Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/AsbDcpcfCr6aI4OoPM0DofM2eE8.roa
File: AsbDcpcfCr6aI4OoPM0DofM2eE8.roa (raw, json)
Hash identifier: hR3lFZpL/TaNsSm44D2BW2O8ASIh3fXXk5cNr+qdWsE=
Subject key identifier: 02:C6:C3:72:97:1F:0A:BE:9A:23:83:A8:3C:CD:03:A1:F3:36:78:4F
Certificate issuer: /CN=c7a2e4eb9fd3ccd1ba44a362f76f989b7b44d5f2
Certificate serial: 018CC64B6134C50E3B857E09A59D5E6F49A1
Authority key identifier: C7:A2:E4:EB:9F:D3:CC:D1:BA:44:A3:62:F7:6F:98:9B:7B:44:D5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6Lk65_TzNG6RKNi92-Ym3tE1fI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/AsbDcpcfCr6aI4OoPM0DofM2eE8.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55002
IP address blocks: 194.33.70.0/23 maxlen: 23
194.33.68.0/24 maxlen: 24
2001:67c:2994::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:61:34:c5:0e:3b:85:7e:09:a5:9d:5e:6f:49:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7a2e4eb9fd3ccd1ba44a362f76f989b7b44d5f2
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02c6c372971f0abe9a2383a83ccd03a1f336784f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c9:92:79:ce:68:a1:66:1b:49:2b:7f:f6:c6:
64:36:78:bf:29:cb:a3:39:36:cd:48:36:29:96:81:
99:0b:87:5c:63:1a:3f:e3:dc:d4:64:5a:8a:a7:cf:
ce:ca:7d:60:60:56:5b:6d:69:4c:c8:3c:43:6e:4f:
dc:29:32:10:48:8d:e5:77:79:72:13:76:5b:1b:99:
db:8e:3a:fb:59:f9:49:d9:64:3f:de:3a:38:7f:32:
72:29:cc:39:47:1e:97:2a:ab:26:09:50:a1:77:97:
a1:db:15:57:50:18:fb:e4:21:61:b5:a4:78:0e:58:
29:74:98:b6:80:20:93:db:84:99:a1:6d:29:4d:2e:
58:26:5e:a0:01:7c:b1:f1:1f:67:42:3f:84:10:f6:
76:c1:cc:47:78:e2:0b:45:39:3f:7b:d0:86:0b:34:
00:75:79:21:c4:2b:55:e3:5c:da:33:33:dd:13:3b:
19:8f:47:c9:06:27:4f:01:ef:0f:e8:ef:ca:e1:d2:
2e:5f:35:d1:aa:ec:19:31:4a:f7:18:d8:8b:f9:80:
46:2a:5c:fb:0b:02:35:92:cd:44:fe:0e:38:8e:94:
ea:88:54:82:82:c6:61:c4:bc:66:56:72:dc:1d:67:
e6:38:ef:29:e4:69:3d:23:26:a3:da:c6:fe:6c:90:
50:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C6:C3:72:97:1F:0A:BE:9A:23:83:A8:3C:CD:03:A1:F3:36:78:4F
X509v3 Authority Key Identifier:
keyid:C7:A2:E4:EB:9F:D3:CC:D1:BA:44:A3:62:F7:6F:98:9B:7B:44:D5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6Lk65_TzNG6RKNi92-Ym3tE1fI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/AsbDcpcfCr6aI4OoPM0DofM2eE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/x6Lk65_TzNG6RKNi92-Ym3tE1fI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.68.0/24
194.33.70.0/23
IPv6:
2001:67c:2994::/48
Signature Algorithm: sha256WithRSAEncryption
7a:c8:37:ba:0e:0e:77:76:f4:e7:5e:ef:66:ca:f4:3d:64:b4:
56:3f:6c:e0:5f:1a:e3:02:78:7d:3d:ae:8b:3e:f0:3e:90:55:
b2:9b:5c:f2:ff:d9:90:dc:54:99:45:a2:f7:b2:33:10:3d:a2:
0d:79:93:0c:89:54:05:de:37:d1:21:a0:a0:6b:a7:db:f8:4d:
ad:ea:b9:c9:90:a6:54:07:5c:fd:0a:7a:50:10:12:ad:3e:4d:
df:ba:16:fa:9c:79:1d:db:03:a9:d6:de:61:3e:3b:7f:ff:f6:
9b:c9:f6:9f:28:2c:72:91:3c:fd:1d:15:56:ee:1f:a8:15:94:
72:aa:bd:03:46:27:1e:fd:cc:bb:e3:71:ec:78:fa:dc:bb:e1:
3c:b7:26:6e:78:f9:e7:e3:45:70:c9:a0:c9:f2:ad:2d:d3:fa:
67:41:f8:90:00:be:f9:1b:4f:ee:4a:90:f8:c0:e5:22:f8:8c:
2f:fd:b7:38:45:a9:be:b1:dc:fd:6f:27:58:a1:f7:a2:9d:0f:
ba:19:54:c4:a8:9c:a8:95:96:c7:f1:4f:4f:b1:69:6b:60:e7:
0a:99:90:9d:91:58:48:f0:16:d3:6e:39:e9:78:99:e7:c4:4a:
f8:d9:65:76:24:ea:9c:25:f3:cc:2e:72:5a:f6:f4:52:d2:89:
0f:57:84:be
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzGS2E0xQ47hX4JpZ1eb0mhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YTJlNGViOWZkM2NjZDFiYTQ0YTM2MmY3NmY5ODliN2I0
NGQ1ZjIwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmM2YzM3Mjk3MWYwYWJlOWEyMzgzYTgzY2NkMDNhMWYzMzY3ODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsmSec5ooWYbSSt/9sZkNni/Kcuj
OTbNSDYploGZC4dcYxo/49zUZFqKp8/Oyn1gYFZbbWlMyDxDbk/cKTIQSI3ld3ly
E3ZbG5nbjjr7WflJ2WQ/3jo4fzJyKcw5Rx6XKqsmCVChd5eh2xVXUBj75CFhtaR4
DlgpdJi2gCCT24SZoW0pTS5YJl6gAXyx8R9nQj+EEPZ2wcxHeOILRTk/e9CGCzQA
dXkhxCtV41zaMzPdEzsZj0fJBidPAe8P6O/K4dIuXzXRquwZMUr3GNiL+YBGKlz7
CwI1ks1E/g44jpTqiFSCgsZhxLxmVnLcHWfmOO8p5Gk9Iyaj2sb+bJBQXwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFALGw3KXHwq+miODqDzNA6HzNnhPMB8GA1UdIwQY
MBaAFMei5Ouf08zRukSjYvdvmJt7RNXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDZMazY1X1R6Tkc2UktOaTkyLVltM3RFMWZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wZTQ5NzYtZTc1MC00NTY4LTg1ODMt
ZGU2ZWY3Yzk1NTI2LzEvQXNiRGNwY2ZDcjZhSTRPb1BNMERvZk0yZUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wZTQ5NzYtZTc1MC00NTY4LTg1ODMtZGU2ZWY3Yzk1NTI2
LzEveDZMazY1X1R6Tkc2UktOaTkyLVltM3RFMWZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwiFEAwQB
wiFGMA8EAgACMAkDBwAgAQZ8KZQwDQYJKoZIhvcNAQELBQADggEBAHrIN7oODnd2
9Ode72bK9D1ktFY/bOBfGuMCeH09ros+8D6QVbKbXPL/2ZDcVJlFoveyMxA9og15
kwyJVAXeN9EhoKBrp9v4Ta3qucmQplQHXP0KelAQEq0+Td+6FvqceR3bA6nW3mE+
O3//9pvJ9p8oLHKRPP0dFVbuH6gVlHKqvQNGJx79zLvjcex4+ty74Ty3Jm54+efj
RXDJoMnyrS3T+mdB+JAAvvkbT+5KkPjA5SL4jC/9tzhFqb6x3P1vJ1ih96KdD7oZ
VMSonKiVlsfxT0+xaWtg5wqZkJ2RWEjwFtNuOel4mefESvjZZXYk6pwl88wuclr2
9FLSiQ9XhL4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:16 2025 by rpki-client