Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/0f169c-6da7-4350-8d3c-4ca44802b563/1/VoFNE13yydiEt4xsZvIlv4k4W7E.roa
File: VoFNE13yydiEt4xsZvIlv4k4W7E.roa (raw, json)
Hash identifier: f289WsJo098/OYEhqFW2juzSrd1otWfkECx7AhnQH4A=
Subject key identifier: 56:81:4D:13:5D:F2:C9:D8:84:B7:8C:6C:66:F2:25:BF:89:38:5B:B1
Certificate issuer: /CN=cad79c126b82f77cc63b5a6b6cd8bdae6e0f5a3c
Certificate serial: 018CC2DAF96AA6C40DF78DDD6A1F11C47320
Authority key identifier: CA:D7:9C:12:6B:82:F7:7C:C6:3B:5A:6B:6C:D8:BD:AE:6E:0F:5A:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ytecEmuC93zGO1prbNi9rm4PWjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/0f169c-6da7-4350-8d3c-4ca44802b563/1/VoFNE13yydiEt4xsZvIlv4k4W7E.roa
Signing time: Mon 01 Jan 2024 02:29:39 +0000
ROA not before: Mon 01 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137
IP address blocks: 193.43.117.0/24 maxlen: 24
193.43.18.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f9:6a:a6:c4:0d:f7:8d:dd:6a:1f:11:c4:73:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cad79c126b82f77cc63b5a6b6cd8bdae6e0f5a3c
Validity
Not Before: Jan 1 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=56814d135df2c9d884b78c6c66f225bf89385bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:32:72:b2:b6:a0:d1:cb:15:ce:da:81:9e:fc:
46:60:d7:4a:03:d3:09:9d:ac:f1:0b:e4:55:1d:f5:
31:c4:a2:f0:8c:41:b1:2b:c3:d6:85:1d:a4:b9:17:
3b:e5:07:34:95:82:dd:a9:8b:4a:bb:68:7f:59:05:
fc:a9:4e:d8:b6:16:5e:bb:55:ba:ae:aa:60:ce:be:
1e:94:7e:f3:2c:de:a1:60:b4:ca:d1:62:17:21:32:
41:c3:81:ea:a8:5d:66:ea:92:f4:d9:c8:28:f0:58:
99:64:6a:00:13:e5:01:2f:49:de:c9:56:5a:a8:03:
d8:d8:4e:d5:95:aa:04:1b:fd:20:ae:4b:a4:e2:c1:
61:ba:fa:1f:1d:37:a3:2b:5f:cb:cc:d5:73:0e:e9:
e7:3f:8a:f0:b5:99:c5:40:b9:34:9a:46:38:f7:1c:
04:95:50:d8:57:71:94:b6:07:e9:63:9a:c0:62:34:
72:7c:21:16:91:54:ee:7e:0c:82:e4:31:b5:57:24:
f0:63:6f:d3:02:da:87:09:ab:d5:a1:97:71:b0:70:
16:2c:15:d8:b6:96:9c:a1:71:30:99:85:d3:f4:95:
e2:4e:82:6a:fb:0b:ae:43:81:c4:b9:8a:0c:40:9c:
98:de:33:8a:24:a8:88:a5:ff:b6:30:e9:d2:06:6a:
58:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:81:4D:13:5D:F2:C9:D8:84:B7:8C:6C:66:F2:25:BF:89:38:5B:B1
X509v3 Authority Key Identifier:
keyid:CA:D7:9C:12:6B:82:F7:7C:C6:3B:5A:6B:6C:D8:BD:AE:6E:0F:5A:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ytecEmuC93zGO1prbNi9rm4PWjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/0f169c-6da7-4350-8d3c-4ca44802b563/1/VoFNE13yydiEt4xsZvIlv4k4W7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/0f169c-6da7-4350-8d3c-4ca44802b563/1/ytecEmuC93zGO1prbNi9rm4PWjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.18.0/23
193.43.117.0/24
Signature Algorithm: sha256WithRSAEncryption
94:ed:4e:8d:af:f2:d1:09:6e:da:73:f9:22:97:72:6b:9a:e6:
a6:0d:34:cd:e7:07:7c:5a:fa:6f:fe:fd:52:98:49:85:02:23:
41:54:83:10:95:0c:0d:2d:41:8f:a5:84:b9:8a:0e:28:bf:df:
7f:32:e1:42:96:dc:12:bd:60:61:46:c4:f9:45:c1:ac:d2:93:
12:bc:26:68:53:12:75:f0:df:df:d9:a8:a9:22:56:89:42:d2:
b3:f0:9c:a6:e2:30:b8:87:20:a6:eb:1e:50:e0:71:6d:16:36:
88:ab:d3:be:22:ed:75:39:99:81:7c:e8:42:4f:18:56:e6:06:
28:1c:02:c5:d5:80:67:a7:10:eb:06:f9:c7:3f:8f:74:9a:03:
03:15:39:1c:a9:62:90:49:c6:50:d5:39:d5:e7:ef:9a:3c:38:
5d:18:6b:76:9e:8b:3b:35:2e:52:1c:2c:78:7d:71:67:84:5b:
0a:b1:03:a3:da:75:31:8b:4d:b7:07:7b:30:b2:01:36:0e:f7:
d4:18:75:29:f4:bd:a5:5c:0a:95:d1:61:24:90:15:27:85:ec:
e4:b0:20:37:07:d8:e9:93:16:91:5a:53:92:f5:21:a3:57:02:
00:b3:ad:b3:22:35:35:94:28:7d:50:1e:5c:e5:e6:d2:d4:ea:
0e:55:6f:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2vlqpsQN943dah8RxHMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZDc5YzEyNmI4MmY3N2NjNjNiNWE2YjZjZDhiZGFlNmUw
ZjVhM2MwHhcNMjQwMTAxMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjgxNGQxMzVkZjJjOWQ4ODRiNzhjNmM2NmYyMjViZjg5Mzg1YmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzJysrag0csVztqBnvxGYNdKA9MJ
nazxC+RVHfUxxKLwjEGxK8PWhR2kuRc75Qc0lYLdqYtKu2h/WQX8qU7YthZeu1W6
rqpgzr4elH7zLN6hYLTK0WIXITJBw4HqqF1m6pL02cgo8FiZZGoAE+UBL0neyVZa
qAPY2E7VlaoEG/0grkuk4sFhuvofHTejK1/LzNVzDunnP4rwtZnFQLk0mkY49xwE
lVDYV3GUtgfpY5rAYjRyfCEWkVTufgyC5DG1VyTwY2/TAtqHCavVoZdxsHAWLBXY
tpacoXEwmYXT9JXiToJq+wuuQ4HEuYoMQJyY3jOKJKiIpf+2MOnSBmpY2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFaBTRNd8snYhLeMbGbyJb+JOFuxMB8GA1UdIwQY
MBaAFMrXnBJrgvd8xjtaa2zYva5uD1o8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXRlY0VtdUM5M3pHTzFwcmJOaTlybTRQV2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wZjE2OWMtNmRhNy00MzUwLThkM2Mt
NGNhNDQ4MDJiNTYzLzEvVm9GTkUxM3l5ZGlFdDR4c1p2SWx2NGs0VzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wZjE2OWMtNmRhNy00MzUwLThkM2MtNGNhNDQ4MDJiNTYz
LzEveXRlY0VtdUM5M3pHTzFwcmJOaTlybTRQV2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwSsSAwQA
wSt1MA0GCSqGSIb3DQEBCwUAA4IBAQCU7U6Nr/LRCW7ac/kil3JrmuamDTTN5wd8
Wvpv/v1SmEmFAiNBVIMQlQwNLUGPpYS5ig4ov99/MuFCltwSvWBhRsT5RcGs0pMS
vCZoUxJ18N/f2aipIlaJQtKz8Jym4jC4hyCm6x5Q4HFtFjaIq9O+Iu11OZmBfOhC
TxhW5gYoHALF1YBnpxDrBvnHP490mgMDFTkcqWKQScZQ1TnV5++aPDhdGGt2nos7
NS5SHCx4fXFnhFsKsQOj2nUxi023B3swsgE2DvfUGHUp9L2lXAqV0WEkkBUnhezk
sCA3B9jpkxaRWlOS9SGjVwIAs62zIjU1lCh9UB5c5ebS1OoOVW/d
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:46 2025 by rpki-client