Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/DeSBN9nSPjlxegcQgzXzUB16arI.roa
File: DeSBN9nSPjlxegcQgzXzUB16arI.roa (raw, json)
Hash identifier: ipZ8FcpaYRWxWS6hHY1ujd934urcDhcbf4AvD7JrYYI=
Subject key identifier: 0D:E4:81:37:D9:D2:3E:39:71:7A:07:10:83:35:F3:50:1D:7A:6A:B2
Certificate issuer: /CN=90f76537ff745893e3142fa0984f449b725b8fd3
Certificate serial: 018CC72715E84C99546A6F20D080C5F20675
Authority key identifier: 90:F7:65:37:FF:74:58:93:E3:14:2F:A0:98:4F:44:9B:72:5B:8F:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPdlN_90WJPjFC-gmE9Em3Jbj9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/DeSBN9nSPjlxegcQgzXzUB16arI.roa
Signing time: Mon 01 Jan 2024 22:31:16 +0000
ROA not before: Mon 01 Jan 2024 22:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29008
IP address blocks: 194.156.20.0/23 maxlen: 23
213.166.224.0/19 maxlen: 19
2a02:958::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:15:e8:4c:99:54:6a:6f:20:d0:80:c5:f2:06:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f76537ff745893e3142fa0984f449b725b8fd3
Validity
Not Before: Jan 1 22:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0de48137d9d23e39717a07108335f3501d7a6ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3c:a6:66:53:5c:bb:c4:34:42:4e:49:ac:58:
38:7b:07:95:94:45:c6:03:29:88:7a:8b:cc:5b:70:
6f:2f:fb:69:3b:33:59:0c:7d:2a:78:68:bb:e6:72:
03:79:49:24:b6:7d:e1:27:33:01:23:82:a6:56:e3:
7c:fe:b1:cf:f7:7e:ac:f7:cd:bc:46:d0:ad:cf:1f:
69:1c:f5:07:d4:66:cc:b3:8b:09:1d:0c:ec:3a:cb:
9e:08:89:3b:de:ed:0c:3d:df:3c:f2:27:9a:96:a6:
d2:6b:b6:ef:78:6f:25:5c:64:f7:90:b3:6b:0e:af:
5a:18:b1:c2:76:2f:34:93:8b:6b:fb:5f:2e:d3:98:
fc:cf:6b:17:71:68:7c:09:08:aa:01:56:cc:fb:ea:
30:6b:0e:0c:96:b2:52:32:db:9e:a7:89:88:09:6f:
f6:25:5a:67:bd:ac:67:57:be:fe:74:55:10:dd:a8:
07:2d:d3:f0:63:c7:4b:91:5f:5a:5d:84:15:8f:00:
82:e6:33:1e:41:74:02:47:18:77:1a:bf:75:3e:37:
97:da:b0:de:74:e3:25:e4:50:fa:6c:d8:92:d7:fa:
5f:1f:87:b4:c4:25:c4:f9:ba:43:2a:04:8d:98:4b:
a5:f4:86:a7:ee:5d:4f:f9:c5:7f:ee:a7:8a:88:13:
89:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E4:81:37:D9:D2:3E:39:71:7A:07:10:83:35:F3:50:1D:7A:6A:B2
X509v3 Authority Key Identifier:
keyid:90:F7:65:37:FF:74:58:93:E3:14:2F:A0:98:4F:44:9B:72:5B:8F:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPdlN_90WJPjFC-gmE9Em3Jbj9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/DeSBN9nSPjlxegcQgzXzUB16arI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4f7680-81ab-4c1f-a07b-7c62d5c315bf/1/kPdlN_90WJPjFC-gmE9Em3Jbj9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.20.0/23
213.166.224.0/19
IPv6:
2a02:958::/32
Signature Algorithm: sha256WithRSAEncryption
72:34:62:03:69:5f:92:7d:1b:12:45:0e:8c:85:61:64:ec:34:
5d:c1:a5:4c:4d:5d:d1:48:44:f1:e0:b8:5f:77:62:04:6f:81:
b2:9f:97:a4:76:43:01:1f:1b:0a:9b:8b:b6:49:42:56:ad:f2:
62:ac:23:83:38:81:2b:df:1f:83:e1:62:41:c7:6b:f6:c0:f8:
78:ef:4b:9e:18:9b:ff:41:58:a8:29:55:42:ad:01:26:a3:f9:
d2:53:43:c0:77:4d:29:eb:87:82:58:84:ef:f1:e5:8c:98:1e:
4e:e4:42:b2:d1:87:d8:95:6e:e8:86:f6:a8:77:a3:dd:ca:ee:
20:f3:1b:f1:07:33:0c:de:42:e9:cd:0a:4f:8b:f1:5e:80:99:
d5:2e:ce:25:7f:65:5f:32:78:5b:dd:ac:8a:05:54:aa:3d:8a:
01:81:dd:76:1c:ba:d2:59:28:c0:0b:bf:5d:66:4c:4e:14:e5:
33:0e:cc:3b:65:cd:db:ca:47:5c:a1:89:7e:36:46:39:44:22:
ec:c6:82:ec:8c:e0:6c:2b:b5:d9:3f:d1:c3:7b:bb:c6:66:86:
c6:06:72:b5:75:fd:bf:74:d2:7f:f1:23:15:f6:12:fb:2c:85:
d4:84:1b:5b:13:3f:29:eb:57:a4:2d:f8:fd:00:51:66:0e:48:
74:63:d1:26
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJxXoTJlUam8g0IDF8gZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjc2NTM3ZmY3NDU4OTNlMzE0MmZhMDk4NGY0NDliNzI1
YjhmZDMwHhcNMjQwMTAxMjIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGU0ODEzN2Q5ZDIzZTM5NzE3YTA3MTA4MzM1ZjM1MDFkN2E2YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjymZlNcu8Q0Qk5JrFg4eweVlEXG
AymIeovMW3BvL/tpOzNZDH0qeGi75nIDeUkktn3hJzMBI4KmVuN8/rHP936s9828
RtCtzx9pHPUH1GbMs4sJHQzsOsueCIk73u0MPd888iealqbSa7bveG8lXGT3kLNr
Dq9aGLHCdi80k4tr+18u05j8z2sXcWh8CQiqAVbM++owaw4MlrJSMtuep4mICW/2
JVpnvaxnV77+dFUQ3agHLdPwY8dLkV9aXYQVjwCC5jMeQXQCRxh3Gr91PjeX2rDe
dOMl5FD6bNiS1/pfH4e0xCXE+bpDKgSNmEul9Ian7l1P+cV/7qeKiBOJYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA3kgTfZ0j45cXoHEIM181AdemqyMB8GA1UdIwQY
MBaAFJD3ZTf/dFiT4xQvoJhPRJtyW4/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BkbE5fOTBXSlBqRkMtZ21FOUVtM0piajlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80Zjc2ODAtODFhYi00YzFmLWEwN2It
N2M2MmQ1YzMxNWJmLzEvRGVTQk45blNQamx4ZWdjUWd6WHpVQjE2YXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80Zjc2ODAtODFhYi00YzFmLWEwN2ItN2M2MmQ1YzMxNWJm
LzEva1BkbE5fOTBXSlBqRkMtZ21FOUVtM0piajlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwpwUAwQF
1abgMA0EAgACMAcDBQAqAglYMA0GCSqGSIb3DQEBCwUAA4IBAQByNGIDaV+SfRsS
RQ6MhWFk7DRdwaVMTV3RSETx4Lhfd2IEb4Gyn5ekdkMBHxsKm4u2SUJWrfJirCOD
OIEr3x+D4WJBx2v2wPh470ueGJv/QVioKVVCrQEmo/nSU0PAd00p64eCWITv8eWM
mB5O5EKy0YfYlW7ohvaod6Pdyu4g8xvxBzMM3kLpzQpPi/FegJnVLs4lf2VfMnhb
3ayKBVSqPYoBgd12HLrSWSjAC79dZkxOFOUzDsw7Zc3bykdcoYl+NkY5RCLsxoLs
jOBsK7XZP9HDe7vGZobGBnK1df2/dNJ/8SMV9hL7LIXUhBtbEz8p61ekLfj9AFFm
Dkh0Y9Em
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:51 2025 by rpki-client