Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/769596-2c4a-4ad8-86cf-b309112d2eec/1/PwevRNQkWpat4GaSOKu1MENCO9k.roa
File: PwevRNQkWpat4GaSOKu1MENCO9k.roa (raw, json)
Hash identifier: CqKZWfLJaGcTZBPN3djBnOaMfXH3/HDeOemVrR9HDz0=
Subject key identifier: 3F:07:AF:44:D4:24:5A:96:AD:E0:66:92:38:AB:B5:30:43:42:3B:D9
Certificate issuer: /CN=6020bdba46ce50c0aa0c41f0b1b49fa7ed6810cb
Certificate serial: 018DE9807C574E4FF6CB9B0E69BBAA75B38A
Authority key identifier: 60:20:BD:BA:46:CE:50:C0:AA:0C:41:F0:B1:B4:9F:A7:ED:68:10:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YCC9ukbOUMCqDEHwsbSfp-1oEMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/769596-2c4a-4ad8-86cf-b309112d2eec/1/PwevRNQkWpat4GaSOKu1MENCO9k.roa
Signing time: Tue 27 Feb 2024 07:38:48 +0000
ROA not before: Tue 27 Feb 2024 07:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202494
IP address blocks: 193.148.40.0/22 maxlen: 24
193.148.40.0/24 maxlen: 24
193.148.41.0/24 maxlen: 24
193.148.42.0/24 maxlen: 24
193.148.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:80:7c:57:4e:4f:f6:cb:9b:0e:69:bb:aa:75:b3:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6020bdba46ce50c0aa0c41f0b1b49fa7ed6810cb
Validity
Not Before: Feb 27 07:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f07af44d4245a96ade0669238abb53043423bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e6:65:1a:9c:7c:63:d9:e1:31:e1:66:6b:2b:
ed:28:64:99:c8:92:14:75:47:f6:ee:d0:f7:e1:17:
b7:e7:b9:04:34:72:f7:a9:d9:78:7f:9b:9e:21:5b:
49:5e:82:fb:ef:54:b1:76:aa:a2:ba:63:30:28:4a:
bd:e9:3a:ce:51:93:11:d4:ed:88:d6:e5:e9:4c:ac:
d8:fb:46:ed:63:e7:ee:6f:29:29:ee:c2:f0:59:ee:
f0:ea:10:46:4e:0b:8e:b7:bc:56:21:9d:22:06:62:
5c:9a:2e:64:b0:7f:c5:3a:b3:cf:25:b3:ce:49:89:
4d:17:0e:ea:25:a0:63:d2:ca:b9:fe:45:10:fb:f6:
95:ec:95:a5:a3:b4:3c:0e:e5:d3:14:40:ed:81:3a:
7a:0a:13:24:ee:43:a8:be:4f:57:c8:8a:5a:04:cd:
ea:e2:48:79:70:04:ed:f9:76:06:cf:e5:7a:71:74:
a4:78:60:99:cd:08:a3:43:9a:a1:91:26:07:8e:1e:
24:08:37:df:ca:46:d5:61:86:a1:a3:4e:89:11:b7:
d2:9b:67:4c:48:58:ee:5f:af:3c:ff:ff:c5:da:8a:
ad:84:b0:b3:62:4b:5d:f3:94:59:38:62:2e:64:ba:
45:d8:0d:89:29:32:32:1a:39:00:8d:97:e4:18:89:
7a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:07:AF:44:D4:24:5A:96:AD:E0:66:92:38:AB:B5:30:43:42:3B:D9
X509v3 Authority Key Identifier:
keyid:60:20:BD:BA:46:CE:50:C0:AA:0C:41:F0:B1:B4:9F:A7:ED:68:10:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YCC9ukbOUMCqDEHwsbSfp-1oEMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/769596-2c4a-4ad8-86cf-b309112d2eec/1/PwevRNQkWpat4GaSOKu1MENCO9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/769596-2c4a-4ad8-86cf-b309112d2eec/1/YCC9ukbOUMCqDEHwsbSfp-1oEMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:8d:f8:59:86:7f:dd:ed:51:54:ad:6a:b1:d7:b4:9d:88:15:
be:25:5b:49:f3:10:35:64:b0:0b:8d:6c:ad:5b:51:b7:eb:c3:
c9:45:4f:a3:31:8c:d8:aa:c7:c0:0b:ae:ca:3e:cf:03:30:84:
bb:8e:bd:56:cb:af:26:e8:e2:1c:36:d8:58:ec:66:26:f3:e3:
8f:89:48:c5:04:14:64:62:05:36:4b:20:70:e3:b1:db:27:a1:
26:20:62:43:25:15:be:77:84:34:ca:92:c0:7c:f0:62:a2:cd:
63:f5:72:d4:dd:39:cd:43:17:44:ce:23:0b:e2:2b:2a:a9:62:
1b:38:7d:3c:25:70:c5:5e:0d:42:35:50:e1:c2:90:d7:ae:36:
fa:73:63:dc:3f:ad:4d:29:76:1c:b8:cd:f2:0f:3f:11:a9:4c:
89:0b:02:0f:9c:f1:81:62:c9:fe:53:c0:5c:e8:6a:10:e1:78:
5f:29:d7:a0:ea:a7:13:cf:6f:e0:6d:3a:ae:20:4c:2a:8c:ae:
64:f2:47:74:91:6e:df:7a:ec:de:5c:1e:3e:ba:93:be:5e:cf:
34:e2:e3:94:7d:d9:71:2d:25:81:17:a7:ac:24:a4:35:b7:9d:
a4:36:b3:1e:f6:b8:1e:58:67:a2:25:7d:97:93:00:c9:50:46:
aa:0c:9b:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3pgHxXTk/2y5sOabuqdbOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMjBiZGJhNDZjZTUwYzBhYTBjNDFmMGIxYjQ5ZmE3ZWQ2
ODEwY2IwHhcNMjQwMjI3MDczODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjA3YWY0NGQ0MjQ1YTk2YWRlMDY2OTIzOGFiYjUzMDQzNDIzYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuZlGpx8Y9nhMeFmayvtKGSZyJIU
dUf27tD34Re357kENHL3qdl4f5ueIVtJXoL771SxdqqiumMwKEq96TrOUZMR1O2I
1uXpTKzY+0btY+fubykp7sLwWe7w6hBGTguOt7xWIZ0iBmJcmi5ksH/FOrPPJbPO
SYlNFw7qJaBj0sq5/kUQ+/aV7JWlo7Q8DuXTFEDtgTp6ChMk7kOovk9XyIpaBM3q
4kh5cATt+XYGz+V6cXSkeGCZzQijQ5qhkSYHjh4kCDffykbVYYaho06JEbfSm2dM
SFjuX688///F2oqthLCzYktd85RZOGIuZLpF2A2JKTIyGjkAjZfkGIl69wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8Hr0TUJFqWreBmkjirtTBDQjvZMB8GA1UdIwQY
MBaAFGAgvbpGzlDAqgxB8LG0n6ftaBDLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUNDOXVrYk9VTUNxREVId3NiU2ZwLTFvRU1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83Njk1OTYtMmM0YS00YWQ4LTg2Y2Yt
YjMwOTExMmQyZWVjLzEvUHdldlJOUWtXcGF0NEdhU09LdTFNRU5DTzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83Njk1OTYtMmM0YS00YWQ4LTg2Y2YtYjMwOTExMmQyZWVj
LzEvWUNDOXVrYk9VTUNxREVId3NiU2ZwLTFvRU1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwZQoMA0G
CSqGSIb3DQEBCwUAA4IBAQCnjfhZhn/d7VFUrWqx17SdiBW+JVtJ8xA1ZLALjWyt
W1G368PJRU+jMYzYqsfAC67KPs8DMIS7jr1Wy68m6OIcNthY7GYm8+OPiUjFBBRk
YgU2SyBw47HbJ6EmIGJDJRW+d4Q0ypLAfPBios1j9XLU3TnNQxdEziML4isqqWIb
OH08JXDFXg1CNVDhwpDXrjb6c2PcP61NKXYcuM3yDz8RqUyJCwIPnPGBYsn+U8Bc
6GoQ4XhfKdeg6qcTz2/gbTquIEwqjK5k8kd0kW7feuzeXB4+upO+Xs804uOUfdlx
LSWBF6esJKQ1t52kNrMe9rgeWGeiJX2XkwDJUEaqDJvn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:08 2025 by rpki-client