Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/309d57-ec82-4b53-bee4-3403cdad2c67/1/CgZTd4dNmMEgNLwZSzWB6POMS2A.roa
File: CgZTd4dNmMEgNLwZSzWB6POMS2A.roa (raw, json)
Hash identifier: xL/0pgG+LdEE6egw/iFG4LDzKJQvg/stPLrSn62D/Q4=
Subject key identifier: 0A:06:53:77:87:4D:98:C1:20:34:BC:19:4B:35:81:E8:F3:8C:4B:60
Certificate issuer: /CN=1102fc0d9ff86fe65c14469d55046e2053bfe5ca
Certificate serial: 018CC3B6C92F182DDFC89A811AB63C13F038
Authority key identifier: 11:02:FC:0D:9F:F8:6F:E6:5C:14:46:9D:55:04:6E:20:53:BF:E5:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EQL8DZ_4b-ZcFEadVQRuIFO_5co.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/309d57-ec82-4b53-bee4-3403cdad2c67/1/CgZTd4dNmMEgNLwZSzWB6POMS2A.roa
Signing time: Mon 01 Jan 2024 06:29:45 +0000
ROA not before: Mon 01 Jan 2024 06:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12795
IP address blocks: 194.246.110.0/24 maxlen: 24
194.246.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c9:2f:18:2d:df:c8:9a:81:1a:b6:3c:13:f0:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1102fc0d9ff86fe65c14469d55046e2053bfe5ca
Validity
Not Before: Jan 1 06:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a065377874d98c12034bc194b3581e8f38c4b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6c:08:88:fc:39:b1:98:8a:60:9a:04:ea:1c:
09:7b:2d:01:b1:a2:2b:f9:ef:cb:e5:9f:c3:29:d8:
58:84:53:1b:6f:e1:ef:be:07:6f:22:ef:ba:6a:00:
56:c4:25:13:73:c9:41:6f:ea:c5:bb:a9:e6:ff:a2:
85:f4:7a:d1:0b:b3:fa:b0:3b:93:41:fe:01:ff:6d:
60:21:c2:fd:a0:64:c3:28:12:48:a5:9f:90:ec:ac:
81:5d:7c:e2:23:6e:60:1f:66:4d:5d:6c:78:b4:89:
ec:d1:31:95:6c:54:a1:b0:35:09:d3:e9:a4:82:69:
f6:78:ec:3f:dc:fd:40:9f:99:f1:b1:78:1a:ed:00:
9a:eb:09:ef:2b:8d:29:62:c5:9c:c4:fc:52:8a:18:
a6:54:65:37:b3:9c:6b:4d:79:21:e6:91:c2:75:ef:
65:72:3a:2c:03:ca:23:c5:04:9b:d7:8a:76:09:28:
98:34:ed:f6:d2:91:69:10:7c:88:81:78:e4:2a:6e:
03:2b:67:32:44:3d:9c:f1:68:94:24:b1:90:56:1e:
44:9e:ad:38:53:f1:c0:74:0e:c9:3b:4c:ba:2a:14:
23:ed:70:45:c3:15:b6:42:eb:16:26:e3:a4:f3:96:
8f:94:18:0d:ab:4c:eb:90:54:2b:44:91:ed:d4:f7:
36:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:06:53:77:87:4D:98:C1:20:34:BC:19:4B:35:81:E8:F3:8C:4B:60
X509v3 Authority Key Identifier:
keyid:11:02:FC:0D:9F:F8:6F:E6:5C:14:46:9D:55:04:6E:20:53:BF:E5:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EQL8DZ_4b-ZcFEadVQRuIFO_5co.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/309d57-ec82-4b53-bee4-3403cdad2c67/1/CgZTd4dNmMEgNLwZSzWB6POMS2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/309d57-ec82-4b53-bee4-3403cdad2c67/1/EQL8DZ_4b-ZcFEadVQRuIFO_5co.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.110.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:30:39:36:5a:cc:96:75:65:14:65:1d:4c:8d:ab:a5:1f:cd:
67:a2:12:af:7c:35:c6:ea:28:ef:e9:47:34:f7:47:79:6d:43:
c9:6b:d9:8c:ab:27:ea:85:40:45:21:79:8c:28:f9:11:2c:7f:
ad:72:e5:db:72:78:25:e3:62:97:7e:0f:c8:7d:a9:b9:c7:1b:
02:eb:d4:e1:93:7e:ef:8a:72:8d:42:c6:7a:fb:ab:35:29:53:
73:9f:81:66:c5:c7:da:11:d7:66:54:d5:d7:4c:ec:ff:7c:8d:
42:3a:6e:f1:73:13:c7:29:cf:ba:00:98:67:62:44:62:db:e5:
c0:dd:8d:8d:e0:fa:0b:1c:1f:2f:51:00:cf:e9:e8:2a:d2:99:
0f:ba:9c:78:0c:4c:12:79:71:7b:1c:a5:5a:f7:62:63:2b:15:
5a:d8:46:e2:ee:14:46:ee:a4:96:bf:0a:06:36:94:e4:f8:1f:
97:49:c6:9b:c5:b8:89:3c:4c:69:67:40:f9:5c:fd:63:7c:bf:
6c:49:f4:9c:4b:36:5b:05:de:63:2e:1a:f4:ef:16:53:3c:5c:
21:b0:12:cd:12:0d:01:eb:3f:30:c0:09:23:93:86:b0:97:e4:
fd:11:b2:6f:3b:f7:dd:3a:88:3e:d5:1c:10:c1:a1:b5:27:3a:
98:5c:7f:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtskvGC3fyJqBGrY8E/A4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMDJmYzBkOWZmODZmZTY1YzE0NDY5ZDU1MDQ2ZTIwNTNi
ZmU1Y2EwHhcNMjQwMTAxMDYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTA2NTM3Nzg3NGQ5OGMxMjAzNGJjMTk0YjM1ODFlOGYzOGM0YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2wIiPw5sZiKYJoE6hwJey0BsaIr
+e/L5Z/DKdhYhFMbb+HvvgdvIu+6agBWxCUTc8lBb+rFu6nm/6KF9HrRC7P6sDuT
Qf4B/21gIcL9oGTDKBJIpZ+Q7KyBXXziI25gH2ZNXWx4tIns0TGVbFShsDUJ0+mk
gmn2eOw/3P1An5nxsXga7QCa6wnvK40pYsWcxPxSihimVGU3s5xrTXkh5pHCde9l
cjosA8ojxQSb14p2CSiYNO320pFpEHyIgXjkKm4DK2cyRD2c8WiUJLGQVh5Enq04
U/HAdA7JO0y6KhQj7XBFwxW2QusWJuOk85aPlBgNq0zrkFQrRJHt1Pc2vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoGU3eHTZjBIDS8GUs1gejzjEtgMB8GA1UdIwQY
MBaAFBEC/A2f+G/mXBRGnVUEbiBTv+XKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVFMOERaXzRiLVpjRkVhZFZRUnVJRk9fNWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zMDlkNTctZWM4Mi00YjUzLWJlZTQt
MzQwM2NkYWQyYzY3LzEvQ2daVGQ0ZE5tTUVnTkx3WlN6V0I2UE9NUzJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS8zMDlkNTctZWM4Mi00YjUzLWJlZTQtMzQwM2NkYWQyYzY3
LzEvRVFMOERaXzRiLVpjRkVhZFZRUnVJRk9fNWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwvZuMA0G
CSqGSIb3DQEBCwUAA4IBAQBtMDk2WsyWdWUUZR1MjaulH81nohKvfDXG6ijv6Uc0
90d5bUPJa9mMqyfqhUBFIXmMKPkRLH+tcuXbcngl42KXfg/Ifam5xxsC69Thk37v
inKNQsZ6+6s1KVNzn4FmxcfaEddmVNXXTOz/fI1COm7xcxPHKc+6AJhnYkRi2+XA
3Y2N4PoLHB8vUQDP6egq0pkPupx4DEwSeXF7HKVa92JjKxVa2Ebi7hRG7qSWvwoG
NpTk+B+XScabxbiJPExpZ0D5XP1jfL9sSfScSzZbBd5jLhr07xZTPFwhsBLNEg0B
6z8wwAkjk4awl+T9EbJvO/fdOog+1RwQwaG1JzqYXH+s
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:08 2025 by rpki-client