Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/39c9e3-f7c2-4298-9666-b825967a757a/1/0lOKYm7qKbzB2f1lvqrxg_ymWMA.roa
File: 0lOKYm7qKbzB2f1lvqrxg_ymWMA.roa (raw, json)
Hash identifier: BEKXX6A0Hkez8DnaqAKB2xI1MdgHWuhz09uJClaLhLw=
Subject key identifier: D2:53:8A:62:6E:EA:29:BC:C1:D9:FD:65:BE:AA:F1:83:FC:A6:58:C0
Certificate issuer: /CN=e3de21b0636c614ebf43664798012afd56c5ee86
Certificate serial: 018CC49327E5DF376CE6672BE183A63ACC8D
Authority key identifier: E3:DE:21:B0:63:6C:61:4E:BF:43:66:47:98:01:2A:FD:56:C5:EE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/494hsGNsYU6_Q2ZHmAEq_VbF7oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/39c9e3-f7c2-4298-9666-b825967a757a/1/0lOKYm7qKbzB2f1lvqrxg_ymWMA.roa
Signing time: Mon 01 Jan 2024 10:30:27 +0000
ROA not before: Mon 01 Jan 2024 10:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200052
IP address blocks: 193.28.252.0/23 maxlen: 23
185.21.216.0/22 maxlen: 22
193.29.6.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:27:e5:df:37:6c:e6:67:2b:e1:83:a6:3a:cc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3de21b0636c614ebf43664798012afd56c5ee86
Validity
Not Before: Jan 1 10:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2538a626eea29bcc1d9fd65beaaf183fca658c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:11:78:7b:45:58:fa:cc:b3:91:2b:70:2f:f9:
ca:22:53:94:79:d9:80:84:f5:bd:d5:dc:d8:d3:2f:
69:0d:8b:15:88:08:1f:64:51:66:90:17:a0:2a:2d:
38:f4:c2:1f:12:ff:2c:b2:6c:17:e2:fe:56:02:8c:
ee:ef:c7:15:d8:9b:b6:57:df:2b:e0:e5:40:20:3c:
78:80:1b:48:75:17:05:64:ad:11:60:b1:5a:a4:75:
20:03:16:69:29:a4:29:58:41:ee:90:a2:71:6d:05:
8e:62:cc:d1:ce:71:22:3a:38:24:1e:d2:02:f4:fa:
31:61:af:12:bb:02:38:90:49:35:9a:83:3e:51:2b:
69:de:59:c5:7b:e4:97:f4:7a:f5:4a:8c:7f:19:1f:
8f:f4:c5:dd:0f:8d:6e:4b:80:5b:01:02:2d:32:a0:
02:e0:07:af:5c:5e:27:bf:5f:f0:2a:37:12:25:96:
9f:47:78:76:5e:23:f4:fe:5d:d3:ba:fc:55:7c:1d:
76:c8:0a:c3:57:13:88:b7:9f:c8:c6:eb:2e:8d:46:
c6:b1:7e:11:b0:0e:14:54:a9:fa:86:77:d1:d1:9c:
06:3c:43:1d:da:1c:d5:33:ec:6d:81:f7:23:9c:49:
c3:8b:a5:dd:cf:d9:fd:8f:c1:a9:12:bc:45:5b:76:
c0:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:53:8A:62:6E:EA:29:BC:C1:D9:FD:65:BE:AA:F1:83:FC:A6:58:C0
X509v3 Authority Key Identifier:
keyid:E3:DE:21:B0:63:6C:61:4E:BF:43:66:47:98:01:2A:FD:56:C5:EE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/494hsGNsYU6_Q2ZHmAEq_VbF7oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/39c9e3-f7c2-4298-9666-b825967a757a/1/0lOKYm7qKbzB2f1lvqrxg_ymWMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/39c9e3-f7c2-4298-9666-b825967a757a/1/494hsGNsYU6_Q2ZHmAEq_VbF7oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.216.0/22
193.28.252.0/23
193.29.6.0/23
Signature Algorithm: sha256WithRSAEncryption
13:7d:d2:81:6f:ec:25:c6:d8:7e:93:28:f1:6b:a0:34:ad:b8:
9e:6f:17:9b:c6:67:d2:67:27:7c:e5:b9:c2:12:a0:f7:11:8d:
9f:61:e0:ca:d5:74:2b:20:59:01:10:ae:15:c8:91:8c:e4:d5:
78:6c:fb:f5:48:07:da:01:22:9d:5a:41:70:f8:e7:76:f7:dd:
8a:ec:e3:f4:62:d7:dd:18:c4:94:eb:31:6f:4a:7d:82:a7:03:
31:57:d3:fc:e1:d6:bb:09:36:86:0f:71:46:3a:46:43:5b:89:
04:91:3f:43:d0:fb:28:e2:31:cd:a4:f3:bd:58:f5:2b:08:42:
4f:4c:a9:31:2d:da:c9:76:0b:09:ad:05:a3:bc:91:10:c3:8c:
db:38:e6:a8:74:ea:c4:75:5c:b7:cd:28:c0:15:1e:79:70:27:
81:d5:85:dc:28:38:e1:a5:02:b6:25:9d:5c:c0:0b:ce:d8:ce:
d0:f5:4b:78:14:05:39:c0:bc:ea:6a:89:7c:70:82:0d:8b:3e:
6c:54:42:98:82:cc:5b:45:b1:19:02:0b:b2:fc:10:4c:34:1f:
8f:c4:bf:9a:41:dc:79:55:2a:db:60:30:ad:96:1f:4a:d5:7f:
57:51:d0:f4:70:11:33:74:2b:15:4f:ce:d8:91:0e:2c:8b:02:
79:28:58:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzEkyfl3zds5mcr4YOmOsyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZGUyMWIwNjM2YzYxNGViZjQzNjY0Nzk4MDEyYWZkNTZj
NWVlODYwHhcNMjQwMTAxMTAzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjUzOGE2MjZlZWEyOWJjYzFkOWZkNjViZWFhZjE4M2ZjYTY1OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRF4e0VY+syzkStwL/nKIlOUedmA
hPW91dzY0y9pDYsViAgfZFFmkBegKi049MIfEv8ssmwX4v5WAozu78cV2Ju2V98r
4OVAIDx4gBtIdRcFZK0RYLFapHUgAxZpKaQpWEHukKJxbQWOYszRznEiOjgkHtIC
9PoxYa8SuwI4kEk1moM+UStp3lnFe+SX9Hr1Sox/GR+P9MXdD41uS4BbAQItMqAC
4AevXF4nv1/wKjcSJZafR3h2XiP0/l3TuvxVfB12yArDVxOIt5/IxusujUbGsX4R
sA4UVKn6hnfR0ZwGPEMd2hzVM+xtgfcjnEnDi6Xdz9n9j8GpErxFW3bAQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNJTimJu6im8wdn9Zb6q8YP8pljAMB8GA1UdIwQY
MBaAFOPeIbBjbGFOv0NmR5gBKv1Wxe6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDk0aHNHTnNZVTZfUTJaSG1BRXFfVmJGN29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zOWM5ZTMtZjdjMi00Mjk4LTk2NjYt
YjgyNTk2N2E3NTdhLzEvMGxPS1ltN3FLYnpCMmYxbHZxcnhnX3ltV01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zOWM5ZTMtZjdjMi00Mjk4LTk2NjYtYjgyNTk2N2E3NTdh
LzEvNDk0aHNHTnNZVTZfUTJaSG1BRXFfVmJGN29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuRXYAwQB
wRz8AwQBwR0GMA0GCSqGSIb3DQEBCwUAA4IBAQATfdKBb+wlxth+kyjxa6A0rbie
bxebxmfSZyd85bnCEqD3EY2fYeDK1XQrIFkBEK4VyJGM5NV4bPv1SAfaASKdWkFw
+Od2992K7OP0YtfdGMSU6zFvSn2CpwMxV9P84da7CTaGD3FGOkZDW4kEkT9D0Pso
4jHNpPO9WPUrCEJPTKkxLdrJdgsJrQWjvJEQw4zbOOaodOrEdVy3zSjAFR55cCeB
1YXcKDjhpQK2JZ1cwAvO2M7Q9Ut4FAU5wLzqaol8cIINiz5sVEKYgsxbRbEZAguy
/BBMNB+PxL+aQdx5VSrbYDCtlh9K1X9XUdD0cBEzdCsVT87YkQ4siwJ5KFjf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:37 2025 by rpki-client