Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/TaqH0h1kwaaGw_KCAj6S_fkwTro.roa
File: TaqH0h1kwaaGw_KCAj6S_fkwTro.roa (raw, json)
Hash identifier: S3OM0TH0j1jiCvRWNm92RDhKo8Q7zn1bSUM5UfSH9Mg=
Subject key identifier: 4D:AA:87:D2:1D:64:C1:A6:86:C3:F2:82:02:3E:92:FD:F9:30:4E:BA
Certificate issuer: /CN=42432a319f54b058372fd32528eae51fc90c15b2
Certificate serial: 0193D44FD6FA367AB69ADA91109649214EA8
Authority key identifier: 42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/TaqH0h1kwaaGw_KCAj6S_fkwTro.roa
Signing time: Tue 17 Dec 2024 11:10:22 +0000
ROA not before: Tue 17 Dec 2024 11:10:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5411
IP address blocks: 93.190.198.0/23 maxlen: 23
93.190.198.0/24 maxlen: 24
93.190.199.0/24 maxlen: 24
213.153.96.0/19 maxlen: 19
213.153.96.0/20 maxlen: 20
213.153.112.0/20 maxlen: 20
2a01:6d00::/32 maxlen: 32
2a01:6d00::/33 maxlen: 33
2a01:6d00:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d4:4f:d6:fa:36:7a:b6:9a:da:91:10:96:49:21:4e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42432a319f54b058372fd32528eae51fc90c15b2
Validity
Not Before: Dec 17 11:10:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4daa87d21d64c1a686c3f282023e92fdf9304eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1e:3a:f6:91:0d:9b:63:a2:e2:3d:06:bf:45:
59:55:20:96:bf:20:f5:d2:12:0f:a5:02:40:2b:ba:
f5:5e:7b:db:f8:7d:a5:e6:b3:19:0e:3b:77:46:d2:
34:ae:ab:89:06:82:bd:c5:a8:6b:8a:1d:aa:ea:f0:
db:58:69:3d:24:9d:c9:a9:21:4b:bc:af:08:00:ec:
17:17:d5:e1:01:e5:f7:57:3b:ab:54:3a:c3:93:c8:
d3:18:4c:f6:13:e6:82:c6:65:16:36:1d:2e:cd:7f:
f8:e2:b1:37:0e:ae:8c:d2:81:33:95:90:90:76:a8:
cb:7b:09:57:9d:ea:47:59:1b:e1:f2:4b:59:89:40:
58:71:3c:3e:4b:4f:a3:f4:28:78:d1:3d:31:c7:8d:
95:db:58:1a:13:d2:fe:b3:a3:fc:ae:13:66:3d:7e:
c9:9a:21:7a:79:e2:67:9d:19:8a:45:4f:ec:a7:1c:
fa:8e:05:a3:64:14:29:db:45:37:ee:d6:14:02:18:
f0:f3:0d:ac:5f:c2:38:ec:45:84:2d:0d:36:4b:63:
66:68:55:ca:a8:9a:f6:bc:2c:c1:67:21:0a:ad:05:
85:50:1c:50:92:31:4d:35:06:96:af:a4:3c:1a:e4:
df:33:1a:29:cb:a3:b5:d5:db:a6:27:77:a8:16:15:
58:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AA:87:D2:1D:64:C1:A6:86:C3:F2:82:02:3E:92:FD:F9:30:4E:BA
X509v3 Authority Key Identifier:
keyid:42:43:2A:31:9F:54:B0:58:37:2F:D3:25:28:EA:E5:1F:C9:0C:15:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/TaqH0h1kwaaGw_KCAj6S_fkwTro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/7ab79c-9dff-4a5d-ae83-131dc2ba2ec8/1/QkMqMZ9UsFg3L9MlKOrlH8kMFbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.198.0/23
213.153.96.0/19
IPv6:
2a01:6d00::/32
Signature Algorithm: sha256WithRSAEncryption
04:ad:64:54:9d:59:ac:da:78:2d:f0:da:c7:86:ae:2c:f2:e7:
2d:72:8f:fb:b5:1c:cb:b3:4f:c4:ec:87:9d:83:c8:27:03:09:
3d:9d:4a:40:c3:a1:25:33:47:8e:63:db:14:fb:8b:de:ff:27:
42:0c:c6:3c:5a:11:cb:17:92:43:00:8f:dc:40:13:c7:79:75:
de:29:67:32:44:50:5b:f1:56:96:b6:ac:11:bb:bf:63:42:c1:
c6:1c:ba:84:f3:1e:21:8f:07:b6:cd:a6:0b:6a:d8:da:41:ca:
6e:f4:7f:92:79:cf:29:9b:15:97:8d:0b:c5:5a:30:02:b4:9b:
f1:ba:ab:1e:d8:bc:9f:ff:79:f9:48:ac:aa:38:99:b2:7f:dc:
53:1e:86:18:1f:15:e8:0c:76:80:8b:6a:3d:7e:c2:0c:9f:15:
cb:06:59:b8:f3:e4:75:19:a4:6f:bd:27:2a:06:34:20:7c:46:
9d:e3:0e:51:17:ba:8c:55:05:13:5e:3f:7e:9e:81:0f:c7:ad:
d4:a7:c5:5d:7a:23:1d:d4:d2:85:da:ef:db:19:c4:4d:b9:b3:
95:0e:e5:05:be:8d:e4:8b:f3:21:00:3d:2b:3a:d7:cb:8f:b2:
bc:87:d2:a0:b9:4e:4d:de:d2:39:b5:37:4d:6e:40:92:21:a1:
a8:37:cf:18
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZPUT9b6Nnq2mtqREJZJIU6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNDMyYTMxOWY1NGIwNTgzNzJmZDMyNTI4ZWFlNTFmYzkw
YzE1YjIwHhcNMjQxMjE3MTExMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGFhODdkMjFkNjRjMWE2ODZjM2YyODIwMjNlOTJmZGY5MzA0ZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB469pENm2Oi4j0Gv0VZVSCWvyD1
0hIPpQJAK7r1Xnvb+H2l5rMZDjt3RtI0rquJBoK9xahrih2q6vDbWGk9JJ3JqSFL
vK8IAOwXF9XhAeX3VzurVDrDk8jTGEz2E+aCxmUWNh0uzX/44rE3Dq6M0oEzlZCQ
dqjLewlXnepHWRvh8ktZiUBYcTw+S0+j9Ch40T0xx42V21gaE9L+s6P8rhNmPX7J
miF6eeJnnRmKRU/spxz6jgWjZBQp20U37tYUAhjw8w2sX8I47EWELQ02S2NmaFXK
qJr2vCzBZyEKrQWFUBxQkjFNNQaWr6Q8GuTfMxopy6O11dumJ3eoFhVYJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE2qh9IdZMGmhsPyggI+kv35ME66MB8GA1UdIwQY
MBaAFEJDKjGfVLBYNy/TJSjq5R/JDBWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMt
MTMxZGMyYmEyZWM4LzEvVGFxSDBoMWt3YWFHd19LQ0FqNlNfZmt3VHJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS83YWI3OWMtOWRmZi00YTVkLWFlODMtMTMxZGMyYmEyZWM4
LzEvUWtNcU1aOVVzRmczTDlNbEtPcmxIOGtNRmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBXb7GAwQF
1ZlgMA0EAgACMAcDBQAqAW0AMA0GCSqGSIb3DQEBCwUAA4IBAQAErWRUnVms2ngt
8NrHhq4s8uctco/7tRzLs0/E7Iedg8gnAwk9nUpAw6ElM0eOY9sU+4ve/ydCDMY8
WhHLF5JDAI/cQBPHeXXeKWcyRFBb8VaWtqwRu79jQsHGHLqE8x4hjwe2zaYLatja
Qcpu9H+Sec8pmxWXjQvFWjACtJvxuqse2Lyf/3n5SKyqOJmyf9xTHoYYHxXoDHaA
i2o9fsIMnxXLBlm48+R1GaRvvScqBjQgfEad4w5RF7qMVQUTXj9+noEPx63Up8Vd
eiMd1NKF2u/bGcRNubOVDuUFvo3ki/MhAD0rOtfLj7K8h9KguU5N3tI5tTdNbkCS
IaGoN88Y
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:44 2025 by rpki-client