Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/9uU7z3UfmwTM5aoKVRwJ8hmlThM.roa
File: 9uU7z3UfmwTM5aoKVRwJ8hmlThM.roa (raw, json)
Hash identifier: HRVH1bWvV46AB22MzsZgt0WrChvaf9iYWOf1tLZlo+c=
Subject key identifier: F6:E5:3B:CF:75:1F:9B:04:CC:E5:AA:0A:55:1C:09:F2:19:A5:4E:13
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 0193F7CF690D4B964787DC0A09012DD2F91C
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/9uU7z3UfmwTM5aoKVRwJ8hmlThM.roa
Signing time: Tue 24 Dec 2024 08:36:25 +0000
ROA not before: Tue 24 Dec 2024 08:36:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202943
IP address blocks: 193.109.82.0/24 maxlen: 24
195.216.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f7:cf:69:0d:4b:96:47:87:dc:0a:09:01:2d:d2:f9:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Dec 24 08:36:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6e53bcf751f9b04cce5aa0a551c09f219a54e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ae:55:88:2e:da:32:cd:da:41:bf:b3:d7:2f:
7f:11:6d:44:d6:23:23:28:5c:0f:f4:a0:f0:ad:07:
64:3a:1b:83:8a:71:99:2c:69:a1:2e:d6:06:20:42:
cc:b7:96:4e:27:7a:1a:ef:1d:ab:3b:dd:bf:c6:84:
ac:fc:58:bd:9e:86:30:25:c5:28:29:a9:bf:14:72:
3d:04:90:3c:d4:57:65:6d:b7:94:3b:8b:63:b2:48:
93:1f:b3:39:2a:20:5d:3a:69:bd:23:b8:b1:1d:bd:
4f:a8:d4:8d:d2:72:e7:58:74:a2:c6:04:04:1a:63:
e5:8d:88:99:7d:c6:02:07:e8:4c:2b:c6:60:b1:a7:
1e:aa:f2:de:ec:b2:af:1e:72:d6:4d:a0:c7:20:0a:
71:df:d7:79:65:f7:cb:67:50:6c:e7:80:b1:e2:be:
79:5d:27:31:89:75:9e:83:3e:60:86:7c:e0:ef:af:
5a:ca:2b:c3:51:c8:5a:f8:3a:fd:b1:5a:bc:a6:d5:
2d:d5:33:77:b6:a9:26:4c:47:e0:3e:f6:6b:51:86:
d9:16:5b:32:27:9a:0c:2a:15:0b:b6:4b:8d:20:3d:
14:f3:ec:a4:91:70:b7:0d:e0:51:53:5c:3d:75:05:
d7:77:0b:bb:7e:45:92:0c:bc:fd:1f:e1:58:8e:3f:
58:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E5:3B:CF:75:1F:9B:04:CC:E5:AA:0A:55:1C:09:F2:19:A5:4E:13
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/9uU7z3UfmwTM5aoKVRwJ8hmlThM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.82.0/24
195.216.248.0/24
Signature Algorithm: sha256WithRSAEncryption
79:c3:12:ae:85:3d:8b:4b:bc:90:81:cd:5c:50:21:82:28:02:
5d:02:a7:9c:b7:3a:33:c8:bd:6b:7f:44:af:c6:ba:fb:0e:94:
dd:2b:ab:e1:ce:08:49:30:ff:e3:85:ef:de:4f:1c:4d:2b:cd:
e5:15:16:7d:2e:cc:a7:21:dc:95:f9:07:73:2a:10:58:0d:bc:
f5:68:30:84:61:b5:33:f7:8c:b0:5d:ec:09:41:e3:03:6b:fd:
9b:1e:02:18:0a:d7:5f:a7:f9:ee:14:1b:31:5a:45:7a:76:ab:
ba:ed:f8:84:92:5e:e8:f6:98:99:23:8a:02:50:38:f5:6e:e7:
81:2a:c1:d4:24:18:49:e7:3b:02:39:75:b6:0f:e1:a6:8c:3f:
f6:da:ae:a4:1c:2d:28:bd:98:19:1a:a6:b8:f6:6f:69:69:f2:
3f:d2:3d:ca:8a:70:52:e9:a6:e3:20:1c:e3:21:7b:df:d8:e5:
37:5d:b8:71:ec:c3:1a:1b:39:72:d0:4f:c0:42:2d:45:b5:ad:
1c:66:2d:00:e4:12:11:d8:fc:cd:0a:2d:5e:db:2f:00:fc:80:
bf:de:6c:56:1a:1b:b2:6a:0a:2e:0a:89:a5:ad:91:df:50:43:
92:e6:4c:4f:0c:63:a5:00:0a:2b:e1:e3:f9:ee:d0:86:04:c5:
f1:92:05:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZP3z2kNS5ZHh9wKCQEt0vkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjQxMjI0MDgzNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU1M2JjZjc1MWY5YjA0Y2NlNWFhMGE1NTFjMDlmMjE5YTU0ZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy65ViC7aMs3aQb+z1y9/EW1E1iMj
KFwP9KDwrQdkOhuDinGZLGmhLtYGIELMt5ZOJ3oa7x2rO92/xoSs/Fi9noYwJcUo
Kam/FHI9BJA81FdlbbeUO4tjskiTH7M5KiBdOmm9I7ixHb1PqNSN0nLnWHSixgQE
GmPljYiZfcYCB+hMK8ZgsaceqvLe7LKvHnLWTaDHIApx39d5ZffLZ1Bs54Cx4r55
XScxiXWegz5ghnzg769ayivDUcha+Dr9sVq8ptUt1TN3tqkmTEfgPvZrUYbZFlsy
J5oMKhULtkuNID0U8+ykkXC3DeBRU1w9dQXXdwu7fkWSDLz9H+FYjj9YJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPblO891H5sEzOWqClUcCfIZpU4TMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvOXVVN3ozVWZtd1RNNWFvS1ZSd0o4aG1sVGhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW1SAwQA
w9j4MA0GCSqGSIb3DQEBCwUAA4IBAQB5wxKuhT2LS7yQgc1cUCGCKAJdAqectzoz
yL1rf0Svxrr7DpTdK6vhzghJMP/jhe/eTxxNK83lFRZ9LsynIdyV+QdzKhBYDbz1
aDCEYbUz94ywXewJQeMDa/2bHgIYCtdfp/nuFBsxWkV6dqu67fiEkl7o9piZI4oC
UDj1bueBKsHUJBhJ5zsCOXW2D+GmjD/22q6kHC0ovZgZGqa49m9pafI/0j3KinBS
6abjIBzjIXvf2OU3Xbhx7MMaGzly0E/AQi1Fta0cZi0A5BIR2PzNCi1e2y8A/IC/
3mxWGhuyagouComlrZHfUEOS5kxPDGOlAAor4eP57tCGBMXxkgXz
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:31 2025 by rpki-client