Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/dcddfa-a059-4ff0-a809-5eabfb1e5130/1/N5Qw1IeFtL2JJfxnxi0MxFpnLMs.roa
File: N5Qw1IeFtL2JJfxnxi0MxFpnLMs.roa (raw, json)
Hash identifier: LoExIjFHGVfHFzAWAToVxKaqj+P9kn9u+Q727pnxab0=
Subject key identifier: 37:94:30:D4:87:85:B4:BD:89:25:FC:67:C6:2D:0C:C4:5A:67:2C:CB
Certificate issuer: /CN=c9d11b707878bd77fbff15f27752c08a4aa556f4
Certificate serial: 018F19ED3E73150D89593A0D15606A1BF3B5
Authority key identifier: C9:D1:1B:70:78:78:BD:77:FB:FF:15:F2:77:52:C0:8A:4A:A5:56:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydEbcHh4vXf7_xXyd1LAikqlVvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/dcddfa-a059-4ff0-a809-5eabfb1e5130/1/N5Qw1IeFtL2JJfxnxi0MxFpnLMs.roa
Signing time: Fri 26 Apr 2024 10:22:09 +0000
ROA not before: Fri 26 Apr 2024 10:22:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201228
IP address blocks: 193.247.208.0/24 maxlen: 24
193.247.209.0/24 maxlen: 24
193.247.210.0/24 maxlen: 24
193.247.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:ed:3e:73:15:0d:89:59:3a:0d:15:60:6a:1b:f3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d11b707878bd77fbff15f27752c08a4aa556f4
Validity
Not Before: Apr 26 10:22:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=379430d48785b4bd8925fc67c62d0cc45a672ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6c:5a:38:43:07:a3:61:f7:c6:93:ff:0e:b6:
cc:48:0a:4f:f9:51:b9:f9:67:99:9d:62:58:00:b6:
91:12:74:fe:cc:2e:28:81:d6:06:2d:79:66:d4:e8:
18:71:b0:c0:08:67:eb:b8:63:13:ae:84:b5:64:46:
10:bc:cf:37:b7:6e:1f:3e:9b:96:8c:fe:81:79:b4:
9c:f2:0c:d7:77:84:f7:df:57:e2:d2:be:ff:48:3c:
a6:f6:9a:4c:30:f5:cb:41:9d:1d:cb:ad:49:0d:48:
3e:ec:fe:df:89:28:23:c6:19:b4:92:95:21:de:d1:
12:41:b3:ab:aa:6f:85:fe:8c:1e:7c:4f:36:6b:8f:
8b:2d:6d:f0:92:8d:77:98:37:92:f5:25:cc:5a:db:
ea:0b:5a:19:53:e4:76:d6:6e:97:8b:05:81:de:bc:
c0:6c:b6:94:e4:89:5d:45:18:d8:61:7e:5b:33:54:
57:80:b8:5d:3b:85:ae:ed:00:2c:d1:1e:cf:88:f2:
79:ea:d5:d2:85:a3:c2:c0:5f:5a:ca:fc:2f:cc:82:
1a:44:28:6f:b0:03:49:76:f1:16:73:f1:86:dc:61:
08:eb:92:a3:6d:c5:76:e1:bc:d3:23:9d:5e:05:c6:
70:6f:e1:5a:11:c1:54:72:39:fd:38:7b:e0:c0:f2:
c3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:94:30:D4:87:85:B4:BD:89:25:FC:67:C6:2D:0C:C4:5A:67:2C:CB
X509v3 Authority Key Identifier:
keyid:C9:D1:1B:70:78:78:BD:77:FB:FF:15:F2:77:52:C0:8A:4A:A5:56:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydEbcHh4vXf7_xXyd1LAikqlVvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/dcddfa-a059-4ff0-a809-5eabfb1e5130/1/N5Qw1IeFtL2JJfxnxi0MxFpnLMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/dcddfa-a059-4ff0-a809-5eabfb1e5130/1/ydEbcHh4vXf7_xXyd1LAikqlVvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.208.0/22
Signature Algorithm: sha256WithRSAEncryption
67:97:26:8e:38:ad:28:1f:6c:75:da:73:6b:e7:96:3b:76:1f:
75:92:9b:10:7a:4b:2e:2a:3c:b6:4b:28:5e:15:8b:1e:37:1e:
5f:e5:86:71:1e:79:49:b9:16:87:3b:11:a5:f2:e4:a9:5d:49:
3f:5f:6e:51:d6:f5:ec:b3:09:84:04:3d:2d:e4:35:15:3f:5a:
55:aa:3b:da:71:37:1d:f5:a7:16:48:58:b0:35:45:a0:43:94:
eb:87:57:52:3b:a8:67:41:bc:5e:1e:c1:52:2a:ff:e3:9b:1c:
af:6a:fd:64:1f:a3:5e:93:36:47:d9:e7:13:87:23:cd:56:fd:
bd:98:27:21:7b:55:b7:75:c8:d7:84:89:8b:1a:3d:8a:d4:b7:
1e:55:ef:38:40:ef:29:a8:51:6d:0e:cd:04:9d:54:2e:8b:42:
e2:18:ca:b6:8c:ba:98:5d:16:03:8f:6c:32:af:be:7c:ac:4b:
6a:74:75:4d:c8:37:3f:0f:46:7a:91:e2:68:42:38:11:37:32:
68:f2:39:a1:5a:23:4c:9d:12:0c:ea:d5:7d:c5:b3:82:09:6a:
a0:e7:66:c4:1b:c1:bb:dc:ea:64:2c:84:ba:bb:83:66:e2:08:
b4:0b:0e:ce:eb:39:18:d3:e3:c3:ca:48:12:b5:1b:36:e8:45:
05:b6:ff:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8Z7T5zFQ2JWToNFWBqG/O1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDExYjcwNzg3OGJkNzdmYmZmMTVmMjc3NTJjMDhhNGFh
NTU2ZjQwHhcNMjQwNDI2MTAyMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk0MzBkNDg3ODViNGJkODkyNWZjNjdjNjJkMGNjNDVhNjcyY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmxaOEMHo2H3xpP/DrbMSApP+VG5
+WeZnWJYALaREnT+zC4ogdYGLXlm1OgYcbDACGfruGMTroS1ZEYQvM83t24fPpuW
jP6BebSc8gzXd4T331fi0r7/SDym9ppMMPXLQZ0dy61JDUg+7P7fiSgjxhm0kpUh
3tESQbOrqm+F/owefE82a4+LLW3wko13mDeS9SXMWtvqC1oZU+R21m6XiwWB3rzA
bLaU5IldRRjYYX5bM1RXgLhdO4Wu7QAs0R7PiPJ56tXShaPCwF9ayvwvzIIaRChv
sANJdvEWc/GG3GEI65KjbcV24bzTI51eBcZwb+FaEcFUcjn9OHvgwPLDSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDeUMNSHhbS9iSX8Z8YtDMRaZyzLMB8GA1UdIwQY
MBaAFMnRG3B4eL13+/8V8ndSwIpKpVb0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRFYmNIaDR2WGY3X3hYeWQxTEFpa3FsVnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kY2RkZmEtYTA1OS00ZmYwLWE4MDkt
NWVhYmZiMWU1MTMwLzEvTjVRdzFJZUZ0TDJKSmZ4bnhpME14RnBuTE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kY2RkZmEtYTA1OS00ZmYwLWE4MDktNWVhYmZiMWU1MTMw
LzEveWRFYmNIaDR2WGY3X3hYeWQxTEFpa3FsVnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwffQMA0G
CSqGSIb3DQEBCwUAA4IBAQBnlyaOOK0oH2x12nNr55Y7dh91kpsQeksuKjy2Syhe
FYseNx5f5YZxHnlJuRaHOxGl8uSpXUk/X25R1vXsswmEBD0t5DUVP1pVqjvacTcd
9acWSFiwNUWgQ5Trh1dSO6hnQbxeHsFSKv/jmxyvav1kH6NekzZH2ecThyPNVv29
mCche1W3dcjXhImLGj2K1LceVe84QO8pqFFtDs0EnVQui0LiGMq2jLqYXRYDj2wy
r758rEtqdHVNyDc/D0Z6keJoQjgRNzJo8jmhWiNMnRIM6tV9xbOCCWqg52bEG8G7
3OpkLIS6u4Nm4gi0Cw7O6zkY0+PDykgStRs26EUFtv94
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:35 2025 by rpki-client