Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/W19Bd4NkbpkUd2zdQ58OBAY3zic.roa
File: W19Bd4NkbpkUd2zdQ58OBAY3zic.roa (raw, json)
Hash identifier: lMrghE5bdd8Qgf6sEIxn201N813vGmJJpeDVXwuq2pQ=
Subject key identifier: 5B:5F:41:77:83:64:6E:99:14:77:6C:DD:43:9F:0E:04:06:37:CE:27
Certificate issuer: /CN=e43f91b02152882bf9605d76bea421aa0bd4e628
Certificate serial: 018CC2DB25AC4A4583C71014BD74B37C46FD
Authority key identifier: E4:3F:91:B0:21:52:88:2B:F9:60:5D:76:BE:A4:21:AA:0B:D4:E6:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D-RsCFSiCv5YF12vqQhqgvU5ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/W19Bd4NkbpkUd2zdQ58OBAY3zic.roa
Signing time: Mon 01 Jan 2024 02:29:51 +0000
ROA not before: Mon 01 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212766
IP address blocks: 193.163.116.0/24 maxlen: 24
2a11:e340::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:25:ac:4a:45:83:c7:10:14:bd:74:b3:7c:46:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f91b02152882bf9605d76bea421aa0bd4e628
Validity
Not Before: Jan 1 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b5f417783646e9914776cdd439f0e040637ce27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:aa:82:66:42:74:bd:99:e8:56:be:85:3d:91:
fe:dc:66:a0:22:7b:14:7f:62:e3:d9:09:c2:52:63:
70:3b:4a:7a:a8:9c:95:05:3d:b7:d0:b4:28:8d:48:
e1:91:51:e9:81:e5:f9:34:12:15:dc:e7:b2:2e:bb:
73:0a:35:52:a7:ae:2e:ac:35:01:a2:89:a7:19:29:
2e:c6:5b:dc:5b:0c:25:74:0c:13:c6:cd:e8:81:c5:
23:99:d1:43:7b:eb:bb:57:7f:b0:1d:23:ae:a8:cd:
93:e0:89:6d:48:27:ae:45:37:44:e0:00:4e:7a:74:
23:5d:54:38:22:66:83:66:41:5d:ed:20:ae:94:b4:
3b:28:03:ac:23:57:75:d1:b4:f6:a9:91:45:b6:61:
02:94:cb:65:a8:02:ed:df:2c:0f:98:c9:3d:92:ad:
8e:dc:d6:9e:ad:64:5a:0a:4e:e6:d4:b2:88:20:79:
71:d1:bd:6a:3d:da:a2:56:e1:d4:8a:b7:18:8f:bf:
29:0a:59:e8:0f:87:3f:ed:e3:13:2d:31:e3:8d:4a:
08:f7:56:2a:2f:e5:ec:53:20:23:01:04:eb:16:cc:
86:44:47:7e:78:ca:22:e7:f3:26:89:9f:d9:0c:57:
97:62:f2:56:33:dc:07:6c:78:29:6b:cf:13:f2:79:
8b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:5F:41:77:83:64:6E:99:14:77:6C:DD:43:9F:0E:04:06:37:CE:27
X509v3 Authority Key Identifier:
keyid:E4:3F:91:B0:21:52:88:2B:F9:60:5D:76:BE:A4:21:AA:0B:D4:E6:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D-RsCFSiCv5YF12vqQhqgvU5ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/W19Bd4NkbpkUd2zdQ58OBAY3zic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/334c56-2e69-4da2-b01d-030802641c67/1/5D-RsCFSiCv5YF12vqQhqgvU5ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.116.0/24
IPv6:
2a11:e340::/29
Signature Algorithm: sha256WithRSAEncryption
23:a5:c4:d1:dd:db:9d:9a:3b:7f:c9:79:e6:9d:57:a5:25:a3:
fd:86:c6:d4:c0:4d:d7:4f:e6:b2:54:81:23:59:f0:a6:0d:86:
e9:b5:d1:35:63:16:47:aa:de:54:b1:4f:c7:5b:35:9d:1c:4e:
bb:33:97:6a:f9:aa:5f:66:0d:e7:42:0a:35:a7:37:91:3f:dc:
29:6f:59:38:24:72:b7:48:5e:4e:81:35:52:1d:9d:d7:65:81:
99:72:8e:96:03:c3:ca:c9:07:13:e0:f1:76:fc:ba:eb:33:c2:
75:e4:32:d4:fe:c6:78:0f:63:d5:bd:b3:33:f3:f7:ee:8e:77:
28:6a:9e:d2:d4:f9:a7:e6:50:4b:ea:26:43:6a:84:8a:f4:c0:
c0:2a:df:23:33:83:2b:c0:91:e3:23:54:2d:40:2a:67:08:30:
0f:a9:4e:b1:dc:bf:78:c1:e8:8e:b4:45:51:66:25:ed:ab:db:
f5:42:da:bc:6a:26:89:af:2e:07:89:67:57:07:be:d5:5d:a0:
f2:ef:3c:5e:51:83:7a:74:f0:75:9e:93:5d:24:36:b6:22:a8:
66:04:79:eb:d1:d6:75:dd:ff:3a:99:ea:a1:16:99:c1:46:5c:
03:da:18:26:0b:46:7a:96:bd:12:3b:5f:be:d9:19:6b:b2:a0:
f3:18:a4:47
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2yWsSkWDxxAUvXSzfEb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2Y5MWIwMjE1Mjg4MmJmOTYwNWQ3NmJlYTQyMWFhMGJk
NGU2MjgwHhcNMjQwMTAxMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjVmNDE3NzgzNjQ2ZTk5MTQ3NzZjZGQ0MzlmMGUwNDA2MzdjZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KqCZkJ0vZnoVr6FPZH+3GagInsU
f2Lj2QnCUmNwO0p6qJyVBT230LQojUjhkVHpgeX5NBIV3OeyLrtzCjVSp64urDUB
oomnGSkuxlvcWwwldAwTxs3ogcUjmdFDe+u7V3+wHSOuqM2T4IltSCeuRTdE4ABO
enQjXVQ4ImaDZkFd7SCulLQ7KAOsI1d10bT2qZFFtmEClMtlqALt3ywPmMk9kq2O
3NaerWRaCk7m1LKIIHlx0b1qPdqiVuHUircYj78pClnoD4c/7eMTLTHjjUoI91Yq
L+XsUyAjAQTrFsyGREd+eMoi5/MmiZ/ZDFeXYvJWM9wHbHgpa88T8nmLIwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFtfQXeDZG6ZFHds3UOfDgQGN84nMB8GA1UdIwQY
MBaAFOQ/kbAhUogr+WBddr6kIaoL1OYoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQtUnNDRlNpQ3Y1WUYxMnZxUWhxZ3ZVNWlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8zMzRjNTYtMmU2OS00ZGEyLWIwMWQt
MDMwODAyNjQxYzY3LzEvVzE5QmQ0TmticGtVZDJ6ZFE1OE9CQVkzemljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8zMzRjNTYtMmU2OS00ZGEyLWIwMWQtMDMwODAyNjQxYzY3
LzEvNUQtUnNDRlNpQ3Y1WUYxMnZxUWhxZ3ZVNWlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaN0MA0E
AgACMAcDBQMqEeNAMA0GCSqGSIb3DQEBCwUAA4IBAQAjpcTR3dudmjt/yXnmnVel
JaP9hsbUwE3XT+ayVIEjWfCmDYbptdE1YxZHqt5UsU/HWzWdHE67M5dq+apfZg3n
Qgo1pzeRP9wpb1k4JHK3SF5OgTVSHZ3XZYGZco6WA8PKyQcT4PF2/LrrM8J15DLU
/sZ4D2PVvbMz8/fujncoap7S1Pmn5lBL6iZDaoSK9MDAKt8jM4MrwJHjI1QtQCpn
CDAPqU6x3L94weiOtEVRZiXtq9v1Qtq8aiaJry4HiWdXB77VXaDy7zxeUYN6dPB1
npNdJDa2IqhmBHnr0dZ13f86meqhFpnBRlwD2hgmC0Z6lr0SO1++2RlrsqDzGKRH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:49 2025 by rpki-client