Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/bEmN9eZvXjk-T0sGEkzcjNnRtY0.roa
File: bEmN9eZvXjk-T0sGEkzcjNnRtY0.roa (raw, json)
Hash identifier: iD8CGSfOAFZ4rGwzSbns8PYDMTVh2PQjBwYVaNUbPHc=
Subject key identifier: 6C:49:8D:F5:E6:6F:5E:39:3E:4F:4B:06:12:4C:DC:8C:D9:D1:B5:8D
Certificate issuer: /CN=c50e0801823f19d51b962ab6d4ebbbc27dd4ed96
Certificate serial: 018CC94AD5EEB9980B0B4EFA7A6781171CD4
Authority key identifier: C5:0E:08:01:82:3F:19:D5:1B:96:2A:B6:D4:EB:BB:C2:7D:D4:ED:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/bEmN9eZvXjk-T0sGEkzcjNnRtY0.roa
Signing time: Tue 02 Jan 2024 08:29:33 +0000
ROA not before: Tue 02 Jan 2024 08:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210917
IP address blocks: 193.30.116.0/24 maxlen: 24
167.94.24.0/24 maxlen: 24
2a13:4b00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:d5:ee:b9:98:0b:0b:4e:fa:7a:67:81:17:1c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c50e0801823f19d51b962ab6d4ebbbc27dd4ed96
Validity
Not Before: Jan 2 08:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c498df5e66f5e393e4f4b06124cdc8cd9d1b58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:18:b1:a6:c5:cd:d8:49:ee:51:29:cc:89:3f:
a8:40:61:76:ef:91:8b:9c:44:18:f7:33:58:3e:85:
c9:eb:ba:54:e1:9d:73:bf:57:6f:8f:41:90:87:b3:
d1:42:3c:31:14:f1:c5:2b:6a:ba:b1:10:76:5a:5a:
a8:97:12:fd:f4:72:61:c1:f1:11:9c:dd:d6:89:d7:
5c:06:8a:33:09:88:c2:44:42:fa:2f:70:3d:ae:d3:
27:b8:9f:76:ac:b8:1b:89:e7:f6:0b:ee:c8:8c:88:
2c:57:dd:4f:bf:6e:cc:eb:3e:9e:62:26:d0:ef:c7:
2b:b6:3e:7a:9c:a2:08:e5:f9:21:56:71:c0:7f:0c:
77:22:c1:c8:91:80:15:ec:de:34:10:97:b3:75:87:
5c:a9:98:89:6c:ec:b9:6a:3d:6d:65:da:96:ae:ed:
56:2c:26:28:d2:51:40:c4:83:b8:92:1c:48:8b:e6:
6c:36:3c:e6:d9:11:83:98:d1:59:80:c5:fd:aa:6e:
31:2f:75:ba:e6:65:63:51:ce:d5:74:37:3f:db:9e:
b7:57:0f:c5:12:c1:06:29:b3:ef:77:7f:8a:27:9a:
6a:03:61:ae:54:ba:19:4e:e4:9f:7f:56:26:ef:17:
41:c2:91:78:13:4a:46:d6:be:e0:81:17:42:87:11:
f6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:49:8D:F5:E6:6F:5E:39:3E:4F:4B:06:12:4C:DC:8C:D9:D1:B5:8D
X509v3 Authority Key Identifier:
keyid:C5:0E:08:01:82:3F:19:D5:1B:96:2A:B6:D4:EB:BB:C2:7D:D4:ED:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/bEmN9eZvXjk-T0sGEkzcjNnRtY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/474f65-fe29-4822-ba14-ce8214cef6b5/1/xQ4IAYI_GdUbliq21Ou7wn3U7ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.94.24.0/24
193.30.116.0/24
IPv6:
2a13:4b00::/29
Signature Algorithm: sha256WithRSAEncryption
75:0e:b8:0c:11:3b:02:40:f9:23:9f:15:ad:15:40:0d:7d:05:
48:cd:87:d7:f1:04:ef:54:b9:7a:38:79:cf:f4:9b:fe:a1:b4:
fd:e4:99:ab:93:8d:22:aa:23:d5:be:44:a3:d0:a7:54:c6:94:
97:71:1f:f4:4f:85:3f:2f:c2:65:28:a8:2f:f3:d7:b3:81:6c:
38:35:7c:a4:88:1f:b8:1b:c6:7b:b1:e3:7f:de:4e:63:10:b8:
41:0f:fd:5e:b5:97:33:bc:ca:fb:17:bf:30:87:a1:f1:6b:db:
72:da:48:07:9a:95:a6:26:a5:4c:cc:89:2e:2a:f1:91:12:a1:
b8:a2:f5:9f:3d:99:7a:76:d6:22:fa:0c:66:f0:c1:75:fc:dc:
7b:ed:8c:a9:e4:e6:3f:f2:6d:30:10:72:91:f8:84:ca:f8:bb:
f5:6f:93:97:8f:89:18:d9:f0:e4:30:5b:f1:56:1a:e8:35:34:
99:05:0d:05:10:67:4a:56:1f:60:19:c4:b3:d2:8f:0b:6c:e1:
ff:45:c1:b5:73:61:96:0f:17:48:5e:fb:da:b1:5b:46:6c:1e:
69:94:8e:49:01:a5:b2:e9:e0:1f:61:13:85:42:82:61:db:46:
93:b4:e8:a4:bf:e5:07:6b:f0:90:31:3e:4a:a6:22:18:4e:22:
26:c1:bc:a4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJStXuuZgLC076emeBFxzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MGUwODAxODIzZjE5ZDUxYjk2MmFiNmQ0ZWJiYmMyN2Rk
NGVkOTYwHhcNMjQwMTAyMDgyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQ5OGRmNWU2NmY1ZTM5M2U0ZjRiMDYxMjRjZGM4Y2Q5ZDFiNThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRixpsXN2EnuUSnMiT+oQGF275GL
nEQY9zNYPoXJ67pU4Z1zv1dvj0GQh7PRQjwxFPHFK2q6sRB2WlqolxL99HJhwfER
nN3WiddcBoozCYjCREL6L3A9rtMnuJ92rLgbief2C+7IjIgsV91Pv27M6z6eYibQ
78crtj56nKII5fkhVnHAfwx3IsHIkYAV7N40EJezdYdcqZiJbOy5aj1tZdqWru1W
LCYo0lFAxIO4khxIi+ZsNjzm2RGDmNFZgMX9qm4xL3W65mVjUc7VdDc/2563Vw/F
EsEGKbPvd3+KJ5pqA2GuVLoZTuSff1Ym7xdBwpF4E0pG1r7ggRdChxH2HwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGxJjfXmb145Pk9LBhJM3IzZ0bWNMB8GA1UdIwQY
MBaAFMUOCAGCPxnVG5YqttTru8J91O2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFE0SUFZSV9HZFVibGlxMjFPdTd3bjNVN1pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80NzRmNjUtZmUyOS00ODIyLWJhMTQt
Y2U4MjE0Y2VmNmI1LzEvYkVtTjllWnZYamstVDBzR0VremNqTm5SdFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80NzRmNjUtZmUyOS00ODIyLWJhMTQtY2U4MjE0Y2VmNmI1
LzEveFE0SUFZSV9HZFVibGlxMjFPdTd3bjNVN1pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAp14YAwQA
wR50MA0EAgACMAcDBQMqE0sAMA0GCSqGSIb3DQEBCwUAA4IBAQB1DrgMETsCQPkj
nxWtFUANfQVIzYfX8QTvVLl6OHnP9Jv+obT95Jmrk40iqiPVvkSj0KdUxpSXcR/0
T4U/L8JlKKgv89ezgWw4NXykiB+4G8Z7seN/3k5jELhBD/1etZczvMr7F78wh6Hx
a9ty2kgHmpWmJqVMzIkuKvGREqG4ovWfPZl6dtYi+gxm8MF1/Nx77Yyp5OY/8m0w
EHKR+ITK+Lv1b5OXj4kY2fDkMFvxVhroNTSZBQ0FEGdKVh9gGcSz0o8LbOH/RcG1
c2GWDxdIXvvasVtGbB5plI5JAaWy6eAfYROFQoJh20aTtOikv+UHa/CQMT5KpiIY
TiImwbyk
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:29:43 2025 by rpki-client