Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/PPflRXZ8mkj_8EtRVp6GdPtJFHg.roa
File: PPflRXZ8mkj_8EtRVp6GdPtJFHg.roa (raw, json)
Hash identifier: +x1QWPjspcayRXZi2SgM8yO1k9yLVMTnHUCDNXs+xlg=
Subject key identifier: 3C:F7:E5:45:76:7C:9A:48:FF:F0:4B:51:56:9E:86:74:FB:49:14:78
Certificate issuer: /CN=be18e2d9f509c9d3b455112aa288d336185801a0
Certificate serial: 018CC2DB5B64C15A4E333251D9E08A5E0412
Authority key identifier: BE:18:E2:D9:F5:09:C9:D3:B4:55:11:2A:A2:88:D3:36:18:58:01:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhji2fUJydO0VREqoojTNhhYAaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/PPflRXZ8mkj_8EtRVp6GdPtJFHg.roa
Signing time: Mon 01 Jan 2024 02:30:04 +0000
ROA not before: Mon 01 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211425
IP address blocks: 193.56.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 10:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:5b:64:c1:5a:4e:33:32:51:d9:e0:8a:5e:04:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be18e2d9f509c9d3b455112aa288d336185801a0
Validity
Not Before: Jan 1 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cf7e545767c9a48fff04b51569e8674fb491478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:9e:f3:4b:29:07:98:2a:7b:ae:f1:85:9f:
d9:02:49:a0:f0:0b:14:fb:01:25:9c:79:47:cf:bb:
e6:0b:c8:bb:ff:bd:2d:f1:45:4d:89:ea:32:30:1e:
25:4b:51:c7:c9:d2:4a:f3:f5:35:a5:61:a3:ce:6e:
38:4d:99:05:54:75:1b:ef:27:b1:1f:7f:f9:50:2c:
7b:91:73:78:45:13:12:3d:49:94:13:90:bd:68:1c:
5d:c3:3e:3e:12:a5:98:c9:1d:ee:8a:57:ff:24:8a:
f6:e5:25:60:d7:ba:02:3c:84:8b:67:09:4f:00:50:
59:e0:b2:b9:3c:b6:c2:19:28:5d:0a:fa:92:db:f3:
10:ca:1c:b9:8b:04:66:49:9d:ed:16:30:91:39:14:
03:c2:d0:cc:0f:58:24:ee:0b:27:01:52:42:cd:54:
54:42:55:64:bb:7f:c8:a1:d4:61:d3:24:c4:5d:a1:
d9:1d:19:18:46:92:c3:3a:77:cf:b5:d7:fe:2c:7e:
64:03:21:ee:d6:4a:4c:fb:70:52:34:d8:2b:50:e4:
6d:c1:16:1e:2e:db:67:5c:22:39:63:89:08:bb:25:
04:23:b9:6c:36:9c:1f:0a:d8:8e:1c:39:ea:64:d0:
a5:9d:c5:eb:78:38:9e:c3:73:5c:cf:7d:37:c2:30:
d6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F7:E5:45:76:7C:9A:48:FF:F0:4B:51:56:9E:86:74:FB:49:14:78
X509v3 Authority Key Identifier:
keyid:BE:18:E2:D9:F5:09:C9:D3:B4:55:11:2A:A2:88:D3:36:18:58:01:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhji2fUJydO0VREqoojTNhhYAaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/PPflRXZ8mkj_8EtRVp6GdPtJFHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/6645d5-d193-4a63-85e6-2ca0e5c104fd/1/vhji2fUJydO0VREqoojTNhhYAaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.0.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ac:5b:ec:a4:bd:69:a3:d4:ec:ec:f5:4e:b0:58:9f:11:df:
5e:3f:e9:53:c9:0d:26:6f:58:96:71:43:00:91:57:4c:77:0e:
27:1e:96:24:31:a9:45:e9:ef:97:b7:4d:8c:c9:7d:04:7e:a8:
93:59:45:d5:91:9c:4c:86:4f:6a:7b:bb:50:d7:43:c5:42:d3:
92:a8:9f:a1:08:21:53:e3:d7:95:6f:f3:7f:61:76:60:dc:43:
e6:df:6b:7e:21:35:4a:5f:ff:8f:69:7c:21:87:9a:7c:80:7f:
57:e2:2f:ec:74:f8:c9:de:e1:e3:45:9b:30:aa:4c:63:37:e2:
a6:5f:d2:8c:22:84:23:80:9c:b9:92:13:fe:53:5b:38:f2:84:
fb:55:f2:09:03:4a:1d:0d:11:49:c9:28:13:bb:62:82:55:cd:
48:93:7f:c4:28:3c:e6:06:bc:f2:16:7f:59:5b:b7:99:ee:50:
91:c0:5f:21:ea:99:e4:95:63:04:28:ef:75:f0:f4:c1:1c:af:
f0:dc:e3:ca:f0:83:de:2e:51:5f:40:7c:30:e4:71:b1:30:18:
7a:19:b1:03:f2:99:56:56:84:88:02:4d:37:6c:3f:69:a3:0c:
e2:24:0c:d9:89:a3:aa:b7:0a:b4:f5:c3:cf:fe:bb:31:34:b2:
16:cd:d3:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC21tkwVpOMzJR2eCKXgQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMThlMmQ5ZjUwOWM5ZDNiNDU1MTEyYWEyODhkMzM2MTg1
ODAxYTAwHhcNMjQwMTAxMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Y3ZTU0NTc2N2M5YTQ4ZmZmMDRiNTE1NjllODY3NGZiNDkxNDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFWe80spB5gqe67xhZ/ZAkmg8AsU
+wElnHlHz7vmC8i7/70t8UVNieoyMB4lS1HHydJK8/U1pWGjzm44TZkFVHUb7yex
H3/5UCx7kXN4RRMSPUmUE5C9aBxdwz4+EqWYyR3uilf/JIr25SVg17oCPISLZwlP
AFBZ4LK5PLbCGShdCvqS2/MQyhy5iwRmSZ3tFjCRORQDwtDMD1gk7gsnAVJCzVRU
QlVku3/IodRh0yTEXaHZHRkYRpLDOnfPtdf+LH5kAyHu1kpM+3BSNNgrUORtwRYe
LttnXCI5Y4kIuyUEI7lsNpwfCtiOHDnqZNClncXreDiew3Ncz303wjDWOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDz35UV2fJpI//BLUVaehnT7SRR4MB8GA1UdIwQY
MBaAFL4Y4tn1CcnTtFURKqKI0zYYWAGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmhqaTJmVUp5ZE8wVlJFcW9valROaGhZQWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82NjQ1ZDUtZDE5My00YTYzLTg1ZTYt
MmNhMGU1YzEwNGZkLzEvUFBmbFJYWjhta2pfOEV0UlZwNkdkUHRKRkhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82NjQ1ZDUtZDE5My00YTYzLTg1ZTYtMmNhMGU1YzEwNGZk
LzEvdmhqaTJmVUp5ZE8wVlJFcW9valROaGhZQWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTgAMA0G
CSqGSIb3DQEBCwUAA4IBAQBBrFvspL1po9Ts7PVOsFifEd9eP+lTyQ0mb1iWcUMA
kVdMdw4nHpYkMalF6e+Xt02MyX0EfqiTWUXVkZxMhk9qe7tQ10PFQtOSqJ+hCCFT
49eVb/N/YXZg3EPm32t+ITVKX/+PaXwhh5p8gH9X4i/sdPjJ3uHjRZswqkxjN+Km
X9KMIoQjgJy5khP+U1s48oT7VfIJA0odDRFJySgTu2KCVc1Ik3/EKDzmBrzyFn9Z
W7eZ7lCRwF8h6pnklWMEKO918PTBHK/w3OPK8IPeLlFfQHww5HGxMBh6GbED8plW
VoSIAk03bD9powziJAzZiaOqtwq09cPP/rsxNLIWzdNf
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:09:29 2025 by rpki-client