Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/J22rva46d9b4wbv-anwRtY-Aq2o.roa
File: J22rva46d9b4wbv-anwRtY-Aq2o.roa (raw, json)
Hash identifier: mURWgZd+OUh0Tqcz1pS1zLRXgorBIFJ+tDvDDRGn4X0=
Subject key identifier: 27:6D:AB:BD:AE:3A:77:D6:F8:C1:BB:FE:6A:7C:11:B5:8F:80:AB:6A
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 018CCA99DBD2B1E19F768801BBD597D836FC
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/J22rva46d9b4wbv-anwRtY-Aq2o.roa
Signing time: Tue 02 Jan 2024 14:35:30 +0000
ROA not before: Tue 02 Jan 2024 14:35:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2541
IP address blocks: 193.169.145.0/24 maxlen: 24
193.169.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:db:d2:b1:e1:9f:76:88:01:bb:d5:97:d8:36:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Jan 2 14:35:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=276dabbdae3a77d6f8c1bbfe6a7c11b58f80ab6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d8:54:cd:e9:b8:7b:57:4b:47:68:b4:6a:db:
b1:0c:d1:57:73:e2:11:da:7e:d9:c9:fc:e8:24:1c:
59:a5:d6:4c:7f:31:37:2a:3e:be:1e:e4:25:0b:be:
6c:2e:57:5b:ea:35:07:ea:62:9a:24:38:41:4a:70:
02:4d:e8:25:50:15:7e:51:b2:9e:0e:2f:95:53:2b:
a2:e4:dc:cd:10:51:fd:a9:2b:97:ad:43:6b:be:5a:
f6:ca:c0:6e:19:32:4d:04:23:01:57:bd:cb:21:7a:
39:d4:95:14:69:9f:1b:79:74:95:2c:44:74:6c:d6:
8d:39:db:47:cf:51:ca:c2:38:52:e1:a2:ec:40:87:
79:c4:72:52:75:c4:92:94:ff:ee:e1:60:d8:2f:f8:
25:fe:8f:c8:c2:eb:ed:60:f9:9b:55:60:62:20:f5:
20:f5:1c:b3:88:88:f2:c6:f5:98:eb:ae:06:c5:2f:
8b:fd:f0:c1:56:71:f7:17:0b:4c:af:26:97:f9:e4:
c6:e8:ac:6b:20:4a:17:d7:75:8f:b1:a5:47:0e:0b:
80:9b:50:bd:da:e6:bd:ca:3d:e0:e6:08:1e:01:b5:
e6:4a:06:01:cb:23:b6:32:44:fc:7f:80:66:8a:47:
03:09:81:ae:cb:95:38:18:d3:cc:2a:a9:d2:cc:36:
3c:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6D:AB:BD:AE:3A:77:D6:F8:C1:BB:FE:6A:7C:11:B5:8F:80:AB:6A
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/J22rva46d9b4wbv-anwRtY-Aq2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.144.0/23
Signature Algorithm: sha256WithRSAEncryption
49:8c:99:55:e8:cf:3e:94:a2:ac:70:1b:34:8d:35:2d:d4:04:
30:14:14:68:93:d2:f2:d4:37:8e:8a:1d:2d:0a:a9:74:df:44:
09:61:4e:0f:45:94:35:e7:e1:d9:33:ff:c6:87:2b:ae:b7:bc:
83:6c:d2:6d:2f:0f:02:46:ba:3f:55:c5:d2:5c:97:04:d0:e6:
29:02:cc:a8:2b:b8:ce:5c:88:f3:9f:76:63:e8:0c:7e:de:95:
bb:aa:37:7e:c4:c9:22:40:de:18:9b:db:1b:ab:59:ac:82:e8:
b2:ba:29:b6:14:0a:3b:a2:f6:a9:38:66:79:25:1a:ab:21:bb:
01:d0:40:8c:40:d3:18:c9:cd:37:31:ee:ea:75:0b:40:d0:25:
b0:fa:82:47:70:8c:fc:8a:aa:7d:6f:38:75:0c:1d:a0:24:a0:
7e:a1:6f:8b:fd:97:92:0d:5d:e5:91:c8:f8:e7:ca:5c:dd:bf:
0f:31:c7:90:a1:1f:ef:17:20:04:10:40:5a:8e:7a:59:9d:e7:
fd:98:b7:f3:57:e6:e9:f6:7a:5f:86:84:d1:43:78:27:c3:e2:
1c:54:53:ea:e1:af:80:b0:02:cc:91:be:10:67:43:a1:95:73:
86:a5:fe:84:6e:3a:26:97:de:28:27:f6:5b:2f:98:58:d7:aa:
0e:85:20:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmdvSseGfdogBu9WX2Db8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjQwMTAyMTQzNTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzZkYWJiZGFlM2E3N2Q2ZjhjMWJiZmU2YTdjMTFiNThmODBhYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnthUzem4e1dLR2i0atuxDNFXc+IR
2n7ZyfzoJBxZpdZMfzE3Kj6+HuQlC75sLldb6jUH6mKaJDhBSnACTeglUBV+UbKe
Di+VUyui5NzNEFH9qSuXrUNrvlr2ysBuGTJNBCMBV73LIXo51JUUaZ8beXSVLER0
bNaNOdtHz1HKwjhS4aLsQId5xHJSdcSSlP/u4WDYL/gl/o/IwuvtYPmbVWBiIPUg
9RyziIjyxvWY664GxS+L/fDBVnH3FwtMryaX+eTG6KxrIEoX13WPsaVHDguAm1C9
2ua9yj3g5ggeAbXmSgYByyO2MkT8f4BmikcDCYGuy5U4GNPMKqnSzDY8kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdtq72uOnfW+MG7/mp8EbWPgKtqMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvSjIycnZhNDZkOWI0d2J2LWFud1J0WS1BcTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwamQMA0G
CSqGSIb3DQEBCwUAA4IBAQBJjJlV6M8+lKKscBs0jTUt1AQwFBRok9Ly1DeOih0t
Cql030QJYU4PRZQ15+HZM//Ghyuut7yDbNJtLw8CRro/VcXSXJcE0OYpAsyoK7jO
XIjzn3Zj6Ax+3pW7qjd+xMkiQN4Ym9sbq1msguiyuim2FAo7ovapOGZ5JRqrIbsB
0ECMQNMYyc03Me7qdQtA0CWw+oJHcIz8iqp9bzh1DB2gJKB+oW+L/ZeSDV3lkcj4
58pc3b8PMceQoR/vFyAEEEBajnpZnef9mLfzV+bp9npfhoTRQ3gnw+IcVFPq4a+A
sALMkb4QZ0OhlXOGpf6Ebjoml94oJ/ZbL5hY16oOhSC1
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:52:41 2025 by rpki-client