Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/969dc2-fa56-45b6-a3de-52ee43642e10/1/6ZgDPv5MrAEYuANNWuW-0knC2rg.roa
File: 6ZgDPv5MrAEYuANNWuW-0knC2rg.roa (raw, json)
Hash identifier: qYi/syokXLACfEYPsnfJXlB2Zy/QeJFFWrmXZ5gyuaA=
Subject key identifier: E9:98:03:3E:FE:4C:AC:01:18:B8:03:4D:5A:E5:BE:D2:49:C2:DA:B8
Certificate issuer: /CN=8a6060353b98f53316d022fa01d299d75fff22d6
Certificate serial: 0192293FA1B3A24726398CD72CC3C2D32616
Authority key identifier: 8A:60:60:35:3B:98:F5:33:16:D0:22:FA:01:D2:99:D7:5F:FF:22:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imBgNTuY9TMW0CL6AdKZ11__ItY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/969dc2-fa56-45b6-a3de-52ee43642e10/1/6ZgDPv5MrAEYuANNWuW-0knC2rg.roa
Signing time: Wed 25 Sep 2024 12:54:48 +0000
ROA not before: Wed 25 Sep 2024 12:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58245
IP address blocks: 194.33.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:3f:a1:b3:a2:47:26:39:8c:d7:2c:c3:c2:d3:26:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6060353b98f53316d022fa01d299d75fff22d6
Validity
Not Before: Sep 25 12:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e998033efe4cac0118b8034d5ae5bed249c2dab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7e:ee:31:8b:5e:05:88:8c:fc:3c:42:d4:df:
6a:a4:8f:a5:4f:4a:94:6c:f0:9c:fd:35:cd:4a:26:
d6:50:4e:0e:a7:6c:f1:2f:8d:4b:c0:a5:d2:be:56:
e4:49:63:ae:e4:95:7b:91:c0:d7:14:db:b8:7d:42:
73:a2:57:09:2f:9a:2b:7f:8f:d7:3d:68:31:1d:98:
e0:7b:18:96:dc:56:61:8c:e9:06:af:aa:2b:d9:a9:
4e:ac:a8:ba:c5:6e:db:4c:20:0b:8d:d8:9a:d6:d8:
6d:55:d9:38:73:4e:7a:c2:45:27:ea:29:24:37:a3:
4f:e5:30:95:58:31:1a:2b:ff:bb:15:89:e3:c2:b0:
53:d0:04:66:9e:a5:89:e5:16:b1:b5:53:ab:22:23:
1b:b1:dc:d2:ea:b3:b7:1b:b2:d6:b9:bf:df:7c:a6:
3c:29:08:f1:4a:fe:33:c5:55:1c:e0:2c:75:cb:98:
95:da:b4:6c:8a:90:59:c4:f8:1d:c4:1f:8e:b8:2f:
33:73:51:4e:08:51:93:70:9f:42:69:a5:36:fc:2d:
bf:3b:78:88:db:ec:1e:d7:1a:c6:d2:0d:da:9b:cd:
16:0e:58:ff:84:29:88:fe:03:b8:1e:cd:64:08:e5:
27:74:2b:cd:3b:5d:9c:2f:67:ab:85:22:86:81:b5:
60:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:98:03:3E:FE:4C:AC:01:18:B8:03:4D:5A:E5:BE:D2:49:C2:DA:B8
X509v3 Authority Key Identifier:
keyid:8A:60:60:35:3B:98:F5:33:16:D0:22:FA:01:D2:99:D7:5F:FF:22:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imBgNTuY9TMW0CL6AdKZ11__ItY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/969dc2-fa56-45b6-a3de-52ee43642e10/1/6ZgDPv5MrAEYuANNWuW-0knC2rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/969dc2-fa56-45b6-a3de-52ee43642e10/1/imBgNTuY9TMW0CL6AdKZ11__ItY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.109.0/24
Signature Algorithm: sha256WithRSAEncryption
76:c0:8f:4f:a5:98:39:dd:52:a3:34:3c:70:44:e2:0c:3f:6b:
36:6b:10:d7:52:e5:b8:b2:87:55:21:87:a1:62:aa:0b:60:e1:
a0:a2:5d:7b:f1:79:59:9a:30:72:50:79:83:ef:9d:f1:10:b5:
8b:22:18:24:87:f8:17:ca:75:e3:8b:7d:65:46:49:c7:9f:58:
c2:d8:57:bf:f1:8c:f7:dd:46:07:a6:ee:c7:fa:a0:65:34:ab:
22:8c:ff:f3:7c:5a:3b:9c:5d:de:22:7b:07:0e:f8:e5:6f:9b:
13:c7:d5:05:d4:d8:74:ca:50:eb:ae:8b:e2:ea:9e:4b:48:86:
37:13:3d:f6:d0:5e:83:fb:64:df:9c:df:81:81:94:1a:e0:ed:
d1:73:91:f2:1c:fa:43:f9:0f:06:29:f9:99:ae:ac:84:9b:7b:
c5:c8:86:e6:ef:44:04:b3:10:13:9e:e6:1d:ee:1e:93:fc:cc:
04:9a:a4:42:4f:18:b8:6b:cc:3c:0c:23:9f:5c:f6:04:09:dd:
19:41:80:96:79:75:61:6e:b4:a3:22:38:a8:59:e6:84:b6:c7:
52:79:e4:96:4c:a8:68:5f:2c:75:92:1c:d9:1f:33:97:1a:0f:
b3:77:f5:2e:e7:ca:05:6a:ac:c9:a1:1a:47:05:6d:27:81:ad:
e0:8d:e8:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIpP6GzokcmOYzXLMPC0yYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjA2MDM1M2I5OGY1MzMxNmQwMjJmYTAxZDI5OWQ3NWZm
ZjIyZDYwHhcNMjQwOTI1MTI1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTk4MDMzZWZlNGNhYzAxMThiODAzNGQ1YWU1YmVkMjQ5YzJkYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn37uMYteBYiM/DxC1N9qpI+lT0qU
bPCc/TXNSibWUE4Op2zxL41LwKXSvlbkSWOu5JV7kcDXFNu4fUJzolcJL5orf4/X
PWgxHZjgexiW3FZhjOkGr6or2alOrKi6xW7bTCALjdia1thtVdk4c056wkUn6ikk
N6NP5TCVWDEaK/+7FYnjwrBT0ARmnqWJ5RaxtVOrIiMbsdzS6rO3G7LWub/ffKY8
KQjxSv4zxVUc4Cx1y5iV2rRsipBZxPgdxB+OuC8zc1FOCFGTcJ9CaaU2/C2/O3iI
2+we1xrG0g3am80WDlj/hCmI/gO4Hs1kCOUndCvNO12cL2erhSKGgbVgvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOmYAz7+TKwBGLgDTVrlvtJJwtq4MB8GA1UdIwQY
MBaAFIpgYDU7mPUzFtAi+gHSmddf/yLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1CZ05UdVk5VE1XMENMNkFkS1oxMV9fSXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85NjlkYzItZmE1Ni00NWI2LWEzZGUt
NTJlZTQzNjQyZTEwLzEvNlpnRFB2NU1yQUVZdUFOTld1Vy0wa25DMnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85NjlkYzItZmE1Ni00NWI2LWEzZGUtNTJlZTQzNjQyZTEw
LzEvaW1CZ05UdVk5VE1XMENMNkFkS1oxMV9fSXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiFtMA0G
CSqGSIb3DQEBCwUAA4IBAQB2wI9PpZg53VKjNDxwROIMP2s2axDXUuW4sodVIYeh
YqoLYOGgol178XlZmjByUHmD753xELWLIhgkh/gXynXji31lRknHn1jC2Fe/8Yz3
3UYHpu7H+qBlNKsijP/zfFo7nF3eInsHDvjlb5sTx9UF1Nh0ylDrrovi6p5LSIY3
Ez320F6D+2TfnN+BgZQa4O3Rc5HyHPpD+Q8GKfmZrqyEm3vFyIbm70QEsxATnuYd
7h6T/MwEmqRCTxi4a8w8DCOfXPYECd0ZQYCWeXVhbrSjIjioWeaEtsdSeeSWTKho
Xyx1khzZHzOXGg+zd/Uu58oFaqzJoRpHBW0nga3gjeiS
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:44 2025 by rpki-client