Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/_qbDyQ6dzlkSGdl6USHWcM-rat4.roa
File: _qbDyQ6dzlkSGdl6USHWcM-rat4.roa (raw, json)
Hash identifier: f4Odvp26XnT4rEqNPqXxa7Z3Yb7TbN3x8P+5HxBXtmY=
Subject key identifier: FE:A6:C3:C9:0E:9D:CE:59:12:19:D9:7A:51:21:D6:70:CF:AB:6A:DE
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 018CC348A67A0CC7F75E7E176796C00AA90A
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/_qbDyQ6dzlkSGdl6USHWcM-rat4.roa
Signing time: Mon 01 Jan 2024 04:29:27 +0000
ROA not before: Mon 01 Jan 2024 04:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12908
IP address blocks: 193.255.134.0/24 maxlen: 24
193.255.134.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a6:7a:0c:c7:f7:5e:7e:17:67:96:c0:0a:a9:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 04:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fea6c3c90e9dce591219d97a5121d670cfab6ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8e:16:5d:fc:d2:d0:e5:0e:01:19:e9:a0:91:
8f:8f:92:13:cd:6c:0e:14:54:4c:46:28:fa:65:3d:
a5:57:9a:10:2c:bb:ca:90:4d:c3:d6:c4:04:9e:4b:
1c:fb:e1:c7:7c:4e:08:8a:93:e9:13:b9:d6:8c:2a:
f8:17:86:98:32:7a:a1:fa:84:53:75:69:bc:c8:6a:
39:63:ca:73:1d:0f:65:47:58:c6:02:7a:52:3f:13:
ba:95:f3:cc:29:da:fd:77:c3:13:44:43:73:3b:8b:
94:0c:6a:8b:c7:cb:f2:ca:80:e4:3f:41:c4:ff:88:
e6:aa:5c:6f:df:22:cd:cc:c1:5a:d9:26:e4:a2:a8:
1c:d7:fe:f3:95:de:17:2e:55:59:4a:ca:a8:26:39:
8c:a4:84:e1:43:17:b8:5a:36:7e:4d:e1:94:e4:52:
56:18:91:0b:2a:02:29:43:35:1c:50:4f:5e:0b:ac:
fe:3a:eb:29:55:b3:51:1c:f3:61:f5:6b:6d:42:96:
e6:17:c6:c7:11:cd:8c:9c:a3:34:d8:cb:ac:fc:7e:
ed:f6:54:b0:34:db:13:92:72:dd:36:58:4b:15:d3:
64:a0:07:26:e7:3f:b8:6e:ff:a2:8d:a3:e4:85:f2:
92:fb:c3:14:34:a5:25:62:68:a5:93:ef:1b:27:19:
93:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:A6:C3:C9:0E:9D:CE:59:12:19:D9:7A:51:21:D6:70:CF:AB:6A:DE
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/_qbDyQ6dzlkSGdl6USHWcM-rat4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.255.134.0/23
Signature Algorithm: sha256WithRSAEncryption
21:0d:64:c1:92:39:10:7c:5d:76:d6:e6:2e:04:58:4c:f1:3c:
57:33:d8:cd:88:de:a8:01:47:30:7a:69:1f:c8:09:8d:4f:ba:
62:7e:6d:0b:bc:72:4d:d0:f0:a8:da:28:59:71:2f:11:15:71:
ea:02:32:6c:d3:32:d9:f9:8d:1c:c6:88:9e:e5:16:0b:1a:04:
dd:78:2d:51:e6:1e:53:9f:0e:12:f3:87:77:ec:0d:ea:8f:f0:
2f:77:cd:3e:59:18:33:f6:e1:fa:15:42:d8:af:b1:a1:99:9e:
85:e1:58:71:c0:ca:47:f2:21:35:06:db:71:8c:64:3b:dc:a5:
8d:26:63:ac:e8:b5:a5:06:97:8c:8a:74:b3:4e:13:9f:27:08:
6d:6d:de:1f:a4:b4:6f:7e:27:8c:ac:5c:26:97:e9:50:71:a7:
d3:ab:27:6a:29:34:2b:1f:5a:10:a9:a7:42:d0:24:60:5d:47:
32:5b:19:19:e6:70:d4:1a:95:c1:16:3c:7c:fb:cd:9a:e2:b4:
3f:b7:38:bd:60:ee:1f:30:3e:8a:1a:3f:e5:24:d5:df:f4:20:
0e:71:29:ae:c2:fc:ab:88:0d:35:4e:2e:27:58:32:63:46:6c:
38:8b:69:16:ef:70:0c:29:9b:e5:8e:e0:9c:80:ac:fe:e4:a4:
56:8e:0c:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSKZ6DMf3Xn4XZ5bACqkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjQwMTAxMDQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWE2YzNjOTBlOWRjZTU5MTIxOWQ5N2E1MTIxZDY3MGNmYWI2YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI4WXfzS0OUOARnpoJGPj5ITzWwO
FFRMRij6ZT2lV5oQLLvKkE3D1sQEnksc++HHfE4IipPpE7nWjCr4F4aYMnqh+oRT
dWm8yGo5Y8pzHQ9lR1jGAnpSPxO6lfPMKdr9d8MTRENzO4uUDGqLx8vyyoDkP0HE
/4jmqlxv3yLNzMFa2Sbkoqgc1/7zld4XLlVZSsqoJjmMpIThQxe4WjZ+TeGU5FJW
GJELKgIpQzUcUE9eC6z+OuspVbNRHPNh9WttQpbmF8bHEc2MnKM02Mus/H7t9lSw
NNsTknLdNlhLFdNkoAcm5z+4bv+ijaPkhfKS+8MUNKUlYmilk+8bJxmTyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP6mw8kOnc5ZEhnZelEh1nDPq2reMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvX3FiRHlRNmR6bGtTR2RsNlVTSFdjTS1yYXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwf+GMA0G
CSqGSIb3DQEBCwUAA4IBAQAhDWTBkjkQfF121uYuBFhM8TxXM9jNiN6oAUcwemkf
yAmNT7pifm0LvHJN0PCo2ihZcS8RFXHqAjJs0zLZ+Y0cxoie5RYLGgTdeC1R5h5T
nw4S84d37A3qj/Avd80+WRgz9uH6FULYr7GhmZ6F4VhxwMpH8iE1BttxjGQ73KWN
JmOs6LWlBpeMinSzThOfJwhtbd4fpLRvfieMrFwml+lQcafTqydqKTQrH1oQqadC
0CRgXUcyWxkZ5nDUGpXBFjx8+82a4rQ/tzi9YO4fMD6KGj/lJNXf9CAOcSmuwvyr
iA01Ti4nWDJjRmw4i2kW73AMKZvljuCcgKz+5KRWjgxY
-----END CERTIFICATE-----
Generated at Mon Apr 7 21:22:24 2025 by rpki-client