Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/_ebRMxmH5KizFz1IETPGn1v9aOU.roa
File: _ebRMxmH5KizFz1IETPGn1v9aOU.roa (raw, json)
Hash identifier: LZZ3BN5oEiVwLRT5urIQRWtTLJAAkgzjM7hHJN41ECE=
Subject key identifier: FD:E6:D1:33:19:87:E4:A8:B3:17:3D:48:11:33:C6:9F:5B:FD:68:E5
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 018CC94C2A37C967A22B47B58D84A0FB91EB
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/_ebRMxmH5KizFz1IETPGn1v9aOU.roa
Signing time: Tue 02 Jan 2024 08:31:01 +0000
ROA not before: Tue 02 Jan 2024 08:31:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2830
IP address blocks: 193.58.223.0/24 maxlen: 24
193.58.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:2a:37:c9:67:a2:2b:47:b5:8d:84:a0:fb:91:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Jan 2 08:31:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fde6d1331987e4a8b3173d481133c69f5bfd68e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ef:3d:c8:43:3d:74:be:e7:f5:31:15:15:12:
bd:f7:e1:4a:d2:88:87:3c:78:ca:34:2f:a9:3d:26:
1f:7b:c5:e2:41:3a:fc:80:91:97:5f:5b:39:ff:4f:
dc:de:8a:d1:0a:a9:ae:5a:fb:c5:52:22:45:6b:b5:
ea:3d:67:1a:ea:a3:ba:36:ac:5a:84:e4:c9:60:06:
56:4e:7b:d5:a1:30:b8:4e:39:77:89:8b:32:99:75:
b7:ce:d5:73:18:13:20:67:d3:93:ed:5b:a7:67:d7:
ce:53:e6:dc:70:5c:8e:04:bc:e2:86:73:f9:5d:cf:
9e:cf:66:91:58:29:c5:fa:b3:ba:9a:f7:b0:b9:6a:
bb:dd:a2:dd:6f:92:79:6e:7e:f8:47:9d:4c:83:27:
6e:1c:38:b1:05:9f:cf:90:c9:b3:cf:d3:90:d2:24:
9d:70:b6:09:2a:e6:6e:54:e1:92:9b:e8:91:c2:a8:
73:74:8d:be:50:68:1e:f0:c7:d2:b7:70:06:cc:22:
8a:6e:cc:d4:60:66:5b:8f:44:c1:3f:02:57:65:36:
04:f0:7b:35:36:fd:75:f8:c5:97:f6:66:43:a3:00:
d1:fe:b4:a0:a3:63:b6:3d:52:2a:aa:73:82:7e:cd:
ac:cb:2f:3b:bd:12:76:b7:18:b4:30:73:9f:61:d4:
dc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E6:D1:33:19:87:E4:A8:B3:17:3D:48:11:33:C6:9F:5B:FD:68:E5
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/_ebRMxmH5KizFz1IETPGn1v9aOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.222.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:53:96:1d:c6:c1:c7:d1:9b:c1:fb:d9:d5:a2:c7:f0:8f:b1:
bd:e3:7b:53:62:5c:dd:b0:28:94:83:bf:1c:c8:42:12:ed:96:
d5:e4:c3:eb:93:24:80:a5:c9:f1:1b:d7:b3:32:36:89:6d:c8:
c0:b4:85:3a:40:2b:90:be:02:fb:d0:26:10:42:c0:5a:8f:cc:
ba:9a:89:fc:6d:63:73:5f:d8:1e:d8:34:65:cc:34:00:d7:eb:
29:41:ab:6e:98:4f:f6:20:46:ff:9b:f9:9d:f9:7a:67:7e:fb:
38:51:29:f2:d1:65:cb:a2:b6:f6:c4:62:c6:ac:3b:c1:45:e0:
aa:5c:ef:ea:8a:bc:2f:e6:37:cd:c0:58:ca:c7:c2:80:f8:af:
74:4e:81:7a:f1:0b:04:ae:12:f2:55:75:a3:30:53:71:c5:da:
ad:ed:85:3e:08:7b:d7:0b:c0:8c:ef:c1:02:ae:2b:f6:c3:97:
50:43:ec:dd:42:24:22:1c:99:8d:5c:b1:eb:de:14:c9:4b:23:
dd:3d:85:7d:ff:ad:44:25:5e:8a:a7:e9:87:c2:c7:cf:f0:f7:
12:83:84:71:07:19:09:34:de:2f:17:d7:a9:9c:42:55:21:6a:
2d:a6:f3:fc:8e:0f:5b:ed:3b:66:0f:88:1f:5e:3c:df:e5:ff:
70:b9:4c:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTCo3yWeiK0e1jYSg+5HrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjQwMTAyMDgzMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGU2ZDEzMzE5ODdlNGE4YjMxNzNkNDgxMTMzYzY5ZjViZmQ2OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu89yEM9dL7n9TEVFRK99+FK0oiH
PHjKNC+pPSYfe8XiQTr8gJGXX1s5/0/c3orRCqmuWvvFUiJFa7XqPWca6qO6Nqxa
hOTJYAZWTnvVoTC4Tjl3iYsymXW3ztVzGBMgZ9OT7VunZ9fOU+bccFyOBLzihnP5
Xc+ez2aRWCnF+rO6mvewuWq73aLdb5J5bn74R51MgyduHDixBZ/PkMmzz9OQ0iSd
cLYJKuZuVOGSm+iRwqhzdI2+UGge8MfSt3AGzCKKbszUYGZbj0TBPwJXZTYE8Hs1
Nv11+MWX9mZDowDR/rSgo2O2PVIqqnOCfs2syy87vRJ2txi0MHOfYdTccwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3m0TMZh+Sosxc9SBEzxp9b/WjlMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvX2ViUk14bUg1S2l6RnoxSUVUUEduMXY5YU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwTreMA0G
CSqGSIb3DQEBCwUAA4IBAQDEU5YdxsHH0ZvB+9nVosfwj7G943tTYlzdsCiUg78c
yEIS7ZbV5MPrkySApcnxG9ezMjaJbcjAtIU6QCuQvgL70CYQQsBaj8y6mon8bWNz
X9ge2DRlzDQA1+spQatumE/2IEb/m/md+Xpnfvs4USny0WXLorb2xGLGrDvBReCq
XO/qirwv5jfNwFjKx8KA+K90ToF68QsErhLyVXWjMFNxxdqt7YU+CHvXC8CM78EC
riv2w5dQQ+zdQiQiHJmNXLHr3hTJSyPdPYV9/61EJV6Kp+mHwsfP8PcSg4RxBxkJ
NN4vF9epnEJVIWotpvP8jg9b7TtmD4gfXjzf5f9wuUzh
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:24:44 2025 by rpki-client