Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/4ZJ0Y_DHNbZxArnyQP43lbLppwk.roa
File: 4ZJ0Y_DHNbZxArnyQP43lbLppwk.roa (raw, json)
Hash identifier: wU9vZJ1ydjqqcXLU41+WWV1M07tTHoXD8WA3tWITuu0=
Subject key identifier: E1:92:74:63:F0:C7:35:B6:71:02:B9:F2:40:FE:37:95:B2:E9:A7:09
Certificate issuer: /CN=c0ba50fca33b180d68436e7ef0cbf6904baf45d4
Certificate serial: 01906507A6C1A898A8F00123FA9E47BC1F73
Authority key identifier: C0:BA:50:FC:A3:3B:18:0D:68:43:6E:7E:F0:CB:F6:90:4B:AF:45:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/4ZJ0Y_DHNbZxArnyQP43lbLppwk.roa
Signing time: Sat 29 Jun 2024 17:25:18 +0000
ROA not before: Sat 29 Jun 2024 17:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 194.33.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Dec 2024 08:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:65:07:a6:c1:a8:98:a8:f0:01:23:fa:9e:47:bc:1f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0ba50fca33b180d68436e7ef0cbf6904baf45d4
Validity
Not Before: Jun 29 17:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1927463f0c735b67102b9f240fe3795b2e9a709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5b:2a:92:45:de:18:e8:e3:27:77:d1:1f:79:
a0:22:44:f5:8d:34:c4:ce:4f:db:e2:74:fa:3c:cc:
93:dd:b3:4a:2e:a4:8c:89:6b:bb:7b:ca:e3:75:12:
ec:8e:3b:d9:cf:7f:49:16:62:34:ee:01:e3:b9:32:
d6:98:89:76:fa:77:d9:5d:3c:47:d5:74:34:f0:1f:
1b:50:c4:fe:b6:1e:ce:f1:b6:c2:91:55:33:b4:ac:
a9:92:c1:72:b7:0f:50:2e:af:b8:43:66:a9:69:f6:
65:f2:63:b4:0b:2c:40:da:77:6b:91:e0:59:96:d2:
85:36:21:7d:75:d0:8e:78:b4:91:43:d8:45:4d:ea:
e7:70:9b:fd:bb:ef:46:bd:ca:3c:d5:d4:a8:bd:5b:
0b:90:96:0c:f4:66:8d:1c:8a:00:76:c3:b8:48:78:
7b:67:b7:97:a5:b7:e6:b3:0a:b8:c0:12:34:f3:7c:
30:45:f4:1f:17:fd:14:fa:d0:2a:1c:e1:f7:7b:ca:
7d:32:98:ed:b3:32:45:45:7d:b7:e1:79:34:4a:43:
f8:04:98:a9:8e:1f:89:20:ed:87:3a:9d:fd:f3:2e:
3a:08:9b:1a:2a:78:02:86:e7:69:24:23:23:44:47:
bd:0e:e9:46:6c:82:e6:4e:23:96:74:0b:3e:4d:9e:
11:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:92:74:63:F0:C7:35:B6:71:02:B9:F2:40:FE:37:95:B2:E9:A7:09
X509v3 Authority Key Identifier:
keyid:C0:BA:50:FC:A3:3B:18:0D:68:43:6E:7E:F0:CB:F6:90:4B:AF:45:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/4ZJ0Y_DHNbZxArnyQP43lbLppwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:4e:4e:ae:28:a8:80:55:57:02:e9:77:af:34:b5:58:47:6f:
fa:aa:31:95:71:f9:c3:55:f2:b3:ca:2c:5a:b6:09:b1:31:24:
64:d1:42:01:82:a9:35:d3:0a:0a:00:15:0e:71:ef:88:e0:55:
00:4d:68:86:48:18:a3:1a:45:f6:ed:1b:ab:17:0e:47:d1:db:
70:d8:0e:95:c4:c8:71:d0:d9:67:27:e7:1e:b8:5a:a8:c6:04:
68:87:b1:bd:66:20:8f:4f:a1:cb:b8:dc:5f:5a:d9:02:09:de:
d9:a0:58:85:46:68:f8:a2:fc:c6:81:6b:57:cf:f5:f0:1a:0f:
51:8a:4a:64:f0:33:57:aa:0d:e4:ad:56:b0:7b:da:64:86:b9:
6c:b8:24:33:5d:cb:79:ce:6d:87:11:55:9e:6d:6b:1c:6b:a4:
20:06:8a:5a:4c:54:50:1d:a8:9f:d0:88:95:91:32:44:3c:67:
5d:4f:c5:89:e9:dd:06:41:51:b4:ae:9f:ba:fd:5e:04:16:ed:
54:dc:30:ec:06:c8:d9:63:b4:43:03:c0:42:ae:12:62:19:38:
a1:ca:61:7c:41:b9:e1:d0:34:0c:24:d5:99:c0:81:f8:5c:1b:
c2:5a:fe:cb:de:6c:e6:c2:54:49:e2:f8:c8:7b:53:db:99:85:
2a:72:07:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBlB6bBqJio8AEj+p5HvB9zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYmE1MGZjYTMzYjE4MGQ2ODQzNmU3ZWYwY2JmNjkwNGJh
ZjQ1ZDQwHhcNMjQwNjI5MTcyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTkyNzQ2M2YwYzczNWI2NzEwMmI5ZjI0MGZlMzc5NWIyZTlhNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1sqkkXeGOjjJ3fRH3mgIkT1jTTE
zk/b4nT6PMyT3bNKLqSMiWu7e8rjdRLsjjvZz39JFmI07gHjuTLWmIl2+nfZXTxH
1XQ08B8bUMT+th7O8bbCkVUztKypksFytw9QLq+4Q2apafZl8mO0CyxA2ndrkeBZ
ltKFNiF9ddCOeLSRQ9hFTerncJv9u+9Gvco81dSovVsLkJYM9GaNHIoAdsO4SHh7
Z7eXpbfmswq4wBI083wwRfQfF/0U+tAqHOH3e8p9MpjtszJFRX234Xk0SkP4BJip
jh+JIO2HOp398y46CJsaKngChudpJCMjREe9DulGbILmTiOWdAs+TZ4R9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGSdGPwxzW2cQK58kD+N5Wy6acJMB8GA1UdIwQY
MBaAFMC6UPyjOxgNaENufvDL9pBLr0XUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0xwUV9LTTdHQTFvUTI1LThNdjJrRXV2UmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80MjJhNGMtODM5NC00NmI0LWFhMTgt
ZDFmYmU1YTkxZDcwLzEvNFpKMFlfREhOYlp4QXJueVFQNDNsYkxwcHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80MjJhNGMtODM5NC00NmI0LWFhMTgtZDFmYmU1YTkxZDcw
LzEvd0xwUV9LTTdHQTFvUTI1LThNdjJrRXV2UmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiEcMA0G
CSqGSIb3DQEBCwUAA4IBAQC0Tk6uKKiAVVcC6XevNLVYR2/6qjGVcfnDVfKzyixa
tgmxMSRk0UIBgqk10woKABUOce+I4FUATWiGSBijGkX27RurFw5H0dtw2A6VxMhx
0NlnJ+ceuFqoxgRoh7G9ZiCPT6HLuNxfWtkCCd7ZoFiFRmj4ovzGgWtXz/XwGg9R
ikpk8DNXqg3krVawe9pkhrlsuCQzXct5zm2HEVWebWsca6QgBopaTFRQHaif0IiV
kTJEPGddT8WJ6d0GQVG0rp+6/V4EFu1U3DDsBsjZY7RDA8BCrhJiGTihymF8Qbnh
0DQMJNWZwIH4XBvCWv7L3mzmwlRJ4vjIe1PbmYUqcgc8
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:21 2025 by rpki-client