Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/cb2bdd-3291-40af-8a88-5e9787b6aeaa/1/v1OZKqKeKnD9YzQG4YTskunCTAQ.roa
File: v1OZKqKeKnD9YzQG4YTskunCTAQ.roa (raw, json)
Hash identifier: Nu/2Ct6HqNmBA+/nrHF6qOGNGFwo0KXfl4cwoXja6NY=
Subject key identifier: BF:53:99:2A:A2:9E:2A:70:FD:63:34:06:E1:84:EC:92:E9:C2:4C:04
Certificate issuer: /CN=50542fba0c17b4391e3296c434b5fff23a829b6e
Certificate serial: 019425217219B8EB56D0C1283E53BAA24FB8
Authority key identifier: 50:54:2F:BA:0C:17:B4:39:1E:32:96:C4:34:B5:FF:F2:3A:82:9B:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFQvugwXtDkeMpbENLX_8jqCm24.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/cb2bdd-3291-40af-8a88-5e9787b6aeaa/1/v1OZKqKeKnD9YzQG4YTskunCTAQ.roa
Signing time: Thu 02 Jan 2025 03:48:56 +0000
ROA not before: Thu 02 Jan 2025 03:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200404
IP address blocks: 194.37.93.0/24 maxlen: 24
194.37.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 09:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:72:19:b8:eb:56:d0:c1:28:3e:53:ba:a2:4f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50542fba0c17b4391e3296c434b5fff23a829b6e
Validity
Not Before: Jan 2 03:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf53992aa29e2a70fd633406e184ec92e9c24c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:10:8b:65:0b:ba:06:17:c5:b1:ae:f6:94:d0:
2d:86:63:82:8e:6b:22:b2:61:9f:fd:ec:48:26:ad:
ac:cd:69:02:13:9b:49:5a:c7:f4:ff:f5:74:dc:43:
c5:6b:62:ea:2f:dc:ea:98:03:42:27:72:d0:6b:94:
39:bf:23:26:6b:88:ee:92:54:9f:03:dc:15:3a:05:
75:28:5f:20:13:9d:c7:7b:04:84:45:65:65:a7:46:
9a:eb:f1:93:34:41:25:33:ec:da:94:62:ad:bc:31:
03:79:bc:f7:40:70:46:c9:60:bc:9a:e7:93:f9:6f:
ab:e0:02:a8:b0:e9:58:d4:dc:07:88:01:2c:1c:2b:
a1:b0:f3:be:36:3e:9a:5c:42:16:5c:ba:a7:df:f5:
a9:75:88:74:0a:82:18:e0:24:46:fb:48:43:99:7a:
95:a5:67:be:9b:4b:82:61:c8:74:52:49:fa:d2:4b:
85:05:0c:9d:0d:f3:c4:6e:40:96:27:63:e3:d9:7d:
45:47:e9:ea:a9:7d:01:c8:d2:c8:25:df:e6:cd:bb:
25:94:ff:6a:c4:cc:b7:e8:94:b6:22:62:d5:41:e7:
86:d6:bd:46:a8:c0:dd:5e:87:90:56:c2:35:b1:fd:
f3:04:2e:36:25:20:5b:c1:23:a4:6b:92:8a:04:43:
5e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:53:99:2A:A2:9E:2A:70:FD:63:34:06:E1:84:EC:92:E9:C2:4C:04
X509v3 Authority Key Identifier:
keyid:50:54:2F:BA:0C:17:B4:39:1E:32:96:C4:34:B5:FF:F2:3A:82:9B:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFQvugwXtDkeMpbENLX_8jqCm24.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/cb2bdd-3291-40af-8a88-5e9787b6aeaa/1/v1OZKqKeKnD9YzQG4YTskunCTAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/cb2bdd-3291-40af-8a88-5e9787b6aeaa/1/UFQvugwXtDkeMpbENLX_8jqCm24.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.37.93.0/24
194.37.95.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:66:d6:e1:58:e5:e3:e7:93:44:08:f9:d6:fe:18:55:cf:ef:
19:66:5a:1a:0c:ea:4b:35:81:87:ec:bb:88:62:3d:5a:48:39:
f3:af:7a:48:bf:58:3c:3e:8d:f4:f9:76:93:94:dd:bb:e9:19:
42:24:ae:da:16:19:6d:bf:8f:87:57:d2:dc:b3:18:e4:d1:d3:
26:b0:23:f5:bc:36:e8:b4:10:bf:f3:8e:a4:9e:e7:52:58:53:
1c:29:a2:28:04:ff:d4:cb:38:d7:1a:63:6a:c6:f7:26:51:47:
ca:52:21:bd:6d:c9:45:69:09:c2:39:b8:00:5e:03:23:f2:77:
0a:d3:f8:2e:cc:84:12:76:83:f1:18:35:3d:25:1e:16:a1:0f:
81:2d:ef:bc:82:e6:e8:04:59:bf:9a:45:49:ca:77:b3:ee:a4:
1d:e6:69:b7:04:79:bc:47:f0:63:1a:7c:6a:70:a6:41:76:ae:
40:81:eb:6d:3a:4c:4b:43:72:59:bf:37:cb:c7:d7:9d:13:e9:
35:70:0f:d4:73:52:3f:f8:39:29:50:6f:2f:28:fa:8e:9a:35:
d2:e4:e1:f7:c7:2d:aa:0a:c4:bc:1f:e7:44:86:27:0a:ec:f6:
94:76:98:89:9c:ef:72:ca:0e:42:ac:19:17:71:eb:04:64:17:
96:5f:4a:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIXIZuOtW0MEoPlO6ok+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTQyZmJhMGMxN2I0MzkxZTMyOTZjNDM0YjVmZmYyM2E4
MjliNmUwHhcNMjUwMTAyMDM0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjUzOTkyYWEyOWUyYTcwZmQ2MzM0MDZlMTg0ZWM5MmU5YzI0YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxCLZQu6BhfFsa72lNAthmOCjmsi
smGf/exIJq2szWkCE5tJWsf0//V03EPFa2LqL9zqmANCJ3LQa5Q5vyMma4juklSf
A9wVOgV1KF8gE53HewSERWVlp0aa6/GTNEElM+zalGKtvDEDebz3QHBGyWC8mueT
+W+r4AKosOlY1NwHiAEsHCuhsPO+Nj6aXEIWXLqn3/WpdYh0CoIY4CRG+0hDmXqV
pWe+m0uCYch0Ukn60kuFBQydDfPEbkCWJ2Pj2X1FR+nqqX0ByNLIJd/mzbsllP9q
xMy36JS2ImLVQeeG1r1GqMDdXoeQVsI1sf3zBC42JSBbwSOka5KKBENeVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL9TmSqinipw/WM0BuGE7JLpwkwEMB8GA1UdIwQY
MBaAFFBUL7oMF7Q5HjKWxDS1//I6gptuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZRdnVnd1h0RGtlTXBiRU5MWF84anFDbTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jYjJiZGQtMzI5MS00MGFmLThhODgt
NWU5Nzg3YjZhZWFhLzEvdjFPWktxS2VLbkQ5WXpRRzRZVHNrdW5DVEFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9jYjJiZGQtMzI5MS00MGFmLThhODgtNWU5Nzg3YjZhZWFh
LzEvVUZRdnVnd1h0RGtlTXBiRU5MWF84anFDbTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwiVdAwQA
wiVfMA0GCSqGSIb3DQEBCwUAA4IBAQA9ZtbhWOXj55NECPnW/hhVz+8ZZloaDOpL
NYGH7LuIYj1aSDnzr3pIv1g8Po30+XaTlN276RlCJK7aFhltv4+HV9Lcsxjk0dMm
sCP1vDbotBC/846knudSWFMcKaIoBP/UyzjXGmNqxvcmUUfKUiG9bclFaQnCObgA
XgMj8ncK0/guzIQSdoPxGDU9JR4WoQ+BLe+8guboBFm/mkVJynez7qQd5mm3BHm8
R/BjGnxqcKZBdq5AgettOkxLQ3JZvzfLx9edE+k1cA/Uc1I/+DkpUG8vKPqOmjXS
5OH3xy2qCsS8H+dEhicK7PaUdpiJnO9yyg5CrBkXcesEZBeWX0qW
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:52:14 2025 by rpki-client