Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/9KzDlOXpbUACYQXI2w6SHwLyAPc.roa
File: 9KzDlOXpbUACYQXI2w6SHwLyAPc.roa (raw, json)
Hash identifier: v48e0xhlZT+RQASkTCmfukrdOcH4ErO8k+B5xEzV2m0=
Subject key identifier: F4:AC:C3:94:E5:E9:6D:40:02:61:05:C8:DB:0E:92:1F:02:F2:00:F7
Certificate issuer: /CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Certificate serial: 0193697CD9C656C516100BD627F0CDB00CF0
Authority key identifier: EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/9KzDlOXpbUACYQXI2w6SHwLyAPc.roa
Signing time: Tue 26 Nov 2024 17:20:09 +0000
ROA not before: Tue 26 Nov 2024 17:20:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42598
IP address blocks: 194.55.4.0/24 maxlen: 24
194.55.5.0/24 maxlen: 24
194.55.6.0/24 maxlen: 24
2a0c:ca40::/29 maxlen: 29
2a0c:ca40:5::/48 maxlen: 48
2a0c:ca40:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:69:7c:d9:c6:56:c5:16:10:0b:d6:27:f0:cd:b0:0c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Validity
Not Before: Nov 26 17:20:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4acc394e5e96d40026105c8db0e921f02f200f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c6:5e:d3:fb:17:cb:43:87:b5:5d:a6:06:89:
18:1f:fb:dc:ba:c1:9d:29:ba:b5:ab:7f:cf:2c:a8:
2a:f5:0d:7c:ed:ee:7d:3e:47:1b:dd:85:bb:68:02:
a1:9e:05:f4:f1:af:20:40:06:01:91:b1:27:3b:19:
b4:ea:98:50:08:f8:ce:8a:3d:b6:05:ff:89:e0:40:
c8:cf:7a:7b:63:ba:32:68:b1:fb:37:d1:51:41:e5:
29:93:d9:f0:c3:86:ee:d1:7a:ee:60:20:49:2d:ea:
2c:8a:67:48:75:5e:9c:32:b2:4f:5c:e1:6a:0d:5a:
3c:4e:ba:50:d0:8d:fd:0d:ea:0d:23:e5:5a:cf:55:
64:86:fa:d7:8e:cd:85:c6:2c:c2:5a:e4:c6:d8:6e:
ac:e8:fb:67:fd:c3:68:2e:aa:9f:23:11:f2:29:fe:
cd:1d:e5:ad:95:27:aa:81:c3:f9:f3:01:b4:67:86:
d9:67:93:b8:f4:3b:09:30:66:b1:8e:fc:c2:07:ec:
42:1e:a1:0f:38:60:df:56:ef:a3:15:cb:fd:15:4b:
b9:02:d4:50:d1:b4:c3:ee:09:d2:29:6e:62:ec:57:
23:d6:d9:8e:40:93:2d:38:6e:2a:d7:3c:75:62:f5:
94:34:ff:9e:e4:87:e9:12:5f:0c:52:9a:11:cf:97:
d7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AC:C3:94:E5:E9:6D:40:02:61:05:C8:DB:0E:92:1F:02:F2:00:F7
X509v3 Authority Key Identifier:
keyid:EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/9KzDlOXpbUACYQXI2w6SHwLyAPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/63yCLR6UUXyIUVzJs_wr3hKbRUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.4.0-194.55.6.255
IPv6:
2a0c:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
30:de:ec:b6:ed:d1:6f:36:7b:37:bd:64:8a:21:89:b5:70:df:
e9:52:33:0d:b0:30:69:99:a9:1d:55:7b:b9:3e:64:83:6f:16:
5d:2d:1a:d1:2c:08:9f:c6:ff:a7:9d:7a:13:f2:43:10:c5:50:
6c:95:60:c7:26:c7:9c:19:65:08:e1:a3:d1:b4:8a:7d:15:45:
8c:57:be:18:88:03:db:a7:19:59:71:0b:1f:53:96:f7:16:30:
e5:58:d0:b4:8c:57:4c:a2:05:de:c1:c2:57:b7:41:9a:6f:35:
d1:e3:b3:c0:20:86:2c:f1:1a:32:6a:dc:1f:b3:a9:cc:c2:93:
c1:4a:b5:68:87:bd:5c:ce:ed:24:db:76:fc:e9:f4:63:62:17:
6a:d2:89:b0:5b:98:92:57:74:33:96:df:99:b8:2f:59:37:1c:
b3:5b:68:17:1c:26:76:ef:72:a5:e4:77:fe:4d:c3:d9:83:7e:
c9:be:fd:95:ad:17:c3:9a:d3:b9:6d:3c:e7:e2:fa:7f:2e:65:
bc:a0:1f:ac:4b:e7:87:34:ab:66:65:45:ad:6a:b7:7d:80:29:
e2:a5:70:ac:f7:e4:6c:e2:4f:07:c3:5a:d6:06:78:32:43:cd:
29:be:db:95:33:3a:90:1c:4f:8e:72:0c:1a:17:77:ba:41:80:
94:98:99:db
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZNpfNnGVsUWEAvWJ/DNsAzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViN2M4MjJkMWU5NDUxN2M4ODUxNWNjOWIzZmMyYmRlMTI5
YjQ1NGMwHhcNMjQxMTI2MTcyMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFjYzM5NGU1ZTk2ZDQwMDI2MTA1YzhkYjBlOTIxZjAyZjIwMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycZe0/sXy0OHtV2mBokYH/vcusGd
Kbq1q3/PLKgq9Q187e59Pkcb3YW7aAKhngX08a8gQAYBkbEnOxm06phQCPjOij22
Bf+J4EDIz3p7Y7oyaLH7N9FRQeUpk9nww4bu0XruYCBJLeosimdIdV6cMrJPXOFq
DVo8TrpQ0I39DeoNI+Vaz1VkhvrXjs2FxizCWuTG2G6s6Ptn/cNoLqqfIxHyKf7N
HeWtlSeqgcP58wG0Z4bZZ5O49DsJMGaxjvzCB+xCHqEPOGDfVu+jFcv9FUu5AtRQ
0bTD7gnSKW5i7Fcj1tmOQJMtOG4q1zx1YvWUNP+e5IfpEl8MUpoRz5fXxwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPSsw5Tl6W1AAmEFyNsOkh8C8gD3MB8GA1UdIwQY
MBaAFOt8gi0elFF8iFFcybP8K94Sm0VMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjN5Q0xSNlVVWHlJVVZ6SnNfd3IzaEtiUlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xMTkzM2ItZmMwYi00MTBmLTljMzQt
MTA2NDUwNGUyYjk3LzEvOUt6RGxPWHBiVUFDWVFYSTJ3NlNId0x5QVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xMTkzM2ItZmMwYi00MTBmLTljMzQtMTA2NDUwNGUyYjk3
LzEvNjN5Q0xSNlVVWHlJVVZ6SnNfd3IzaEtiUlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBALCNwQD
BADCNwYwDQQCAAIwBwMFAyoMykAwDQYJKoZIhvcNAQELBQADggEBADDe7Lbt0W82
eze9ZIohibVw3+lSMw2wMGmZqR1Ve7k+ZINvFl0tGtEsCJ/G/6edehPyQxDFUGyV
YMcmx5wZZQjho9G0in0VRYxXvhiIA9unGVlxCx9TlvcWMOVY0LSMV0yiBd7Bwle3
QZpvNdHjs8AghizxGjJq3B+zqczCk8FKtWiHvVzO7STbdvzp9GNiF2rSibBbmJJX
dDOW35m4L1k3HLNbaBccJnbvcqXkd/5Nw9mDfsm+/ZWtF8Oa07ltPOfi+n8uZbyg
H6xL54c0q2ZlRa1qt32AKeKlcKz35GziTwfDWtYGeDJDzSm+25UzOpAcT45yDBoX
d7pBgJSYmds=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:49:34 2025 by rpki-client