Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/8zQ-VAx8KcCGvzuMgAIISBu125Y.roa
File: 8zQ-VAx8KcCGvzuMgAIISBu125Y.roa (raw, json)
Hash identifier: pAFfBK5YGxYr5cw5CLPVID2FwDY/T+8VypBCb1p0XF0=
Subject key identifier: F3:34:3E:54:0C:7C:29:C0:86:BF:3B:8C:80:02:08:48:1B:B5:DB:96
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 018CCA99BAFFA1F72CB9DF4F6A93C5794568
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/8zQ-VAx8KcCGvzuMgAIISBu125Y.roa
Signing time: Tue 02 Jan 2024 14:35:21 +0000
ROA not before: Tue 02 Jan 2024 14:35:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60721
IP address blocks: 193.135.137.0/24 maxlen: 24
193.135.151.0/24 maxlen: 24
193.135.157.0/24 maxlen: 24
109.234.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 08:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:ba:ff:a1:f7:2c:b9:df:4f:6a:93:c5:79:45:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Jan 2 14:35:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3343e540c7c29c086bf3b8c800208481bb5db96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e4:36:be:f3:a6:ce:f1:21:55:3b:01:6f:21:
70:2c:2a:8b:42:fc:87:2e:ea:c5:15:ae:f4:ce:e1:
02:c5:d0:2f:60:09:b6:89:e5:2f:29:0b:ad:38:d7:
18:4c:f0:14:ec:1a:15:b6:1c:0d:4c:b3:34:af:7b:
72:42:d6:2c:39:3b:3a:67:c7:a3:3f:21:aa:bd:db:
e0:ec:6e:80:58:c3:59:2b:d6:24:0f:bd:d9:3f:79:
54:8b:de:45:99:0c:df:a1:38:ca:7c:ad:2e:63:dc:
e0:90:d8:5a:0b:c8:4c:7b:3b:34:98:53:7b:c9:ae:
d3:8d:f6:7f:e1:51:4e:53:1d:14:be:da:70:da:a5:
87:a6:c8:c1:df:94:55:09:0a:cb:29:b0:6b:ce:c2:
6e:95:a5:cd:47:dc:83:d6:50:79:8c:9f:7d:fa:e6:
ea:a4:54:5f:ea:f2:6f:24:43:f0:85:0b:bd:9b:1d:
7c:b6:48:fa:b8:86:a4:c8:dd:b6:5f:07:2f:ce:9c:
b5:8a:a3:43:8e:4c:2a:fa:07:a0:cc:70:73:bf:ea:
b2:5b:6c:41:4d:e0:1d:7f:b9:4d:ac:49:6d:0b:6d:
3a:ab:56:c0:9d:df:e3:4e:5d:15:8f:1c:c3:5e:23:
44:30:9f:ce:d9:e0:48:f2:f6:79:2a:ef:aa:06:ee:
8e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:34:3E:54:0C:7C:29:C0:86:BF:3B:8C:80:02:08:48:1B:B5:DB:96
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/8zQ-VAx8KcCGvzuMgAIISBu125Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.74.0/24
193.135.137.0/24
193.135.151.0/24
193.135.157.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:68:b6:bb:cf:7e:57:bd:8c:2d:30:22:e0:08:da:7a:22:34:
40:88:45:f3:e5:2a:7d:af:ee:f3:71:54:f1:ce:e3:0d:ab:eb:
8d:a8:00:af:75:ed:da:a5:10:03:ad:97:9c:ea:9f:0a:3c:3b:
97:64:78:21:e8:54:98:c7:46:2a:74:ee:cc:f1:c3:e6:2a:85:
9b:3f:bc:4a:4a:af:ba:b6:25:ea:fe:e0:cb:9d:ed:9b:53:84:
eb:be:84:ca:f8:64:0a:17:f7:d3:7f:d1:43:05:ab:9c:12:20:
96:7a:10:de:0a:77:75:ed:6d:57:51:db:13:df:21:50:95:da:
46:58:78:5b:67:b0:63:5b:73:ba:5d:e3:97:c3:f0:79:0c:dc:
96:1a:f4:7b:38:9f:c2:26:74:51:1a:0d:98:f8:b9:f6:7b:a5:
d1:93:c2:5b:9b:ef:2b:00:90:dc:b9:6f:52:00:81:63:19:5c:
ad:dd:e0:16:a6:c3:a2:3d:56:d8:1a:0e:33:0a:af:4e:0b:e9:
16:72:0f:98:9c:a7:66:05:b5:bd:5d:fd:cb:b2:04:30:55:b2:
4a:ea:0a:59:6d:c1:9c:be:c0:31:d6:53:70:6b:ef:68:04:d8:
2e:e4:1d:27:ff:5e:33:23:bb:25:e2:16:b6:f1:fa:15:41:fc:
3c:f6:00:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKmbr/ofcsud9PapPFeUVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjQwMTAyMTQzNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzM0M2U1NDBjN2MyOWMwODZiZjNiOGM4MDAyMDg0ODFiYjVkYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+Q2vvOmzvEhVTsBbyFwLCqLQvyH
LurFFa70zuECxdAvYAm2ieUvKQutONcYTPAU7BoVthwNTLM0r3tyQtYsOTs6Z8ej
PyGqvdvg7G6AWMNZK9YkD73ZP3lUi95FmQzfoTjKfK0uY9zgkNhaC8hMezs0mFN7
ya7TjfZ/4VFOUx0Uvtpw2qWHpsjB35RVCQrLKbBrzsJulaXNR9yD1lB5jJ99+ubq
pFRf6vJvJEPwhQu9mx18tkj6uIakyN22Xwcvzpy1iqNDjkwq+gegzHBzv+qyW2xB
TeAdf7lNrEltC206q1bAnd/jTl0VjxzDXiNEMJ/O2eBI8vZ5Ku+qBu6ODQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPM0PlQMfCnAhr87jIACCEgbtduWMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvOHpRLVZBeDhLY0NHdnp1TWdBSUlTQnUxMjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbepKAwQA
wYeJAwQAwYeXAwQAwYedMA0GCSqGSIb3DQEBCwUAA4IBAQANaLa7z35XvYwtMCLg
CNp6IjRAiEXz5Sp9r+7zcVTxzuMNq+uNqACvde3apRADrZec6p8KPDuXZHgh6FSY
x0YqdO7M8cPmKoWbP7xKSq+6tiXq/uDLne2bU4TrvoTK+GQKF/fTf9FDBaucEiCW
ehDeCnd17W1XUdsT3yFQldpGWHhbZ7BjW3O6XeOXw/B5DNyWGvR7OJ/CJnRRGg2Y
+Ln2e6XRk8Jbm+8rAJDcuW9SAIFjGVyt3eAWpsOiPVbYGg4zCq9OC+kWcg+YnKdm
BbW9Xf3LsgQwVbJK6gpZbcGcvsAx1lNwa+9oBNgu5B0n/14zI7sl4ha28foVQfw8
9gDC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:01 2025 by rpki-client