Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/30a55d-9959-48e8-9a81-9ab0ff870d23/1/xw9xWfbFVe-THlZGUD5uKUVg6pc.roa
File: xw9xWfbFVe-THlZGUD5uKUVg6pc.roa (raw, json)
Hash identifier: nO+vVjgmgGIEvSe01qJIBUbXNJURrP3ZKx0r944Woac=
Subject key identifier: C7:0F:71:59:F6:C5:55:EF:93:1E:56:46:50:3E:6E:29:45:60:EA:97
Certificate issuer: /CN=fb3d90a489e2d49c564e08a3a2f3445fb2c8d404
Certificate serial: 018CC56E252896C5C8744E41B1867ABF3CD1
Authority key identifier: FB:3D:90:A4:89:E2:D4:9C:56:4E:08:A3:A2:F3:44:5F:B2:C8:D4:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-z2QpIni1JxWTgijovNEX7LI1AQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/30a55d-9959-48e8-9a81-9ab0ff870d23/1/xw9xWfbFVe-THlZGUD5uKUVg6pc.roa
Signing time: Mon 01 Jan 2024 14:29:39 +0000
ROA not before: Mon 01 Jan 2024 14:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51050
IP address blocks: 193.38.140.0/23 maxlen: 23
193.39.6.0/23 maxlen: 23
2a0f:b580::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:25:28:96:c5:c8:74:4e:41:b1:86:7a:bf:3c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb3d90a489e2d49c564e08a3a2f3445fb2c8d404
Validity
Not Before: Jan 1 14:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c70f7159f6c555ef931e5646503e6e294560ea97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:68:29:6f:39:41:94:2e:8b:bc:5d:e6:0d:63:
35:fb:31:a2:9b:2c:7b:2c:81:67:5c:88:55:7c:00:
71:01:7a:3e:fc:10:f4:19:fa:a3:97:45:46:f8:86:
50:cb:14:9b:b7:b5:66:78:6c:8c:70:60:62:01:c2:
5b:61:3e:67:b4:fe:9a:04:1d:29:8b:9c:9e:ad:a0:
6a:3f:0a:b4:d2:1b:6d:93:57:09:87:08:ed:68:b8:
6c:a2:e1:d3:e2:e5:29:7c:6c:d6:98:90:57:6f:1b:
92:3c:f4:cf:95:e6:18:9d:1b:af:d9:72:f4:c9:40:
b5:26:49:0a:7c:bb:86:fe:8c:d2:d8:ae:ab:b5:3f:
73:52:72:19:c2:9c:9e:d6:2b:6e:ff:f9:ee:af:ee:
66:26:3b:02:35:ab:26:a9:ea:dc:fe:65:a6:90:83:
1e:a1:aa:91:ec:4d:fb:b3:ec:10:23:32:be:4d:28:
42:be:49:19:7f:3c:2b:dd:95:12:7b:9f:4e:0b:bc:
0f:e3:fc:68:69:5b:ed:91:00:d9:37:06:a6:31:f2:
d0:e8:1c:3d:b0:e6:8d:ae:0c:35:ad:ad:8c:19:4a:
80:40:bc:7d:0a:33:8c:5a:f1:4d:d2:72:00:84:40:
aa:6a:c2:df:9d:f9:83:db:0a:54:be:f8:dc:7d:06:
1f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0F:71:59:F6:C5:55:EF:93:1E:56:46:50:3E:6E:29:45:60:EA:97
X509v3 Authority Key Identifier:
keyid:FB:3D:90:A4:89:E2:D4:9C:56:4E:08:A3:A2:F3:44:5F:B2:C8:D4:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-z2QpIni1JxWTgijovNEX7LI1AQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/30a55d-9959-48e8-9a81-9ab0ff870d23/1/xw9xWfbFVe-THlZGUD5uKUVg6pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/30a55d-9959-48e8-9a81-9ab0ff870d23/1/1-z2QpIni1JxWTgijovNEX7LI1AQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.140.0/23
193.39.6.0/23
IPv6:
2a0f:b580::/29
Signature Algorithm: sha256WithRSAEncryption
68:ae:1f:ae:14:ee:6a:47:ea:5f:b9:d8:58:f2:77:bd:37:48:
d2:30:e7:6f:32:5f:00:bd:78:4a:87:bb:b3:ab:01:27:83:e0:
4b:12:6e:c6:a5:60:0a:66:b3:c0:a2:57:dc:29:8f:07:d2:87:
7f:a7:3a:57:9b:b9:b3:4d:35:3a:99:c6:26:9c:3e:0a:85:46:
3c:0f:68:de:96:41:cf:57:5d:72:e6:12:f9:21:e7:c8:0b:f0:
b8:9e:10:79:0c:a6:92:7c:82:9a:9e:96:a9:7f:03:f1:74:c8:
0d:7e:bf:4c:0a:c5:c9:bf:44:f0:7c:cc:8d:c1:d6:a4:67:4a:
71:12:09:9e:3f:45:2a:56:94:e6:31:e9:84:73:19:a7:37:fd:
5d:5f:50:e7:d8:e1:b4:62:9f:f5:90:e5:f1:c1:75:39:b9:a1:
24:f0:3c:f8:4c:94:14:d5:8c:f4:83:f7:ae:5e:c1:e7:f6:81:
3d:10:72:34:3a:7d:9a:90:2b:d3:3f:39:93:1b:df:2f:4e:48:
cb:dd:11:d9:44:53:04:da:12:02:9c:d6:74:9d:6b:36:53:24:
55:b2:c9:09:3d:e1:18:e3:1b:e3:dc:ee:95:8a:42:5c:ee:29:
83:5e:0d:e2:5d:e5:8a:57:37:f8:6d:98:ae:37:4a:4e:dd:27:
61:26:27:a6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzFbiUolsXIdE5BsYZ6vzzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiM2Q5MGE0ODllMmQ0OWM1NjRlMDhhM2EyZjM0NDVmYjJj
OGQ0MDQwHhcNMjQwMTAxMTQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzBmNzE1OWY2YzU1NWVmOTMxZTU2NDY1MDNlNmUyOTQ1NjBlYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGgpbzlBlC6LvF3mDWM1+zGimyx7
LIFnXIhVfABxAXo+/BD0Gfqjl0VG+IZQyxSbt7VmeGyMcGBiAcJbYT5ntP6aBB0p
i5yeraBqPwq00httk1cJhwjtaLhsouHT4uUpfGzWmJBXbxuSPPTPleYYnRuv2XL0
yUC1JkkKfLuG/ozS2K6rtT9zUnIZwpye1itu//nur+5mJjsCNasmqerc/mWmkIMe
oaqR7E37s+wQIzK+TShCvkkZfzwr3ZUSe59OC7wP4/xoaVvtkQDZNwamMfLQ6Bw9
sOaNrgw1ra2MGUqAQLx9CjOMWvFN0nIAhECqasLfnfmD2wpUvvjcfQYfbwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMcPcVn2xVXvkx5WRlA+bilFYOqXMB8GA1UdIwQY
MBaAFPs9kKSJ4tScVk4Io6LzRF+yyNQEMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16MlFwSW5pMUp4V1RnaWpvdk5FWDdMSTFBUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUvMzBhNTVkLTk5NTktNDhlOC05YTgx
LTlhYjBmZjg3MGQyMy8xL3h3OXhXZmJGVmUtVEhsWkdVRDV1S1VWZzZwYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmUvMzBhNTVkLTk5NTktNDhlOC05YTgxLTlhYjBmZjg3MGQy
My8xLzEtejJRcEluaTFKeFdUZ2lqb3ZORVg3TEkxQVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAHBJowD
BAHBJwYwDQQCAAIwBwMFAyoPtYAwDQYJKoZIhvcNAQELBQADggEBAGiuH64U7mpH
6l+52Fjyd703SNIw528yXwC9eEqHu7OrASeD4EsSbsalYApms8CiV9wpjwfSh3+n
OlebubNNNTqZxiacPgqFRjwPaN6WQc9XXXLmEvkh58gL8LieEHkMppJ8gpqelql/
A/F0yA1+v0wKxcm/RPB8zI3B1qRnSnESCZ4/RSpWlOYx6YRzGac3/V1fUOfY4bRi
n/WQ5fHBdTm5oSTwPPhMlBTVjPSD965ewef2gT0QcjQ6fZqQK9M/OZMb3y9OSMvd
EdlEUwTaEgKc1nSdazZTJFWyyQk94RjjG+Pc7pWKQlzuKYNeDeJd5YpXN/htmK43
Sk7dJ2EmJ6Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:03 2025 by rpki-client