Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/849bcf-da5f-4c97-97b1-5ba5954dfc37/1/ruR1cmgxv8mG1ibDsgNJsH81mPQ.roa
File: ruR1cmgxv8mG1ibDsgNJsH81mPQ.roa (raw, json)
Hash identifier: o78XDnodcDNCcNQ9oGG61HBkWVEx+zihFeqQ9rLWC8k=
Subject key identifier: AE:E4:75:72:68:31:BF:C9:86:D6:26:C3:B2:03:49:B0:7F:35:98:F4
Certificate issuer: /CN=24b0e4f18183fbd9d6950eea433fe5d216bd5f12
Certificate serial: 018CCA2A052C7C3A543A6051B159991C8D8E
Authority key identifier: 24:B0:E4:F1:81:83:FB:D9:D6:95:0E:EA:43:3F:E5:D2:16:BD:5F:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLDk8YGD-9nWlQ7qQz_l0ha9XxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/849bcf-da5f-4c97-97b1-5ba5954dfc37/1/ruR1cmgxv8mG1ibDsgNJsH81mPQ.roa
Signing time: Tue 02 Jan 2024 12:33:20 +0000
ROA not before: Tue 02 Jan 2024 12:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 193.8.140.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:51:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:05:2c:7c:3a:54:3a:60:51:b1:59:99:1c:8d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24b0e4f18183fbd9d6950eea433fe5d216bd5f12
Validity
Not Before: Jan 2 12:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aee475726831bfc986d626c3b20349b07f3598f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:70:fe:d1:35:c9:e1:a0:8e:2d:f7:98:be:14:
13:ea:a2:1d:40:93:4b:75:2f:3e:27:da:c1:b3:65:
a6:eb:f6:78:ec:4a:0e:a3:4a:29:12:4b:9a:a9:b4:
7e:dd:d2:ae:11:8b:8c:27:0e:43:c4:54:0a:e7:b1:
69:85:cf:a6:c3:86:87:aa:f0:2d:6e:a9:b7:db:4e:
27:e0:0c:c9:6f:86:26:1f:df:87:a9:d5:41:be:e7:
fb:3b:09:a4:76:30:d8:0c:80:04:f9:87:d1:a5:f2:
8a:76:11:e2:d9:b1:c0:ec:a6:6c:5b:bd:04:92:69:
6c:d2:7a:a3:d1:0c:fe:60:48:a5:65:9b:95:32:69:
b3:b4:03:4e:7e:96:a2:40:3b:b4:36:d6:c6:5b:cb:
56:01:b9:3c:b0:26:c4:9e:99:11:fb:36:33:e8:57:
b0:22:a4:05:3a:ad:ae:ec:0b:60:64:4a:ef:35:89:
d1:d6:52:9b:a8:9b:22:6b:cf:77:48:bd:ad:2d:cc:
13:f5:f8:e3:6b:5f:a3:0f:47:ba:d2:94:53:bf:cd:
f2:05:e9:7b:01:39:0a:3a:d1:69:61:62:db:dd:6c:
37:c8:e1:f6:8a:70:ee:fd:00:1b:0e:f6:0c:43:29:
7f:78:75:0c:31:3d:3c:a2:49:ea:80:ce:25:ff:9b:
73:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:E4:75:72:68:31:BF:C9:86:D6:26:C3:B2:03:49:B0:7F:35:98:F4
X509v3 Authority Key Identifier:
keyid:24:B0:E4:F1:81:83:FB:D9:D6:95:0E:EA:43:3F:E5:D2:16:BD:5F:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLDk8YGD-9nWlQ7qQz_l0ha9XxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/849bcf-da5f-4c97-97b1-5ba5954dfc37/1/ruR1cmgxv8mG1ibDsgNJsH81mPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/849bcf-da5f-4c97-97b1-5ba5954dfc37/1/JLDk8YGD-9nWlQ7qQz_l0ha9XxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.140.0/23
Signature Algorithm: sha256WithRSAEncryption
31:65:75:a8:78:03:bb:e4:6c:1d:55:7a:33:8b:b1:c9:8b:89:
86:ea:94:4c:74:bb:6d:5b:c3:5b:fc:7f:43:f5:fd:2c:52:75:
21:aa:b8:db:5d:bf:5a:ad:27:fa:41:ce:cb:47:e3:69:85:74:
32:50:e9:b7:6b:c0:84:a3:05:d3:45:6c:df:30:51:43:2d:01:
fa:e3:17:cb:e1:26:22:27:f1:56:55:0e:01:77:a5:0c:fd:7a:
6e:02:ed:01:e3:32:57:68:e1:ae:fd:41:05:45:86:8a:04:b3:
87:78:7c:68:d6:69:c9:ab:8d:29:b5:83:59:96:e7:04:3b:39:
1b:c7:7d:e7:0b:91:4a:e4:13:2c:25:d6:d8:50:df:e9:d9:1f:
2d:dd:23:a9:66:c2:fd:73:8d:fe:b0:9e:55:c7:7c:08:c7:8a:
ec:38:81:c3:08:cd:2e:4c:7f:c0:57:c9:c2:94:e3:af:60:4a:
77:e1:25:ac:0e:ab:25:09:62:02:81:ff:72:9e:d7:48:23:d4:
fa:45:66:2f:b8:9f:6e:e0:3f:08:63:f4:24:1f:12:8e:3c:95:
50:23:eb:8a:8e:f9:2a:9a:e6:c1:ab:10:99:ce:9c:e1:87:18:
ee:3a:60:ae:31:fb:91:ca:6a:80:45:1e:c1:33:7b:b8:7c:15:
ef:0c:17:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKgUsfDpUOmBRsVmZHI2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YjBlNGYxODE4M2ZiZDlkNjk1MGVlYTQzM2ZlNWQyMTZi
ZDVmMTIwHhcNMjQwMTAyMTIzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWU0NzU3MjY4MzFiZmM5ODZkNjI2YzNiMjAzNDliMDdmMzU5OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3D+0TXJ4aCOLfeYvhQT6qIdQJNL
dS8+J9rBs2Wm6/Z47EoOo0opEkuaqbR+3dKuEYuMJw5DxFQK57Fphc+mw4aHqvAt
bqm3204n4AzJb4YmH9+HqdVBvuf7OwmkdjDYDIAE+YfRpfKKdhHi2bHA7KZsW70E
kmls0nqj0Qz+YEilZZuVMmmztANOfpaiQDu0NtbGW8tWAbk8sCbEnpkR+zYz6Few
IqQFOq2u7AtgZErvNYnR1lKbqJsia893SL2tLcwT9fjja1+jD0e60pRTv83yBel7
ATkKOtFpYWLb3Ww3yOH2inDu/QAbDvYMQyl/eHUMMT08oknqgM4l/5tzuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7kdXJoMb/JhtYmw7IDSbB/NZj0MB8GA1UdIwQY
MBaAFCSw5PGBg/vZ1pUO6kM/5dIWvV8SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxEazhZR0QtOW5XbFE3cVF6X2wwaGE5WHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy84NDliY2YtZGE1Zi00Yzk3LTk3YjEt
NWJhNTk1NGRmYzM3LzEvcnVSMWNtZ3h2OG1HMWliRHNnTkpzSDgxbVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy84NDliY2YtZGE1Zi00Yzk3LTk3YjEtNWJhNTk1NGRmYzM3
LzEvSkxEazhZR0QtOW5XbFE3cVF6X2wwaGE5WHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwQiMMA0G
CSqGSIb3DQEBCwUAA4IBAQAxZXWoeAO75GwdVXozi7HJi4mG6pRMdLttW8Nb/H9D
9f0sUnUhqrjbXb9arSf6Qc7LR+NphXQyUOm3a8CEowXTRWzfMFFDLQH64xfL4SYi
J/FWVQ4Bd6UM/XpuAu0B4zJXaOGu/UEFRYaKBLOHeHxo1mnJq40ptYNZlucEOzkb
x33nC5FK5BMsJdbYUN/p2R8t3SOpZsL9c43+sJ5Vx3wIx4rsOIHDCM0uTH/AV8nC
lOOvYEp34SWsDqslCWICgf9yntdII9T6RWYvuJ9u4D8IY/QkHxKOPJVQI+uKjvkq
mubBqxCZzpzhhxjuOmCuMfuRymqARR7BM3u4fBXvDBfQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:41 2025 by rpki-client