Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/777038-31ac-4ef7-988a-35b19cf92df9/1/N8AhoL8-YIE9JFTAp1jH2wLTj7U.roa
File: N8AhoL8-YIE9JFTAp1jH2wLTj7U.roa (raw, json)
Hash identifier: m5nKh20xJXT2JCKUo4iaRSIwze29z1yA3XSYhOy60gc=
Subject key identifier: 37:C0:21:A0:BF:3E:60:81:3D:24:54:C0:A7:58:C7:DB:02:D3:8F:B5
Certificate issuer: /CN=6b03584bce542e554e3227909443f6822c3e4f03
Certificate serial: 018CC4253ED7EB9709888D212312FAFF8CAD
Authority key identifier: 6B:03:58:4B:CE:54:2E:55:4E:32:27:90:94:43:F6:82:2C:3E:4F:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/awNYS85ULlVOMieQlEP2giw-TwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/777038-31ac-4ef7-988a-35b19cf92df9/1/N8AhoL8-YIE9JFTAp1jH2wLTj7U.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29682
IP address blocks: 193.22.0.0/24 maxlen: 24
2001:67c:21b8::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3e:d7:eb:97:09:88:8d:21:23:12:fa:ff:8c:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b03584bce542e554e3227909443f6822c3e4f03
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37c021a0bf3e60813d2454c0a758c7db02d38fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:99:80:9a:a8:ff:7b:ab:83:78:97:c3:96:11:
24:42:d2:e0:a4:46:80:85:eb:68:ab:88:1b:47:d8:
9e:ee:1a:12:9b:f7:8f:87:72:09:8b:8e:a7:2e:86:
e2:95:51:59:d1:81:59:4d:52:4e:18:1a:90:da:e5:
dd:30:7a:38:57:3c:eb:c7:c6:5d:aa:5e:d5:d8:ca:
74:fe:a4:1e:d8:e7:34:4a:48:d2:66:c0:6d:f0:17:
41:53:bb:fd:03:84:cc:55:91:7b:e8:f3:bd:37:55:
0a:c5:33:47:65:e6:e0:55:0c:a7:ce:37:97:d7:e0:
74:c7:8c:d0:50:76:25:b0:a0:9e:ca:1e:9e:73:57:
db:bc:7e:bc:52:a6:48:a8:1e:ef:70:2b:92:ac:67:
b8:b3:cd:ae:b3:0b:04:8d:83:3b:96:22:a8:30:ef:
79:7c:ea:89:2a:81:cc:17:2d:59:6e:82:c5:ab:98:
50:66:ab:ae:d3:be:43:09:4e:cf:83:c0:3a:74:de:
13:ff:74:1f:4b:e2:77:88:9a:44:ee:59:79:ce:82:
48:34:30:cc:ea:72:35:2d:63:92:4f:25:2b:0e:36:
29:08:69:45:f9:07:29:b6:af:b4:44:71:20:4f:ed:
36:b5:bb:13:69:26:6e:f7:8c:32:7d:fb:79:91:b4:
d0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C0:21:A0:BF:3E:60:81:3D:24:54:C0:A7:58:C7:DB:02:D3:8F:B5
X509v3 Authority Key Identifier:
keyid:6B:03:58:4B:CE:54:2E:55:4E:32:27:90:94:43:F6:82:2C:3E:4F:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/awNYS85ULlVOMieQlEP2giw-TwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/777038-31ac-4ef7-988a-35b19cf92df9/1/N8AhoL8-YIE9JFTAp1jH2wLTj7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/777038-31ac-4ef7-988a-35b19cf92df9/1/awNYS85ULlVOMieQlEP2giw-TwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.0.0/24
IPv6:
2001:67c:21b8::/48
Signature Algorithm: sha256WithRSAEncryption
71:fd:7b:64:04:50:8c:02:5b:5a:ed:d6:a6:85:78:bd:5f:4e:
92:fd:4f:c6:4e:fd:82:d2:61:77:9d:f0:e8:87:fc:cf:65:b6:
06:b7:1f:11:44:ef:0a:f5:5d:1e:7e:71:1a:bd:ad:80:bf:60:
47:3f:dd:55:87:d1:11:ed:8a:c8:6d:61:c0:b7:f0:3f:7e:06:
df:f4:51:8a:5f:87:52:a2:c0:4d:d9:d2:af:a1:39:50:80:bd:
75:e9:49:0e:87:47:e9:54:0d:39:f4:23:61:47:dc:5a:6d:30:
16:39:94:43:16:7d:54:79:f3:3d:fc:d1:0b:bf:b1:6f:4c:19:
1a:16:62:18:6c:c9:0d:96:e2:c7:d9:e0:9b:94:74:c7:a5:81:
f2:94:1d:f0:98:ca:14:aa:59:59:79:54:3f:5e:a6:ef:d8:64:
96:bf:0a:bb:ba:99:2b:22:23:b6:bf:6a:50:24:f1:a7:a2:68:
fe:ae:df:dd:1c:48:90:d4:23:d5:83:47:6b:79:56:0e:7c:f6:
2e:bb:89:d1:1f:cb:58:6d:75:50:d7:05:d3:73:88:f0:97:fd:
56:c3:b9:f8:f5:e1:aa:21:1a:1b:27:49:13:70:26:90:0c:9c:
79:b9:86:41:5c:bd:d9:18:49:4f:94:3e:71:f8:64:96:0c:43:
71:cf:b9:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJT7X65cJiI0hIxL6/4ytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMDM1ODRiY2U1NDJlNTU0ZTMyMjc5MDk0NDNmNjgyMmMz
ZTRmMDMwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2MwMjFhMGJmM2U2MDgxM2QyNDU0YzBhNzU4YzdkYjAyZDM4ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5mAmqj/e6uDeJfDlhEkQtLgpEaA
hetoq4gbR9ie7hoSm/ePh3IJi46nLobilVFZ0YFZTVJOGBqQ2uXdMHo4Vzzrx8Zd
ql7V2Mp0/qQe2Oc0SkjSZsBt8BdBU7v9A4TMVZF76PO9N1UKxTNHZebgVQynzjeX
1+B0x4zQUHYlsKCeyh6ec1fbvH68UqZIqB7vcCuSrGe4s82uswsEjYM7liKoMO95
fOqJKoHMFy1ZboLFq5hQZquu075DCU7Pg8A6dN4T/3QfS+J3iJpE7ll5zoJINDDM
6nI1LWOSTyUrDjYpCGlF+Qcptq+0RHEgT+02tbsTaSZu94wyfft5kbTQqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDfAIaC/PmCBPSRUwKdYx9sC04+1MB8GA1UdIwQY
MBaAFGsDWEvOVC5VTjInkJRD9oIsPk8DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXdOWVM4NVVMbFZPTWllUWxFUDJnaXctVHdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83NzcwMzgtMzFhYy00ZWY3LTk4OGEt
MzViMTljZjkyZGY5LzEvTjhBaG9MOC1ZSUU5SkZUQXAxakgyd0xUajdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy83NzcwMzgtMzFhYy00ZWY3LTk4OGEtMzViMTljZjkyZGY5
LzEvYXdOWVM4NVVMbFZPTWllUWxFUDJnaXctVHdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwRYAMA8E
AgACMAkDBwAgAQZ8IbgwDQYJKoZIhvcNAQELBQADggEBAHH9e2QEUIwCW1rt1qaF
eL1fTpL9T8ZO/YLSYXed8OiH/M9ltga3HxFE7wr1XR5+cRq9rYC/YEc/3VWH0RHt
ishtYcC38D9+Bt/0UYpfh1KiwE3Z0q+hOVCAvXXpSQ6HR+lUDTn0I2FH3FptMBY5
lEMWfVR58z380Qu/sW9MGRoWYhhsyQ2W4sfZ4JuUdMelgfKUHfCYyhSqWVl5VD9e
pu/YZJa/Cru6mSsiI7a/alAk8aeiaP6u390cSJDUI9WDR2t5Vg589i67idEfy1ht
dVDXBdNziPCX/VbDufj14aohGhsnSRNwJpAMnHm5hkFcvdkYSU+UPnH4ZJYMQ3HP
uXc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:54:05 2025 by rpki-client