:33:5c:36:ed:17:0e:d1:6e:d9:5d:79:da:
94:1d:fe:0b:a7:d8:df:22:c1:02:18:a6:16:ed:33:3c:f5:ea:
2f:e0:7d:0f:ed:59:73:fc:1c:cd:f6:8d:ed:dc:f8:2c:7a:aa:
8a:a9:96:89:e9:85:f9:24:1e:61:32:64:ca:b5:09:37:37:26:
5b:97:1d:e3:8f:b9:5d:cf:5f:ea:14:18:06:34:46:63:b4:45:
80:85:55:e6:19:fb:d1:47:5e:e9:cd:c8:ca:fb:c3:81:8c:4d:
28:c6:c2:2b:f4:bb:93:c1:7b:61:ed:f7:a1:58:91:57:f0:c3:
ff:7c:ce:3e:ef:2f:8f:be:69:4e:57:b6:5d:f1:63:99:d7:33:
c6:cb:fd:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZO7r4XXkXeCjfEPKvMr89L3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQxMjEyMTYyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzE4ODcxYWQ2NzU1M2Y4NTdhNmZkYjkwZmI5ZTQ2ZmVkZGViZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBrrUWlcgNBLUhj7toMIUFpCSSL+
66irX3vbTftrYGskjc/FcDCg/Tn5H56QDkYiexGerCe86SVsA+E78ozJ/RUDG1Gb
5qjHhD2xALlZvd6feZ+blyQzOOlEvUvsXtwWc5nFn/1Pvd1nr6KFULxXG7dzsv6u
Fq1XgyXPNiJXqNGQJkksnNl5V+OoMwyf+ZJYeiwINSky1qUnvsXQLUl/BukO+3qa
RJ96pfIqBMHSQ93sRhctFlQ4YOmRLIkMe0xGP4z3Fj996Fk1oYcxYkorUOZUPEtJ
N/q5dHO9ES40ObbEzTAzHdbolA9DVk6irey7oENmB7tcRZywKJzQSuiBaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwYhxrWdVP4V6b9uQ+55G/t3r6mMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvekJpSEd0WjFVX2hYcHYyNUQ3bmtiLTNldnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwuL5MA0G
CSqGSIb3DQEBCwUAA4IBAQCmsb7eYpIu33aeeBbJ4wnzU6+Hr19gL7oci4buNs/p
9mG44C0VCN0YZhAkeOU5x74pyEV3JZH4IPzATmY6vcRsts7TswAm6agZ/dYN04xg
O9knyLNlDB3n0vrj8Qn9JMAAWxyCgzT/KympmNcoM36bLzIzXDbtFw7RbtldedqU
Hf4Lp9jfIsECGKYW7TM89eov4H0P7Vlz/BzN9o3t3PgseqqKqZaJ6YX5JB5hMmTK
tQk3NyZblx3jj7ldz1/qFBgGNEZjtEWAhVXmGfvRR17pzcjK+8OBjE0oxsIr9LuT
wXth7fehWJFX8MP/fM4+7y+PvmlOV7Zd8WOZ1zPGy/3E
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:29:14 2025 by rpki-client