Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/0yewOaJqgqatqN9M2utflrmg4zw.roa
File: 0yewOaJqgqatqN9M2utflrmg4zw.roa (raw, json)
Hash identifier: rd7h1tiWfX4/x8TQEg9lBAN/DL1GtOdn1D4ye3a+wbI=
Subject key identifier: D3:27:B0:39:A2:6A:82:A6:AD:A8:DF:4C:DA:EB:5F:96:B9:A0:E3:3C
Certificate issuer: /CN=ea880bcc302a5dba2c351a6fd39e0a8b3922a535
Certificate serial: 018D7F2F30B1125710EBBFFC90DEB8AB4DA7
Authority key identifier: EA:88:0B:CC:30:2A:5D:BA:2C:35:1A:6F:D3:9E:0A:8B:39:22:A5:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6ogLzDAqXbosNRpv054KizkipTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/0yewOaJqgqatqN9M2utflrmg4zw.roa
Signing time: Tue 06 Feb 2024 16:10:15 +0000
ROA not before: Tue 06 Feb 2024 16:10:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25421
IP address blocks: 193.35.248.0/22 maxlen: 22
193.35.248.0/24 maxlen: 24
193.35.249.0/24 maxlen: 24
193.35.250.0/24 maxlen: 24
193.35.252.0/22 maxlen: 22
193.35.252.0/24 maxlen: 24
193.35.253.0/24 maxlen: 24
193.35.254.0/24 maxlen: 24
193.35.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:2f:30:b1:12:57:10:eb:bf:fc:90:de:b8:ab:4d:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea880bcc302a5dba2c351a6fd39e0a8b3922a535
Validity
Not Before: Feb 6 16:10:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d327b039a26a82a6ada8df4cdaeb5f96b9a0e33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a5:b3:ce:3e:93:39:14:9d:2b:01:8a:20:f2:
12:47:22:d9:fe:8d:a7:33:3b:76:4e:d1:e2:ca:8b:
1c:e1:03:d6:df:29:96:f6:4a:7b:e7:1a:67:13:8a:
08:bf:6d:58:e1:5d:df:34:23:99:8c:b8:ac:e5:76:
5d:5b:c3:1b:cc:78:55:96:14:84:fb:05:d4:1b:38:
ab:ed:e7:42:1f:f2:92:30:8c:79:a2:91:7d:ac:f2:
08:55:9a:b8:92:eb:8a:5d:5a:7a:eb:b0:21:88:53:
a1:ef:a5:43:cf:ee:e3:72:dd:8b:ab:2a:67:1b:2a:
b8:2e:34:f6:ed:07:94:1b:7a:ae:63:02:90:62:d4:
94:33:34:72:2a:8c:16:65:80:2f:da:d6:e8:0e:8f:
2d:83:20:42:ba:da:8c:dc:7c:b7:32:23:ba:7a:cd:
20:17:50:4a:ed:69:75:18:c8:16:80:7e:08:ba:ac:
76:a1:01:01:b3:b1:07:9c:73:8b:3e:db:82:c8:28:
7a:29:28:6a:4f:14:d9:8b:ee:61:f8:01:f3:60:67:
f9:ed:eb:c3:be:5e:e3:81:50:2d:5f:61:68:78:76:
4a:5c:fe:e4:8c:ba:00:c9:26:d0:1b:f7:05:69:5b:
3c:50:7d:77:f5:c6:f7:ed:7b:41:79:ed:e4:82:41:
46:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:27:B0:39:A2:6A:82:A6:AD:A8:DF:4C:DA:EB:5F:96:B9:A0:E3:3C
X509v3 Authority Key Identifier:
keyid:EA:88:0B:CC:30:2A:5D:BA:2C:35:1A:6F:D3:9E:0A:8B:39:22:A5:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6ogLzDAqXbosNRpv054KizkipTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/0yewOaJqgqatqN9M2utflrmg4zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/2b729f-08a7-4c93-8bc9-815c5f2765d0/1/6ogLzDAqXbosNRpv054KizkipTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.248.0/21
Signature Algorithm: sha256WithRSAEncryption
31:31:20:30:e7:a3:6b:b6:5e:2e:ce:a5:12:d2:b2:cb:a1:c7:
39:9b:89:ff:a8:10:44:a4:84:6a:85:11:03:be:ad:5c:5a:96:
09:8a:0c:0f:81:b2:b1:ba:82:9e:ad:5e:37:a3:03:ad:a1:06:
8a:da:4d:27:b9:64:20:fe:6a:36:cc:06:25:b7:29:95:44:e1:
ee:0b:d3:2d:45:78:54:5e:ba:46:d2:bb:bb:79:98:07:2e:fd:
84:9f:eb:34:45:c6:79:d2:70:b2:d3:42:63:a7:18:27:19:6e:
d2:73:ce:de:b0:ab:43:11:a3:c0:80:85:2a:ac:7f:37:ea:6d:
38:df:bf:a9:18:03:c2:2a:3f:4d:7f:d4:ee:a8:e6:be:58:87:
a2:99:c7:81:2d:c9:80:ef:4a:91:78:ba:b5:52:dd:ab:88:0e:
a9:7b:75:c3:12:b1:8c:b6:04:0c:d3:0e:4c:af:59:31:8e:82:
58:da:69:dc:f1:8c:bc:63:83:98:e2:1f:6c:0a:e5:f5:d7:53:
c4:eb:33:72:0b:11:13:b5:b1:b5:9d:88:f5:22:16:64:0f:48:
dd:04:28:a0:00:96:a9:c8:44:d5:eb:64:f3:9f:ae:df:30:33:
68:95:7c:7b:db:cd:6a:e7:3c:b7:66:a6:6c:54:50:24:4a:fa:
f9:c8:bf:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1/LzCxElcQ67/8kN64q02nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhODgwYmNjMzAyYTVkYmEyYzM1MWE2ZmQzOWUwYThiMzky
MmE1MzUwHhcNMjQwMjA2MTYxMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzI3YjAzOWEyNmE4MmE2YWRhOGRmNGNkYWViNWY5NmI5YTBlMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKWzzj6TORSdKwGKIPISRyLZ/o2n
Mzt2TtHiyosc4QPW3ymW9kp75xpnE4oIv21Y4V3fNCOZjLis5XZdW8MbzHhVlhSE
+wXUGzir7edCH/KSMIx5opF9rPIIVZq4kuuKXVp667AhiFOh76VDz+7jct2Lqypn
Gyq4LjT27QeUG3quYwKQYtSUMzRyKowWZYAv2tboDo8tgyBCutqM3Hy3MiO6es0g
F1BK7Wl1GMgWgH4Iuqx2oQEBs7EHnHOLPtuCyCh6KShqTxTZi+5h+AHzYGf57evD
vl7jgVAtX2FoeHZKXP7kjLoAySbQG/cFaVs8UH139cb37XtBee3kgkFGJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMnsDmiaoKmrajfTNrrX5a5oOM8MB8GA1UdIwQY
MBaAFOqIC8wwKl26LDUab9OeCos5IqU1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNm9nTHpEQXFYYm9zTlJwdjA1NEtpemtpcFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yYjcyOWYtMDhhNy00YzkzLThiYzkt
ODE1YzVmMjc2NWQwLzEvMHlld09hSnFncWF0cU45TTJ1dGZscm1nNHp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yYjcyOWYtMDhhNy00YzkzLThiYzktODE1YzVmMjc2NWQw
LzEvNm9nTHpEQXFYYm9zTlJwdjA1NEtpemtpcFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwSP4MA0G
CSqGSIb3DQEBCwUAA4IBAQAxMSAw56Nrtl4uzqUS0rLLocc5m4n/qBBEpIRqhRED
vq1cWpYJigwPgbKxuoKerV43owOtoQaK2k0nuWQg/mo2zAYltymVROHuC9MtRXhU
XrpG0ru7eZgHLv2En+s0RcZ50nCy00JjpxgnGW7Sc87esKtDEaPAgIUqrH836m04
37+pGAPCKj9Nf9TuqOa+WIeimceBLcmA70qReLq1Ut2riA6pe3XDErGMtgQM0w5M
r1kxjoJY2mnc8Yy8Y4OY4h9sCuX111PE6zNyCxETtbG1nYj1IhZkD0jdBCigAJap
yETV62Tzn67fMDNolXx7281q5zy3ZqZsVFAkSvr5yL+/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:18 2025 by rpki-client