Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/bPrzCbZwM8NFsEePoIsndtfYPgA.roa
File: bPrzCbZwM8NFsEePoIsndtfYPgA.roa (raw, json)
Hash identifier: rf7q0cYNkLzi48ftDTk6wbYTaXUrNnWgr0o7odYNHp8=
Subject key identifier: 6C:FA:F3:09:B6:70:33:C3:45:B0:47:8F:A0:8B:27:76:D7:D8:3E:00
Certificate issuer: /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial: 018E4E88164667BBCA24CF36049C08C27B61
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/bPrzCbZwM8NFsEePoIsndtfYPgA.roa
Signing time: Sun 17 Mar 2024 22:28:45 +0000
ROA not before: Sun 17 Mar 2024 22:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208324
IP address blocks: 194.127.108.0/24 maxlen: 24
194.127.110.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4e:88:16:46:67:bb:ca:24:cf:36:04:9c:08:c2:7b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
Validity
Not Before: Mar 17 22:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cfaf309b67033c345b0478fa08b2776d7d83e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:85:23:0d:9a:6f:5d:ef:37:99:06:b5:7f:41:
e2:f0:79:16:4d:72:59:01:64:b7:dc:2b:8c:dd:63:
1f:c2:80:9e:72:13:6f:cf:c3:17:88:45:19:f9:b4:
8a:3c:42:5b:e5:80:96:2a:20:f5:d4:9b:33:ec:51:
8c:f5:49:b4:49:05:db:22:b6:b5:8a:32:74:fd:72:
24:ff:2d:35:92:0d:7e:ae:c4:8f:b4:19:3f:87:c5:
7a:da:50:c1:ed:6d:b4:fe:db:9f:8e:a9:6a:63:fe:
4a:ac:d0:4b:13:8f:e5:ab:a2:e6:8e:4c:96:b2:dc:
ff:6f:7c:c0:77:2f:e4:30:c9:28:db:77:90:76:6a:
cf:fb:93:a1:03:58:4f:97:86:4f:55:f1:81:49:0c:
ab:a1:5c:09:b5:94:45:75:15:f9:5e:71:3c:d9:5d:
f3:28:fa:92:87:3d:de:c4:9c:4d:f5:11:1a:98:92:
8e:70:c1:5c:9e:db:46:0d:d1:02:7e:69:53:22:3e:
29:38:fc:6a:80:d0:ba:1a:28:fc:d2:f4:61:6f:6c:
78:4c:28:ed:77:93:79:18:24:0f:ab:ed:39:94:4c:
cb:6b:d0:8d:e3:36:2e:8b:a2:a4:fc:53:02:88:65:
d4:6a:5b:a5:11:45:1b:98:38:6a:e7:06:fd:bf:dd:
7f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:FA:F3:09:B6:70:33:C3:45:B0:47:8F:A0:8B:27:76:D7:D8:3E:00
X509v3 Authority Key Identifier:
keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/bPrzCbZwM8NFsEePoIsndtfYPgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.108.0/24
194.127.110.0/24
Signature Algorithm: sha256WithRSAEncryption
33:f2:80:62:25:35:fb:97:a1:a0:47:57:44:49:5a:9f:cf:81:
28:5e:a4:37:4c:93:dc:1b:48:50:82:19:26:e6:d4:0e:10:90:
99:94:cd:5c:aa:5e:93:91:f7:f8:38:88:04:a6:65:24:aa:0b:
cf:ac:7a:02:7d:29:9b:15:25:04:2a:93:7a:3b:65:67:bf:7a:
a3:3d:45:6b:48:4f:b8:d9:7b:e3:4c:0b:e5:3e:59:54:32:59:
31:8b:9c:6f:42:5a:d9:e4:03:a1:35:bf:25:5e:51:54:0f:f8:
8e:ef:95:65:58:da:e5:92:8f:8c:1a:ba:07:dd:bf:f6:48:de:
e8:dd:18:6b:83:fe:c4:c7:47:24:01:a8:5f:fa:c7:33:1b:c8:
37:cb:c9:24:e8:b9:b7:78:9c:c7:ae:d0:53:61:68:15:06:8d:
96:38:9d:53:77:cc:e6:bd:f0:3b:6e:9b:7d:4e:71:2b:04:31:
4e:b9:67:07:be:1f:9b:8e:c3:05:68:96:a0:f9:49:4b:85:10:
55:19:23:dd:ec:d9:2e:38:e7:5a:55:22:72:71:af:b7:e3:dc:
3d:07:41:fe:bf:74:0c:3e:6a:c8:62:b5:7a:ec:bb:0d:33:00:
a0:cb:c5:02:a3:09:32:45:a0:88:e0:7a:c8:aa:2b:d6:58:f3:
2b:23:90:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5OiBZGZ7vKJM82BJwIwnthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjQwMzE3MjIyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ZhZjMwOWI2NzAzM2MzNDViMDQ3OGZhMDhiMjc3NmQ3ZDgzZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoUjDZpvXe83mQa1f0Hi8HkWTXJZ
AWS33CuM3WMfwoCechNvz8MXiEUZ+bSKPEJb5YCWKiD11Jsz7FGM9Um0SQXbIra1
ijJ0/XIk/y01kg1+rsSPtBk/h8V62lDB7W20/tufjqlqY/5KrNBLE4/lq6LmjkyW
stz/b3zAdy/kMMko23eQdmrP+5OhA1hPl4ZPVfGBSQyroVwJtZRFdRX5XnE82V3z
KPqShz3exJxN9REamJKOcMFcnttGDdECfmlTIj4pOPxqgNC6Gij80vRhb2x4TCjt
d5N5GCQPq+05lEzLa9CN4zYui6Kk/FMCiGXUalulEUUbmDhq5wb9v91/LQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGz68wm2cDPDRbBHj6CLJ3bX2D4AMB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvYlByekNiWndNOE5Gc0VlUG9Jc25kdGZZUGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwn9sAwQA
wn9uMA0GCSqGSIb3DQEBCwUAA4IBAQAz8oBiJTX7l6GgR1dESVqfz4EoXqQ3TJPc
G0hQghkm5tQOEJCZlM1cql6Tkff4OIgEpmUkqgvPrHoCfSmbFSUEKpN6O2Vnv3qj
PUVrSE+42XvjTAvlPllUMlkxi5xvQlrZ5AOhNb8lXlFUD/iO75VlWNrlko+MGroH
3b/2SN7o3Rhrg/7Ex0ckAahf+sczG8g3y8kk6Lm3eJzHrtBTYWgVBo2WOJ1Td8zm
vfA7bpt9TnErBDFOuWcHvh+bjsMFaJag+UlLhRBVGSPd7NkuOOdaVSJyca+349w9
B0H+v3QMPmrIYrV67LsNMwCgy8UCowkyRaCI4HrIqivWWPMrI5BP
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:53 2025 by rpki-client