Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2UgKAYZiYHqnTPyQ85rEa3ydCQA.roa
File: 2UgKAYZiYHqnTPyQ85rEa3ydCQA.roa (raw, json)
Hash identifier: 1hAU2ZnI/9yiugNtuPVGd2ZhHtYIYNqbe55PHycyW08=
Subject key identifier: D9:48:0A:01:86:62:60:7A:A7:4C:FC:90:F3:9A:C4:6B:7C:9D:09:00
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193762891459C68B80A51C506B5A1238EFA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2UgKAYZiYHqnTPyQ85rEa3ydCQA.roa
Signing time: Fri 29 Nov 2024 04:23:10 +0000
ROA not before: Fri 29 Nov 2024 04:23:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200195
IP address blocks: 193.8.185.0/24 maxlen: 24
194.113.38.0/24 maxlen: 24
194.113.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:76:28:91:45:9c:68:b8:0a:51:c5:06:b5:a1:23:8e:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 29 04:23:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9480a018662607aa74cfc90f39ac46b7c9d0900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:39:80:22:ae:b9:ff:59:56:61:1e:1b:11:15:
c5:61:ff:14:68:98:72:61:ef:0f:46:c9:33:c0:a5:
3f:49:9f:78:78:49:cd:f2:ed:e6:c4:f6:1c:8e:ad:
f6:77:96:9c:40:92:8e:5e:5e:27:6a:46:15:aa:d8:
ff:a6:e8:4e:0f:68:e2:b1:d3:94:1d:4f:b1:6f:95:
fa:4f:c9:ef:39:42:cb:91:87:4a:48:d2:db:0a:9d:
14:de:22:af:2e:de:22:e2:36:82:de:b0:16:aa:3e:
0f:cc:ff:cf:78:56:4f:e6:00:a9:a9:63:11:1d:77:
54:ce:cc:41:80:60:6b:3d:ce:50:59:c8:1e:74:2d:
df:cd:aa:f5:69:a2:d7:ba:a2:8e:e5:bf:db:7e:23:
d2:bf:77:b7:e3:9a:f2:3a:b0:e4:1b:95:d1:14:19:
44:97:5d:58:2e:96:9b:b2:0b:13:57:21:b3:a0:8d:
31:6b:ed:d5:4b:95:79:2e:d9:50:06:f5:1a:63:31:
91:1e:cf:be:a0:86:5e:ce:ec:8e:cf:b3:cc:19:17:
2e:01:16:ad:32:a3:71:53:89:45:4b:57:af:0f:32:
fa:89:f7:48:5f:ad:3e:62:cc:b0:9a:bb:3e:04:f3:
12:fe:7c:6f:bf:7f:2c:26:40:bb:77:bb:f2:1b:c3:
d5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:48:0A:01:86:62:60:7A:A7:4C:FC:90:F3:9A:C4:6B:7C:9D:09:00
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2UgKAYZiYHqnTPyQ85rEa3ydCQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.185.0/24
194.113.38.0/23
Signature Algorithm: sha256WithRSAEncryption
16:31:c8:ae:59:93:e7:e5:af:43:cf:7b:50:f2:22:ed:90:eb:
41:2d:a3:7a:0c:d4:e3:cf:14:42:f3:56:d3:58:66:5b:82:6f:
02:17:a2:3e:3e:1d:b4:11:37:58:47:c6:1d:a9:96:ce:c1:90:
7a:59:b3:87:d3:b9:d1:7c:f9:1a:7a:6c:ec:89:83:e3:1c:0d:
95:d2:d0:ac:31:68:e3:bd:f8:ed:a0:08:00:65:c5:0f:40:6c:
9b:88:0e:8a:50:08:ca:d4:97:2b:90:f8:f4:fe:d8:61:81:4b:
53:12:b2:3f:9d:2a:97:c2:80:29:61:72:80:02:0f:da:81:2f:
70:27:bf:e4:63:1d:d1:36:0c:20:bb:99:d9:e4:81:c3:10:e7:
db:7e:cd:84:b0:67:10:f3:69:cd:32:15:82:5b:2e:9d:be:b0:
92:a3:ff:21:52:6a:4e:57:5c:be:9d:fd:94:52:ef:ee:8c:23:
c3:b3:22:f8:d8:70:d1:a3:22:0f:8c:16:0a:88:5b:8e:3e:f6:
05:d7:6a:16:8b:31:0a:5f:b9:81:dd:f0:b9:33:79:61:74:ab:
91:55:3d:90:81:04:b2:59:d9:03:9b:b2:61:a6:e3:0b:92:03:
bb:e8:50:8c:f9:48:8b:93:7e:13:57:90:ba:3d:e9:f6:1f:d0:
74:0c:9c:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZN2KJFFnGi4ClHFBrWhI476MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTI5MDQyMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ4MGEwMTg2NjI2MDdhYTc0Y2ZjOTBmMzlhYzQ2YjdjOWQwOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDmAIq65/1lWYR4bERXFYf8UaJhy
Ye8PRskzwKU/SZ94eEnN8u3mxPYcjq32d5acQJKOXl4nakYVqtj/puhOD2jisdOU
HU+xb5X6T8nvOULLkYdKSNLbCp0U3iKvLt4i4jaC3rAWqj4PzP/PeFZP5gCpqWMR
HXdUzsxBgGBrPc5QWcgedC3fzar1aaLXuqKO5b/bfiPSv3e345ryOrDkG5XRFBlE
l11YLpabsgsTVyGzoI0xa+3VS5V5LtlQBvUaYzGRHs++oIZezuyOz7PMGRcuARat
MqNxU4lFS1evDzL6ifdIX60+Ysywmrs+BPMS/nxvv38sJkC7d7vyG8PVHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNlICgGGYmB6p0z8kPOaxGt8nQkAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMlVnS0FZWmlZSHFuVFB5UTg1ckVhM3lkQ1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwQi5AwQB
wnEmMA0GCSqGSIb3DQEBCwUAA4IBAQAWMciuWZPn5a9Dz3tQ8iLtkOtBLaN6DNTj
zxRC81bTWGZbgm8CF6I+Ph20ETdYR8YdqZbOwZB6WbOH07nRfPkaemzsiYPjHA2V
0tCsMWjjvfjtoAgAZcUPQGybiA6KUAjK1JcrkPj0/thhgUtTErI/nSqXwoApYXKA
Ag/agS9wJ7/kYx3RNgwgu5nZ5IHDEOfbfs2EsGcQ82nNMhWCWy6dvrCSo/8hUmpO
V1y+nf2UUu/ujCPDsyL42HDRoyIPjBYKiFuOPvYF12oWizEKX7mB3fC5M3lhdKuR
VT2QgQSyWdkDm7JhpuMLkgO76FCM+UiLk34TV5C6Pen2H9B0DJz0
-----END CERTIFICATE-----
Generated at Tue Apr 29 00:37:30 2025 by rpki-client