Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/1qVoF2zrb8y6MmrAvIveUq0NO9k.roa
File: 1qVoF2zrb8y6MmrAvIveUq0NO9k.roa (raw, json)
Hash identifier: +KYsIcNnG2AL2nQz+YxnekV2ihUonhvuHF/K/h7hfqg=
Subject key identifier: D6:A5:68:17:6C:EB:6F:CC:BA:32:6A:C0:BC:8B:DE:52:AD:0D:3B:D9
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 018CC348A45CC0EBAEA12929D440B13D0164
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/1qVoF2zrb8y6MmrAvIveUq0NO9k.roa
Signing time: Mon 01 Jan 2024 04:29:26 +0000
ROA not before: Mon 01 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5474
IP address blocks: 193.140.111.0/24 maxlen: 24
193.140.108.0/24 maxlen: 24
193.140.109.0/24 maxlen: 24
193.140.110.0/24 maxlen: 24
2001:a98:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a4:5c:c0:eb:ae:a1:29:29:d4:40:b1:3d:01:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6a568176ceb6fccba326ac0bc8bde52ad0d3bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:88:de:f9:79:f3:86:99:8c:c0:5e:89:d7:5d:
fa:af:a9:c0:59:11:f9:5a:02:02:00:19:b1:59:2b:
19:b6:f6:10:e5:33:e9:d6:44:99:bd:2a:8d:d9:f9:
7c:64:38:2b:42:70:50:cc:2d:54:5c:15:bb:08:88:
fe:7e:7f:73:61:0d:ef:53:8b:65:2d:38:b3:03:3b:
d4:cb:8f:7d:76:52:57:93:6a:52:8a:43:d2:cb:98:
79:32:92:41:a0:27:32:27:35:1b:ce:92:cb:b8:9b:
a2:a7:29:bf:42:2e:e0:ad:fe:ce:30:e6:e2:cf:b7:
80:10:36:ac:fd:54:35:e8:b4:35:7e:41:7f:88:77:
e5:5e:74:e1:76:2c:70:56:03:12:61:ce:b7:aa:54:
35:ac:39:7e:81:56:b3:d4:9b:2e:4c:33:e6:b2:b0:
99:ae:91:53:0c:f7:de:52:aa:b2:aa:0d:45:e1:d6:
84:7b:5a:c6:af:0f:c6:b5:80:68:58:74:00:c1:12:
40:90:4d:52:cc:b0:d5:7c:54:b4:f4:a5:74:42:4b:
ba:f0:25:22:51:01:a9:8c:d4:a2:2d:cd:dc:5f:28:
37:d8:0e:29:db:17:a6:67:09:9e:b9:03:4d:6c:4f:
e6:bf:e8:09:43:69:81:d1:40:19:53:ce:4e:bd:dd:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A5:68:17:6C:EB:6F:CC:BA:32:6A:C0:BC:8B:DE:52:AD:0D:3B:D9
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/1qVoF2zrb8y6MmrAvIveUq0NO9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.140.108.0/22
IPv6:
2001:a98:100::/48
Signature Algorithm: sha256WithRSAEncryption
9d:f1:8f:9a:3b:d1:f3:3e:01:d8:b1:e5:13:f7:2c:8d:92:d7:
c2:93:2f:13:4c:f2:75:bb:67:b0:32:ec:c0:37:ab:4c:54:39:
2e:63:5c:8b:15:40:53:47:ff:09:d8:7a:fe:3c:bc:83:88:3d:
1d:57:ed:3c:7b:81:b0:71:e2:c2:57:b5:74:a2:26:b9:ba:53:
2a:34:86:2d:d5:ad:aa:dd:57:8e:f0:46:54:87:7d:84:74:12:
c8:58:86:9d:d8:23:0a:1e:7f:1b:10:c9:de:fe:ab:7e:f3:91:
ca:5a:ce:dc:08:2c:a0:cc:1a:45:e9:fe:67:0a:21:6b:84:84:
19:9b:19:ce:98:c0:26:e6:a0:ef:0e:d6:d5:be:50:a8:a7:03:
16:e6:e0:43:53:22:ca:dd:4a:0c:f4:94:1f:51:0b:83:99:8e:
18:44:cb:47:ac:f0:e8:0d:b2:53:f9:55:61:c0:a6:39:1e:42:
1e:a1:8b:4a:f8:29:dd:91:aa:30:7d:f3:bc:98:95:88:46:aa:
52:31:ae:35:1c:51:71:81:e5:f3:d1:02:d6:65:39:ef:75:3e:
bd:c0:23:ed:26:59:f9:89:77:b1:ce:8a:53:0e:0f:a8:36:3b:
49:84:be:5f:f5:3d:c4:d0:41:27:61:cc:07:11:e7:3f:86:f4:
fd:58:7f:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDSKRcwOuuoSkp1ECxPQFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjQwMTAxMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE1NjgxNzZjZWI2ZmNjYmEzMjZhYzBiYzhiZGU1MmFkMGQzYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4je+XnzhpmMwF6J1136r6nAWRH5
WgICABmxWSsZtvYQ5TPp1kSZvSqN2fl8ZDgrQnBQzC1UXBW7CIj+fn9zYQ3vU4tl
LTizAzvUy499dlJXk2pSikPSy5h5MpJBoCcyJzUbzpLLuJuipym/Qi7grf7OMObi
z7eAEDas/VQ16LQ1fkF/iHflXnThdixwVgMSYc63qlQ1rDl+gVaz1JsuTDPmsrCZ
rpFTDPfeUqqyqg1F4daEe1rGrw/GtYBoWHQAwRJAkE1SzLDVfFS09KV0Qku68CUi
UQGpjNSiLc3cXyg32A4p2xemZwmeuQNNbE/mv+gJQ2mB0UAZU85Ovd19FwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNalaBds62/MujJqwLyL3lKtDTvZMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvMXFWb0YyenJiOHk2TW1yQXZJdmVVcTBOTzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwYxsMA8E
AgACMAkDBwAgAQqYAQAwDQYJKoZIhvcNAQELBQADggEBAJ3xj5o70fM+Adix5RP3
LI2S18KTLxNM8nW7Z7Ay7MA3q0xUOS5jXIsVQFNH/wnYev48vIOIPR1X7Tx7gbBx
4sJXtXSiJrm6Uyo0hi3VrardV47wRlSHfYR0EshYhp3YIwoefxsQyd7+q37zkcpa
ztwILKDMGkXp/mcKIWuEhBmbGc6YwCbmoO8O1tW+UKinAxbm4ENTIsrdSgz0lB9R
C4OZjhhEy0es8OgNslP5VWHApjkeQh6hi0r4Kd2RqjB987yYlYhGqlIxrjUcUXGB
5fPRAtZlOe91Pr3AI+0mWfmJd7HOilMOD6g2O0mEvl/1PcTQQSdhzAcR5z+G9P1Y
f24=
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:22:24 2025 by rpki-client