Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/RsDcTv8tewplYsilAaaC72xY1x8.roa
File: RsDcTv8tewplYsilAaaC72xY1x8.roa (raw, json)
Hash identifier: YHGuKugFM35xFotbNXHAX8TPWK0WDCO8yoixkVfXYE8=
Subject key identifier: 46:C0:DC:4E:FF:2D:7B:0A:65:62:C8:A5:01:A6:82:EF:6C:58:D7:1F
Certificate issuer: /CN=a7b1def695885eade5ccc8b4be2a02bb16079e9c
Certificate serial: 018CC4932D18F863CDC335B0CC60C94EB57A
Authority key identifier: A7:B1:DE:F6:95:88:5E:AD:E5:CC:C8:B4:BE:2A:02:BB:16:07:9E:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/RsDcTv8tewplYsilAaaC72xY1x8.roa
Signing time: Mon 01 Jan 2024 10:30:28 +0000
ROA not before: Mon 01 Jan 2024 10:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204648
IP address blocks: 193.17.36.0/24 maxlen: 24
193.17.38.0/24 maxlen: 24
193.17.37.0/24 maxlen: 24
193.17.39.0/24 maxlen: 24
173.255.144.0/24 maxlen: 24
173.255.148.0/24 maxlen: 24
173.255.150.0/24 maxlen: 24
173.255.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:2d:18:f8:63:cd:c3:35:b0:cc:60:c9:4e:b5:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7b1def695885eade5ccc8b4be2a02bb16079e9c
Validity
Not Before: Jan 1 10:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46c0dc4eff2d7b0a6562c8a501a682ef6c58d71f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f5:65:96:1d:d7:7e:ad:5f:4d:ed:65:6c:5e:
71:af:33:07:98:63:90:12:10:f0:40:f2:7e:f5:19:
f0:17:fd:72:dd:7f:de:7e:bc:cf:ef:a0:2a:9c:f0:
21:28:20:6e:0e:85:90:18:6c:19:e5:e8:15:34:5a:
49:80:2c:0b:dd:aa:fc:93:94:4b:37:2d:7e:49:ea:
09:0d:8e:2b:83:0e:3d:ec:4f:7b:52:22:6d:11:47:
68:15:c1:e3:fe:a8:74:1c:4a:f7:f3:bd:d3:0a:45:
94:d0:7f:56:25:ac:ed:bd:81:83:7a:f1:81:4f:ea:
79:99:13:74:13:8e:8d:72:06:86:56:1f:fb:83:a8:
8a:3e:d0:a9:c1:e7:a4:ee:9e:bb:bf:7d:f1:2a:1b:
01:fe:9f:8d:54:35:a2:94:15:2a:fc:03:50:5c:49:
3d:cd:6c:83:b2:d5:a9:6a:63:b4:0a:3c:a2:06:80:
23:6c:7f:08:f7:78:f3:d4:8c:78:fd:52:07:90:3d:
82:1a:ae:59:82:93:7d:4b:8d:92:c7:ab:64:7c:88:
3a:97:f2:09:ba:7c:5d:49:fe:8d:2e:3f:8b:90:bd:
68:fd:bc:3b:70:6f:3a:0f:da:45:12:fc:9c:01:a8:
10:74:76:1f:18:04:ca:b5:69:d3:42:19:f4:97:b5:
eb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C0:DC:4E:FF:2D:7B:0A:65:62:C8:A5:01:A6:82:EF:6C:58:D7:1F
X509v3 Authority Key Identifier:
keyid:A7:B1:DE:F6:95:88:5E:AD:E5:CC:C8:B4:BE:2A:02:BB:16:07:9E:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p7He9pWIXq3lzMi0vioCuxYHnpw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/RsDcTv8tewplYsilAaaC72xY1x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/688cae-5f96-4875-8701-944ecec7a423/1/p7He9pWIXq3lzMi0vioCuxYHnpw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.255.144.0/24
173.255.146.0/24
173.255.148.0/24
173.255.150.0/24
193.17.36.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:35:4a:2c:60:8f:a6:13:4e:af:f8:ee:15:c0:0c:34:21:6d:
fb:fb:d4:ed:b7:41:8d:35:9d:5a:cd:99:51:a0:a9:6a:77:64:
23:48:3f:ec:ff:52:85:86:5e:e6:28:61:af:e6:11:2e:a5:7f:
f2:ce:60:2e:07:bb:fb:1a:0a:65:90:9e:30:de:f4:af:1f:dc:
5a:c0:f2:50:4f:86:3b:d1:3c:9e:23:c5:9a:0b:75:89:8b:7e:
a5:5a:b6:98:01:8b:5f:f0:e7:6c:70:54:60:5e:fb:e8:49:5c:
d8:41:85:65:f3:98:a5:bf:b2:58:83:f7:91:a8:0c:13:98:e4:
7b:29:1d:8a:a6:95:53:ba:76:20:37:fa:11:fe:ec:13:6c:d1:
66:ec:47:58:fb:ee:a6:bc:a8:25:51:7e:36:14:a6:21:57:7e:
9e:93:05:0b:5d:54:f8:71:7e:3d:18:6d:e8:7d:c8:66:26:d1:
3c:a6:42:1d:4d:e2:e5:c0:c5:cd:6a:39:12:61:b4:32:1d:9c:
bd:3e:00:77:f3:e2:dc:aa:df:a7:e6:88:50:66:f8:28:55:5a:
e2:79:9a:0f:f4:65:de:a9:fb:51:66:26:80:07:2e:fe:4f:eb:
10:98:8f:36:bf:4a:88:e8:f1:39:56:f4:bf:f3:e3:6a:d4:54:
05:02:81:9b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEky0Y+GPNwzWwzGDJTrV6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YjFkZWY2OTU4ODVlYWRlNWNjYzhiNGJlMmEwMmJiMTYw
NzllOWMwHhcNMjQwMTAxMTAzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmMwZGM0ZWZmMmQ3YjBhNjU2MmM4YTUwMWE2ODJlZjZjNThkNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPVllh3Xfq1fTe1lbF5xrzMHmGOQ
EhDwQPJ+9RnwF/1y3X/efrzP76AqnPAhKCBuDoWQGGwZ5egVNFpJgCwL3ar8k5RL
Ny1+SeoJDY4rgw497E97UiJtEUdoFcHj/qh0HEr3873TCkWU0H9WJaztvYGDevGB
T+p5mRN0E46NcgaGVh/7g6iKPtCpweek7p67v33xKhsB/p+NVDWilBUq/ANQXEk9
zWyDstWpamO0CjyiBoAjbH8I93jz1Ix4/VIHkD2CGq5ZgpN9S42Sx6tkfIg6l/IJ
unxdSf6NLj+LkL1o/bw7cG86D9pFEvycAagQdHYfGATKtWnTQhn0l7XrlQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEbA3E7/LXsKZWLIpQGmgu9sWNcfMB8GA1UdIwQY
MBaAFKex3vaViF6t5czItL4qArsWB56cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ODhjYWUtNWY5Ni00ODc1LTg3MDEt
OTQ0ZWNlYzdhNDIzLzEvUnNEY1R2OHRld3BsWXNpbEFhYUM3MnhZMXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ODhjYWUtNWY5Ni00ODc1LTg3MDEtOTQ0ZWNlYzdhNDIz
LzEvcDdIZTlwV0lYcTNsek1pMHZpb0N1eFlIbnB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQArf+QAwQA
rf+SAwQArf+UAwQArf+WAwQCwREkMA0GCSqGSIb3DQEBCwUAA4IBAQB7NUosYI+m
E06v+O4VwAw0IW37+9Ttt0GNNZ1azZlRoKlqd2QjSD/s/1KFhl7mKGGv5hEupX/y
zmAuB7v7GgplkJ4w3vSvH9xawPJQT4Y70TyeI8WaC3WJi36lWraYAYtf8OdscFRg
XvvoSVzYQYVl85ilv7JYg/eRqAwTmOR7KR2KppVTunYgN/oR/uwTbNFm7EdY++6m
vKglUX42FKYhV36ekwULXVT4cX49GG3ofchmJtE8pkIdTeLlwMXNajkSYbQyHZy9
PgB38+Lcqt+n5ohQZvgoVVrieZoP9GXeqftRZiaABy7+T+sQmI82v0qI6PE5VvS/
8+Nq1FQFAoGb
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:24:54 2025 by rpki-client