Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/y10oIqjJgmTrhS3d4jWEbD3NuNM.roa
File: y10oIqjJgmTrhS3d4jWEbD3NuNM.roa (raw, json)
Hash identifier: lxOwUsDiGk1cWbs/4Y7xNG8Hu/IcvhdyPVcy4ppxX4I=
Subject key identifier: CB:5D:28:22:A8:C9:82:64:EB:85:2D:DD:E2:35:84:6C:3D:CD:B8:D3
Certificate issuer: /CN=6977a3116ecc9d7a429f13651613e8ad149ff324
Certificate serial: 0194258F11B87815F48CB4EC8293F225C098
Authority key identifier: 69:77:A3:11:6E:CC:9D:7A:42:9F:13:65:16:13:E8:AD:14:9F:F3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXejEW7MnXpCnxNlFhPorRSf8yQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/y10oIqjJgmTrhS3d4jWEbD3NuNM.roa
Signing time: Thu 02 Jan 2025 05:48:40 +0000
ROA not before: Thu 02 Jan 2025 05:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58051
IP address blocks: 193.105.207.0/24 maxlen: 24
2a01:fdc1::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Feb 2025 14:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:11:b8:78:15:f4:8c:b4:ec:82:93:f2:25:c0:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6977a3116ecc9d7a429f13651613e8ad149ff324
Validity
Not Before: Jan 2 05:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb5d2822a8c98264eb852ddde235846c3dcdb8d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:35:f1:72:d5:01:ae:8a:5d:13:93:b4:85:8a:
78:a0:10:17:8d:4b:c2:a9:4b:82:95:d9:7f:86:65:
c2:ce:31:45:9c:ea:c7:4e:b0:08:9d:9b:4b:a8:20:
a3:2c:6d:a4:a6:45:36:f5:23:b8:cf:da:44:92:fd:
ac:67:d5:ba:dd:21:e1:ea:c8:29:20:12:44:a1:86:
98:bb:20:42:d1:b8:c7:17:1d:8c:9d:a5:4a:bb:26:
0d:8a:f4:97:9f:c3:69:3d:e6:58:16:7f:8b:84:ee:
01:4d:99:da:71:7e:29:05:25:64:bb:9f:90:91:40:
09:5c:0d:14:e7:97:31:f9:e1:9c:af:f5:c3:25:ec:
88:6d:9f:d8:ea:d0:45:ec:da:02:f0:fa:44:c8:3e:
85:2b:cc:27:24:74:a0:df:f0:43:0f:9a:22:01:4e:
3c:c9:74:c2:b7:77:8a:2a:01:28:28:6d:df:32:e2:
45:78:35:82:f3:9f:3d:31:b1:a1:f2:f6:b9:46:1e:
80:a4:0c:0e:0e:e2:a9:8f:99:25:d2:6b:9b:09:c8:
37:01:3b:17:d5:17:3d:5c:d8:5c:c1:df:f8:31:54:
c9:c8:15:21:88:69:a2:63:5e:df:06:fa:d3:98:fb:
44:cb:20:1b:9d:a0:72:89:0e:42:c6:1f:08:fe:e9:
11:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5D:28:22:A8:C9:82:64:EB:85:2D:DD:E2:35:84:6C:3D:CD:B8:D3
X509v3 Authority Key Identifier:
keyid:69:77:A3:11:6E:CC:9D:7A:42:9F:13:65:16:13:E8:AD:14:9F:F3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXejEW7MnXpCnxNlFhPorRSf8yQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/y10oIqjJgmTrhS3d4jWEbD3NuNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/aXejEW7MnXpCnxNlFhPorRSf8yQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.207.0/24
IPv6:
2a01:fdc1::/32
Signature Algorithm: sha256WithRSAEncryption
84:ef:34:02:3e:49:6b:a5:3d:d1:ed:d9:e0:6d:4b:da:d9:45:
55:16:b5:8f:89:04:3c:67:6f:70:47:58:ed:a9:e8:db:92:eb:
88:77:8f:ae:73:1f:7a:5f:24:9b:d4:95:e7:f3:db:be:54:e0:
93:8d:97:af:36:99:2c:a5:05:01:28:06:a5:4b:48:a6:ab:ce:
92:6a:ef:11:e1:92:b1:29:ed:c2:ef:82:9e:d6:91:5c:af:82:
ca:85:e6:74:36:fb:4a:ce:3a:d3:d6:44:22:e5:ce:ce:2e:74:
5c:a0:0c:e4:ef:ad:eb:ad:10:65:f7:d1:7f:ea:81:15:43:3e:
ad:c6:ac:b6:c9:51:a1:10:aa:81:be:f9:9d:61:ff:be:af:99:
6b:35:70:96:39:a3:17:53:fb:b5:52:78:94:44:09:eb:5b:e9:
b0:2b:62:56:e3:30:a4:01:da:7c:dc:ef:3d:3f:5c:a1:0c:fb:
5b:de:d7:0e:ea:47:f2:15:57:8c:5f:4c:9c:39:7f:5e:a9:70:
ad:cd:1c:be:47:04:3e:1f:d7:23:ae:f5:e4:29:19:11:d2:4c:
8f:22:4f:71:80:38:24:8d:f6:79:c9:1d:61:01:00:35:a1:cd:
31:61:88:e8:e3:b0:69:a9:f1:f8:84:45:ee:01:bf:9c:91:1d:
e8:63:8d:a2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljxG4eBX0jLTsgpPyJcCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzdhMzExNmVjYzlkN2E0MjlmMTM2NTE2MTNlOGFkMTQ5
ZmYzMjQwHhcNMjUwMTAyMDU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjVkMjgyMmE4Yzk4MjY0ZWI4NTJkZGRlMjM1ODQ2YzNkY2RiOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zXxctUBropdE5O0hYp4oBAXjUvC
qUuCldl/hmXCzjFFnOrHTrAInZtLqCCjLG2kpkU29SO4z9pEkv2sZ9W63SHh6sgp
IBJEoYaYuyBC0bjHFx2MnaVKuyYNivSXn8NpPeZYFn+LhO4BTZnacX4pBSVku5+Q
kUAJXA0U55cx+eGcr/XDJeyIbZ/Y6tBF7NoC8PpEyD6FK8wnJHSg3/BDD5oiAU48
yXTCt3eKKgEoKG3fMuJFeDWC8589MbGh8va5Rh6ApAwODuKpj5kl0mubCcg3ATsX
1Rc9XNhcwd/4MVTJyBUhiGmiY17fBvrTmPtEyyAbnaByiQ5Cxh8I/ukRwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMtdKCKoyYJk64Ut3eI1hGw9zbjTMB8GA1UdIwQY
MBaAFGl3oxFuzJ16Qp8TZRYT6K0Un/MkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhlakVXN01uWHBDbnhObEZoUG9yUlNmOHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85YzY2OTEtYWRhYy00MWU1LThjZTkt
ZjRiN2IzOThjNjM0LzEveTEwb0lxakpnbVRyaFMzZDRqV0ViRDNOdU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85YzY2OTEtYWRhYy00MWU1LThjZTktZjRiN2IzOThjNjM0
LzEvYVhlakVXN01uWHBDbnhObEZoUG9yUlNmOHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwWnPMA0E
AgACMAcDBQAqAf3BMA0GCSqGSIb3DQEBCwUAA4IBAQCE7zQCPklrpT3R7dngbUva
2UVVFrWPiQQ8Z29wR1jtqejbkuuId4+ucx96XySb1JXn89u+VOCTjZevNpkspQUB
KAalS0imq86Sau8R4ZKxKe3C74Ke1pFcr4LKheZ0NvtKzjrT1kQi5c7OLnRcoAzk
763rrRBl99F/6oEVQz6txqy2yVGhEKqBvvmdYf++r5lrNXCWOaMXU/u1UniURAnr
W+mwK2JW4zCkAdp83O89P1yhDPtb3tcO6kfyFVeMX0ycOX9eqXCtzRy+RwQ+H9cj
rvXkKRkR0kyPIk9xgDgkjfZ5yR1hAQA1oc0xYYjo47BpqfH4hEXuAb+ckR3oY42i
-----END CERTIFICATE-----
Generated at Mon Mar 10 00:52:32 2025 by rpki-client