Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/k1T8BtKmLAvGLRQOJkwBUJvJtko.roa
File: k1T8BtKmLAvGLRQOJkwBUJvJtko.roa (raw, json)
Hash identifier: 2yWzR6brNimJxyZVSDkBhtZGlLvW1d2CJ3NPSGIg/n4=
Subject key identifier: 93:54:FC:06:D2:A6:2C:0B:C6:2D:14:0E:26:4C:01:50:9B:C9:B6:4A
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 018CC3B6E0B7957571F33E71361C7FFA50B6
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/k1T8BtKmLAvGLRQOJkwBUJvJtko.roa
Signing time: Mon 01 Jan 2024 06:29:51 +0000
ROA not before: Mon 01 Jan 2024 06:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202709
IP address blocks: 193.42.210.0/24 maxlen: 24
194.50.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e0:b7:95:75:71:f3:3e:71:36:1c:7f:fa:50:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 1 06:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9354fc06d2a62c0bc62d140e264c01509bc9b64a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dc:fd:92:e1:2b:0a:9f:1f:27:58:32:df:99:
f3:6b:1a:30:c8:bf:a5:e8:fd:6e:f6:bc:2f:af:e6:
3e:5b:41:51:e1:6b:f1:29:d3:76:16:61:fd:9d:d6:
9e:b5:95:68:90:eb:71:88:55:d6:11:1b:20:8d:62:
e1:bf:88:8d:a2:02:96:f0:2d:90:0a:3b:81:98:65:
87:dd:1b:06:08:b0:a1:d7:86:25:c4:36:d9:08:a3:
a9:34:6a:42:27:3b:c5:60:38:7a:49:b2:68:d3:de:
77:25:51:53:0f:6a:91:62:44:84:6b:b6:0a:7a:2b:
f8:e1:0d:14:37:e4:f5:1c:32:46:02:8d:1d:9e:cb:
d1:39:d4:ce:91:ae:f2:82:14:56:fa:ef:e2:08:db:
90:1d:a1:32:b7:5f:50:05:37:eb:29:cb:41:4f:a7:
73:31:5e:ea:76:e4:63:fe:da:b5:bd:db:95:b9:65:
c2:4c:1c:92:7a:b5:e7:86:e2:56:2c:64:be:8b:bf:
a9:c9:3a:5a:03:c7:f8:fd:67:15:e0:f7:98:f4:64:
f3:18:da:1a:88:7a:7a:06:fb:be:cb:9e:be:9a:49:
47:4e:b7:b5:b0:d9:e6:cf:36:7a:1e:f1:98:ce:2b:
01:31:2d:08:b0:00:80:7b:a0:b9:2b:88:58:b9:49:
a7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:54:FC:06:D2:A6:2C:0B:C6:2D:14:0E:26:4C:01:50:9B:C9:B6:4A
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/k1T8BtKmLAvGLRQOJkwBUJvJtko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.210.0/24
194.50.74.0/24
Signature Algorithm: sha256WithRSAEncryption
27:9e:31:be:28:4e:13:e5:f1:3a:96:e6:39:f0:1d:fe:3c:7b:
30:a5:06:ff:2c:40:9c:d6:08:2c:63:b5:c6:f6:71:69:16:e9:
3d:8e:1a:0b:5f:74:21:8c:97:0d:14:ca:d2:e9:46:e8:a0:db:
00:94:1c:4b:cf:25:89:17:69:c8:d0:2c:a8:aa:53:d4:f5:33:
33:c0:55:76:94:1e:df:f9:11:16:5c:c8:a8:37:15:bb:38:63:
d1:95:52:b7:f2:33:ec:35:73:6a:6f:07:6b:ee:af:2f:e4:e2:
52:f7:f5:48:3b:f0:23:e2:39:d1:f8:17:78:f2:37:3d:d9:f4:
c4:d1:83:a4:c6:86:f3:25:03:9f:ff:17:12:90:b2:30:f0:3f:
bf:dc:9f:45:0c:57:bb:37:a0:22:c8:cb:b1:88:53:35:28:e4:
ee:d0:fe:09:66:7c:0e:9e:95:7c:fd:4d:9b:6f:e8:18:0e:f7:
23:84:29:cd:2d:12:bb:ca:6c:03:6e:89:4f:33:c4:b5:d8:38:
a0:a2:9d:0b:9f:c5:78:74:6f:1c:32:e0:69:3a:d2:c6:84:c1:
5d:c3:4b:5c:e8:70:80:f0:1f:88:43:93:f5:b6:88:43:e6:6a:
e9:a1:54:6d:62:aa:59:48:f0:42:bb:bd:bb:54:b0:e7:15:bd:
6c:fa:a9:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtuC3lXVx8z5xNhx/+lC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjQwMTAxMDYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzU0ZmMwNmQyYTYyYzBiYzYyZDE0MGUyNjRjMDE1MDliYzliNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9z9kuErCp8fJ1gy35nzaxowyL+l
6P1u9rwvr+Y+W0FR4WvxKdN2FmH9ndaetZVokOtxiFXWERsgjWLhv4iNogKW8C2Q
CjuBmGWH3RsGCLCh14YlxDbZCKOpNGpCJzvFYDh6SbJo0953JVFTD2qRYkSEa7YK
eiv44Q0UN+T1HDJGAo0dnsvROdTOka7yghRW+u/iCNuQHaEyt19QBTfrKctBT6dz
MV7qduRj/tq1vduVuWXCTBySerXnhuJWLGS+i7+pyTpaA8f4/WcV4PeY9GTzGNoa
iHp6Bvu+y56+mklHTre1sNnmzzZ6HvGYzisBMS0IsACAe6C5K4hYuUmn2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJNU/AbSpiwLxi0UDiZMAVCbybZKMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvazFUOEJ0S21MQXZHTFJRT0prd0JVSnZKdGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSrSAwQA
wjJKMA0GCSqGSIb3DQEBCwUAA4IBAQAnnjG+KE4T5fE6luY58B3+PHswpQb/LECc
1ggsY7XG9nFpFuk9jhoLX3QhjJcNFMrS6UbooNsAlBxLzyWJF2nI0CyoqlPU9TMz
wFV2lB7f+REWXMioNxW7OGPRlVK38jPsNXNqbwdr7q8v5OJS9/VIO/Aj4jnR+Bd4
8jc92fTE0YOkxobzJQOf/xcSkLIw8D+/3J9FDFe7N6AiyMuxiFM1KOTu0P4JZnwO
npV8/U2bb+gYDvcjhCnNLRK7ymwDbolPM8S12Digop0Ln8V4dG8cMuBpOtLGhMFd
w0tc6HCA8B+IQ5P1tohD5mrpoVRtYqpZSPBCu727VLDnFb1s+qm4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:09 2025 by rpki-client