Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SQ3RwGyOd3aUHqpDQDqF3uPACRE.roa
File: SQ3RwGyOd3aUHqpDQDqF3uPACRE.roa (raw, json)
Hash identifier: zr8fPjygwgXL2HDlt2F6umDwDM/4/+oxZGfPFv++tzs=
Subject key identifier: 49:0D:D1:C0:6C:8E:77:76:94:1E:AA:43:40:3A:85:DE:E3:C0:09:11
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0193B003D1BD4DECFAC61E6567D4438C5DE8
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SQ3RwGyOd3aUHqpDQDqF3uPACRE.roa
Signing time: Tue 10 Dec 2024 10:01:00 +0000
ROA not before: Tue 10 Dec 2024 10:01:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 193.58.108.0/24 maxlen: 24
195.66.24.0/24 maxlen: 24
2a09:17c0:1000::/48 maxlen: 48
2a0a:2d02::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:03:d1:bd:4d:ec:fa:c6:1e:65:67:d4:43:8c:5d:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 10 10:01:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=490dd1c06c8e7776941eaa43403a85dee3c00911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a6:75:a5:3b:64:20:f7:a6:a3:4a:2f:d2:8a:
41:72:8c:38:55:27:7b:2c:26:29:b8:eb:c2:88:db:
15:27:b9:40:a7:f1:e6:84:8f:20:95:28:04:f6:64:
d8:97:43:88:e9:1b:94:26:02:6f:c3:27:01:d7:0f:
2d:1a:f2:37:e3:00:71:24:e3:e5:0c:67:2b:ce:8f:
8f:47:57:5d:92:c7:f3:77:22:09:85:da:21:71:39:
60:47:15:7b:53:f6:67:e5:a0:01:c2:eb:48:6b:17:
a8:0c:77:37:46:03:e4:6f:9f:d9:ea:f5:7c:56:75:
1b:00:9d:01:1f:88:37:14:46:db:b8:f0:f3:7e:79:
96:51:e5:42:f8:d1:13:50:de:87:28:71:dc:b0:d4:
3d:a6:8c:f8:f6:3f:e4:5d:8e:7c:90:3d:ed:e3:9a:
9f:c9:dd:12:b3:1f:2b:b7:eb:ec:d8:16:8b:8c:1b:
eb:99:f2:67:a8:8a:da:25:ab:0a:e3:e3:e4:41:7d:
69:e8:92:4c:d8:b8:54:ca:41:be:c3:f1:f2:c2:33:
24:d8:7a:98:79:0d:97:34:7a:1a:95:67:85:51:91:
e4:a5:a8:d4:80:a4:79:3b:cc:59:37:79:11:a0:30:
49:ef:cb:28:ab:77:89:dc:98:1f:32:7d:c6:5b:70:
f5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0D:D1:C0:6C:8E:77:76:94:1E:AA:43:40:3A:85:DE:E3:C0:09:11
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SQ3RwGyOd3aUHqpDQDqF3uPACRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.108.0/24
195.66.24.0/24
IPv6:
2a09:17c0:1000::/48
2a0a:2d02::/32
Signature Algorithm: sha256WithRSAEncryption
80:c9:c6:a3:f0:d4:a9:26:06:fc:9c:9c:c3:17:2a:6e:4a:e5:
9c:c2:bb:9f:c8:56:4c:82:fa:f8:b7:12:66:8a:ac:a0:fb:50:
5b:10:18:64:6b:9d:a8:ce:c0:ce:a3:f5:6e:26:f1:56:77:9b:
f1:3a:e6:e3:bc:dc:5b:a4:5d:5d:35:e9:66:e9:73:e0:0c:37:
47:2a:42:f0:ac:66:a5:b2:7f:93:31:52:27:99:aa:8f:ee:3e:
4e:6d:02:47:24:9e:3d:e4:53:31:51:c7:52:75:63:48:51:7b:
5b:ae:d8:cd:22:f2:63:6a:f4:6e:5b:f0:cd:0a:d4:e6:7e:9d:
a6:ff:b3:28:dd:23:36:72:37:da:7b:fb:b0:da:24:2d:1f:1e:
a9:32:8b:cd:6b:cd:e7:5b:a4:aa:64:70:eb:72:29:02:5f:12:
69:a4:e3:bb:8e:0f:66:81:a4:32:e5:3a:34:e8:0a:2d:b2:4c:
98:53:a2:f4:a6:db:9b:f6:27:4c:57:b6:57:47:eb:06:03:db:
77:fc:74:88:03:c5:50:cd:9d:da:15:e5:23:fd:88:23:ee:84:
0e:7f:91:5a:47:79:0f:98:57:8f:6b:6b:80:cc:25:5e:76:dc:
48:fd:72:be:7b:22:73:6e:c8:e4:cd:e6:1f:be:ae:66:64:a3:
5f:f7:03:48
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZOwA9G9Tez6xh5lZ9RDjF3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQxMjEwMTAwMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBkZDFjMDZjOGU3Nzc2OTQxZWFhNDM0MDNhODVkZWUzYzAwOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Z1pTtkIPemo0ov0opBcow4VSd7
LCYpuOvCiNsVJ7lAp/HmhI8glSgE9mTYl0OI6RuUJgJvwycB1w8tGvI34wBxJOPl
DGcrzo+PR1ddksfzdyIJhdohcTlgRxV7U/Zn5aABwutIaxeoDHc3RgPkb5/Z6vV8
VnUbAJ0BH4g3FEbbuPDzfnmWUeVC+NETUN6HKHHcsNQ9poz49j/kXY58kD3t45qf
yd0Ssx8rt+vs2BaLjBvrmfJnqIraJasK4+PkQX1p6JJM2LhUykG+w/HywjMk2HqY
eQ2XNHoalWeFUZHkpajUgKR5O8xZN3kRoDBJ78soq3eJ3JgfMn3GW3D1cQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEkN0cBsjnd2lB6qQ0A6hd7jwAkRMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvU1EzUndHeU9kM2FVSHFwRFFEcUYzdVBBQ1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAwTpsAwQA
w0IYMBYEAgACMBADBwAqCRfAEAADBQAqCi0CMA0GCSqGSIb3DQEBCwUAA4IBAQCA
ycaj8NSpJgb8nJzDFypuSuWcwrufyFZMgvr4txJmiqyg+1BbEBhka52ozsDOo/Vu
JvFWd5vxOubjvNxbpF1dNelm6XPgDDdHKkLwrGalsn+TMVInmaqP7j5ObQJHJJ49
5FMxUcdSdWNIUXtbrtjNIvJjavRuW/DNCtTmfp2m/7Mo3SM2cjfae/uw2iQtHx6p
MovNa83nW6SqZHDrcikCXxJppOO7jg9mgaQy5To06AotskyYU6L0ptub9idMV7ZX
R+sGA9t3/HSIA8VQzZ3aFeUj/Ygj7oQOf5FaR3kPmFePa2uAzCVedtxI/XK+eyJz
bsjkzeYfvq5mZKNf9wNI
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:16:39 2025 by rpki-client