Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/l6qwQAsr0R85yjVigWkA0_F3rj0.roa
File: l6qwQAsr0R85yjVigWkA0_F3rj0.roa (raw, json)
Hash identifier: 8lXXiG+n6Ai3aQ/aXWzLDm3EvuPqQ36z3Vm10gd64Is=
Subject key identifier: 97:AA:B0:40:0B:2B:D1:1F:39:CA:35:62:81:69:00:D3:F1:77:AE:3D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019422205E996A8783E30EF3A15C889405E0
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/l6qwQAsr0R85yjVigWkA0_F3rj0.roa
Signing time: Wed 01 Jan 2025 13:48:54 +0000
ROA not before: Wed 01 Jan 2025 13:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395374
IP address blocks: 193.8.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Jan 2025 12:28:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:5e:99:6a:87:83:e3:0e:f3:a1:5c:88:94:05:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 1 13:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97aab0400b2bd11f39ca3562816900d3f177ae3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b3:31:61:19:65:cd:06:06:28:ff:f5:6c:80:
a2:0f:49:ff:4b:67:e3:cc:97:b2:55:76:78:26:11:
46:5e:42:6e:ca:be:ec:02:b8:66:21:7d:c1:65:a9:
ba:3a:ea:68:23:fe:45:b6:e3:94:39:1a:7f:22:a5:
8f:c3:2b:23:95:a6:04:f1:37:3a:ab:ec:cf:cd:0d:
5b:c8:86:40:83:00:0b:22:b6:f5:a6:3b:d4:87:1c:
eb:7a:49:db:d6:82:5a:0e:13:a1:b6:35:bf:01:c8:
af:bb:9e:ed:d1:e3:18:63:ed:33:d1:4d:9b:f3:f1:
e6:22:69:0d:ee:c8:53:f2:6a:22:e4:07:d2:99:9d:
69:98:e0:ee:a6:fb:7f:f1:c1:08:06:f3:a3:a5:fe:
f5:bf:f9:0a:eb:f0:e3:83:f6:d3:73:bf:d7:dd:12:
2e:77:2c:8d:16:d3:e8:11:cd:35:f5:41:a6:8a:c5:
be:f6:d2:c8:00:ad:df:6d:b4:c3:c1:c7:e3:87:be:
a8:43:a4:36:15:58:b2:43:aa:e1:81:35:8a:8c:3c:
3c:f9:08:63:f8:bd:e4:c4:95:e5:e8:55:90:b7:4a:
39:48:af:55:89:fd:63:24:b5:c9:5e:b5:a1:09:2b:
79:98:fe:29:77:d5:6c:6f:b4:3e:fa:87:a5:5c:fb:
8f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:AA:B0:40:0B:2B:D1:1F:39:CA:35:62:81:69:00:D3:F1:77:AE:3D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/l6qwQAsr0R85yjVigWkA0_F3rj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.114.0/24
Signature Algorithm: sha256WithRSAEncryption
39:8c:91:00:c7:f3:d3:1d:b8:00:62:d6:df:85:9e:62:d2:9d:
3c:f1:13:e5:68:69:cd:0f:3b:64:73:f3:6c:ec:da:81:a0:aa:
4f:40:86:01:d6:4b:0a:b6:fd:e0:c7:11:37:f5:18:cc:ad:a0:
d6:24:42:b7:ff:3c:32:e8:5f:d5:e5:c4:6c:6f:2a:82:1a:04:
94:6a:b6:b9:3f:0a:b5:86:ed:92:0a:bf:67:3d:f4:cd:f6:a6:
0d:ad:0f:f7:f4:72:15:34:fd:cd:3d:f1:bc:5b:01:36:12:dc:
83:61:10:f8:10:f0:9b:97:a6:56:24:e0:5a:9b:04:dd:a9:ea:
ed:4e:88:72:00:2b:76:ca:2c:f3:54:40:f4:75:60:03:a0:92:
db:12:10:3c:0b:09:52:d6:9a:4d:4d:f5:e2:36:61:c2:e2:c0:
10:3d:4b:11:0d:d9:04:39:d6:08:6e:e7:24:43:5a:f3:8c:23:
90:15:e5:a0:e1:8b:37:34:cd:cd:52:94:06:80:be:3a:71:95:
1b:99:73:85:c9:33:d3:e9:80:84:1a:a7:8f:13:94:7c:0f:84:
7d:8e:15:70:08:fd:10:0f:fc:35:7f:67:32:83:29:09:55:7b:
0d:c7:0b:5d:e4:53:20:0c:17:2f:84:80:30:5d:5b:09:dd:b7:
b7:ec:bb:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIF6ZaoeD4w7zoVyIlAXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMTAxMTM0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2FhYjA0MDBiMmJkMTFmMzljYTM1NjI4MTY5MDBkM2YxNzdhZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLMxYRllzQYGKP/1bICiD0n/S2fj
zJeyVXZ4JhFGXkJuyr7sArhmIX3BZam6OupoI/5FtuOUORp/IqWPwysjlaYE8Tc6
q+zPzQ1byIZAgwALIrb1pjvUhxzreknb1oJaDhOhtjW/Acivu57t0eMYY+0z0U2b
8/HmImkN7shT8moi5AfSmZ1pmODupvt/8cEIBvOjpf71v/kK6/Djg/bTc7/X3RIu
dyyNFtPoEc019UGmisW+9tLIAK3fbbTDwcfjh76oQ6Q2FViyQ6rhgTWKjDw8+Qhj
+L3kxJXl6FWQt0o5SK9Vif1jJLXJXrWhCSt5mP4pd9Vsb7Q++oelXPuP3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJeqsEALK9EfOco1YoFpANPxd649MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbDZxd1FBc3IwUjg1eWpWaWdXa0EwX0YzcmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQhyMA0G
CSqGSIb3DQEBCwUAA4IBAQA5jJEAx/PTHbgAYtbfhZ5i0p088RPlaGnNDztkc/Ns
7NqBoKpPQIYB1ksKtv3gxxE39RjMraDWJEK3/zwy6F/V5cRsbyqCGgSUara5Pwq1
hu2SCr9nPfTN9qYNrQ/39HIVNP3NPfG8WwE2EtyDYRD4EPCbl6ZWJOBamwTdqert
TohyACt2yizzVED0dWADoJLbEhA8CwlS1ppNTfXiNmHC4sAQPUsRDdkEOdYIbuck
Q1rzjCOQFeWg4Ys3NM3NUpQGgL46cZUbmXOFyTPT6YCEGqePE5R8D4R9jhVwCP0Q
D/w1f2cygykJVXsNxwtd5FMgDBcvhIAwXVsJ3be37LsF
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:33:38 2025 by rpki-client