Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/3dd1ae-7b90-4b57-8a3c-4099f4aa9369/1/rBDMNvtz3le6NAUinQOV5BCf5P4.roa
File: rBDMNvtz3le6NAUinQOV5BCf5P4.roa (raw, json)
Hash identifier: BdOuaOPFnKILlK27fhkK8l+83t/cza0n1oKV6+qO72M=
Subject key identifier: AC:10:CC:36:FB:73:DE:57:BA:34:05:22:9D:03:95:E4:10:9F:E4:FE
Certificate issuer: /CN=276e13525244af0d2e640aba29b0f8236bc61e20
Certificate serial: 019369DC108E26E0118F45A20656CF11FB4F
Authority key identifier: 27:6E:13:52:52:44:AF:0D:2E:64:0A:BA:29:B0:F8:23:6B:C6:1E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J24TUlJErw0uZAq6KbD4I2vGHiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/3dd1ae-7b90-4b57-8a3c-4099f4aa9369/1/rBDMNvtz3le6NAUinQOV5BCf5P4.roa
Signing time: Tue 26 Nov 2024 19:04:10 +0000
ROA not before: Tue 26 Nov 2024 19:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205358
IP address blocks: 193.17.32.0/24 maxlen: 24
2a07:f200::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Nov 2024 21:54:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:69:dc:10:8e:26:e0:11:8f:45:a2:06:56:cf:11:fb:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=276e13525244af0d2e640aba29b0f8236bc61e20
Validity
Not Before: Nov 26 19:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac10cc36fb73de57ba3405229d0395e4109fe4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:38:8a:d3:72:21:41:4c:8e:f3:05:6f:f9:b3:
6d:f9:89:4c:24:71:cf:25:71:c9:e5:54:10:d9:5a:
1c:0b:68:90:2d:09:09:37:b9:9a:cb:3a:08:d5:39:
a3:09:5e:9b:f6:f2:9e:62:84:d0:1f:0d:0e:ed:86:
11:28:c2:81:bc:90:29:05:43:56:f5:29:ca:75:76:
1d:87:c0:69:3c:ce:fd:cf:1a:d5:a5:3b:17:71:34:
07:30:ec:cb:69:c9:ed:bc:05:e9:9d:0f:5a:d9:8a:
af:e0:82:0f:d5:2d:04:9d:63:73:2d:de:e9:6b:63:
d3:32:aa:b8:da:d5:85:09:66:b7:c5:a6:7c:7f:90:
05:80:2e:1f:f4:48:94:26:95:b2:30:2d:a1:1c:98:
d9:c4:e1:bf:90:ed:c5:1d:a7:ba:4b:a8:9f:27:a4:
21:b5:e3:43:dd:5f:36:33:7d:03:c9:47:b4:f0:cf:
3f:6f:b6:15:31:91:ab:21:4d:df:d7:e8:39:78:a5:
ba:18:49:3e:51:a1:97:36:d6:0e:09:c8:15:34:14:
72:57:2d:4d:eb:0d:63:d6:1a:cb:b1:3c:f8:88:43:
2d:b2:6d:da:e4:06:16:71:43:da:e9:d6:cc:0c:ed:
45:f3:c7:00:26:8b:35:f6:35:85:51:60:97:05:aa:
4f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:10:CC:36:FB:73:DE:57:BA:34:05:22:9D:03:95:E4:10:9F:E4:FE
X509v3 Authority Key Identifier:
keyid:27:6E:13:52:52:44:AF:0D:2E:64:0A:BA:29:B0:F8:23:6B:C6:1E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J24TUlJErw0uZAq6KbD4I2vGHiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3dd1ae-7b90-4b57-8a3c-4099f4aa9369/1/rBDMNvtz3le6NAUinQOV5BCf5P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/3dd1ae-7b90-4b57-8a3c-4099f4aa9369/1/J24TUlJErw0uZAq6KbD4I2vGHiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.32.0/24
IPv6:
2a07:f200::/29
Signature Algorithm: sha256WithRSAEncryption
f1:5b:0b:ff:f4:ea:5c:67:fc:00:d3:91:87:78:0c:14:5b:a5:
a4:c3:66:ce:d1:b2:f3:b6:99:98:e9:5b:3c:90:63:1a:87:01:
9c:72:2d:7c:10:1d:d6:30:89:32:a2:d4:6a:83:a8:03:e5:ec:
8a:fc:68:fe:e5:ad:73:02:b3:67:91:8e:4a:df:a6:bd:24:42:
cf:b9:a4:c9:7c:cf:69:80:32:e8:eb:e1:84:2b:81:50:e1:51:
71:93:80:05:df:ae:0b:1a:32:72:5e:50:8f:d6:ba:ee:f4:f3:
ab:82:fe:20:75:cb:75:c0:07:7d:05:85:7a:c8:d9:c7:a6:7e:
ed:36:7f:e9:69:c1:49:9b:89:d6:c6:2a:db:e0:16:bf:56:0f:
11:c4:63:e0:18:af:e8:40:e6:50:60:e7:6c:46:7f:ae:a6:c0:
e5:7b:5d:68:15:6d:e5:2e:63:d0:f1:14:b3:a8:c9:42:17:52:
ff:a4:8b:9d:66:be:a6:8d:10:f8:c2:e9:52:6b:3a:81:63:3d:
f1:3d:b4:0c:12:f2:46:8d:c9:17:72:ee:f7:87:85:19:c6:f3:
5a:a2:55:0a:91:99:3b:49:66:3e:9f:63:12:6e:a4:3d:29:46:
4a:9f:33:86:9f:35:7b:e4:e4:15:e2:4a:00:83:74:c3:47:5b:
a1:8e:ac:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNp3BCOJuARj0WiBlbPEftPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NmUxMzUyNTI0NGFmMGQyZTY0MGFiYTI5YjBmODIzNmJj
NjFlMjAwHhcNMjQxMTI2MTkwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzEwY2MzNmZiNzNkZTU3YmEzNDA1MjI5ZDAzOTVlNDEwOWZlNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDiK03IhQUyO8wVv+bNt+YlMJHHP
JXHJ5VQQ2VocC2iQLQkJN7mayzoI1TmjCV6b9vKeYoTQHw0O7YYRKMKBvJApBUNW
9SnKdXYdh8BpPM79zxrVpTsXcTQHMOzLacntvAXpnQ9a2Yqv4IIP1S0EnWNzLd7p
a2PTMqq42tWFCWa3xaZ8f5AFgC4f9EiUJpWyMC2hHJjZxOG/kO3FHae6S6ifJ6Qh
teND3V82M30DyUe08M8/b7YVMZGrIU3f1+g5eKW6GEk+UaGXNtYOCcgVNBRyVy1N
6w1j1hrLsTz4iEMtsm3a5AYWcUPa6dbMDO1F88cAJos19jWFUWCXBapPqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKwQzDb7c95XujQFIp0DleQQn+T+MB8GA1UdIwQY
MBaAFCduE1JSRK8NLmQKuimw+CNrxh4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjI0VFVsSkVydzB1WkFxNktiRDRJMnZHSGlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8zZGQxYWUtN2I5MC00YjU3LThhM2Mt
NDA5OWY0YWE5MzY5LzEvckJETU52dHozbGU2TkFVaW5RT1Y1QkNmNVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8zZGQxYWUtN2I5MC00YjU3LThhM2MtNDA5OWY0YWE5MzY5
LzEvSjI0VFVsSkVydzB1WkFxNktiRDRJMnZHSGlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwREgMA0E
AgACMAcDBQMqB/IAMA0GCSqGSIb3DQEBCwUAA4IBAQDxWwv/9OpcZ/wA05GHeAwU
W6Wkw2bO0bLztpmY6Vs8kGMahwGcci18EB3WMIkyotRqg6gD5eyK/Gj+5a1zArNn
kY5K36a9JELPuaTJfM9pgDLo6+GEK4FQ4VFxk4AF364LGjJyXlCP1rru9POrgv4g
dct1wAd9BYV6yNnHpn7tNn/pacFJm4nWxirb4Ba/Vg8RxGPgGK/oQOZQYOdsRn+u
psDle11oFW3lLmPQ8RSzqMlCF1L/pIudZr6mjRD4wulSazqBYz3xPbQMEvJGjckX
cu73h4UZxvNaolUKkZk7SWY+n2MSbqQ9KUZKnzOGnzV75OQV4koAg3TDR1uhjqw4
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:05:23 2025 by rpki-client