Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8h7SW4S_BoeR5RKL1RbnBKpydYY.roa
File: 8h7SW4S_BoeR5RKL1RbnBKpydYY.roa (raw, json)
Hash identifier: 4nZNYYKMbTAMigN4eIpSdoF8fmUwtez66gf05tpxQNU=
Subject key identifier: F2:1E:D2:5B:84:BF:06:87:91:E5:12:8B:D5:16:E7:04:AA:72:75:86
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193777FE433470EDD94854ADAFA87287F05
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8h7SW4S_BoeR5RKL1RbnBKpydYY.roa
Signing time: Fri 29 Nov 2024 10:38:10 +0000
ROA not before: Fri 29 Nov 2024 10:38:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207388
IP address blocks: 192.145.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Dec 2024 10:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:7f:e4:33:47:0e:dd:94:85:4a:da:fa:87:28:7f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 29 10:38:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f21ed25b84bf068791e5128bd516e704aa727586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4e:a0:be:31:f3:0c:71:3c:da:a9:bb:f5:44:
cc:4e:e1:3b:99:9d:0e:6d:6a:f1:ef:06:05:a7:02:
39:60:63:c9:22:39:97:0a:71:8f:11:be:3a:53:af:
33:d4:3e:88:88:df:d0:76:58:48:b7:8b:6b:72:43:
d9:59:d5:bc:2b:94:87:f5:2f:dc:db:4f:2d:94:83:
96:f1:97:64:19:2d:36:2e:b9:09:e2:81:2f:b0:3b:
9f:2a:90:ba:aa:1a:13:7a:79:c5:74:95:83:9d:7b:
d0:7d:98:47:40:4f:1f:10:ed:73:07:66:9c:1f:78:
db:53:4a:36:d2:bd:1a:da:10:17:26:38:96:8c:0f:
58:e4:6a:83:8b:e0:9a:8a:f6:52:fe:d7:d6:b9:98:
76:de:64:91:db:0e:c2:7c:f9:ef:2d:1f:15:70:03:
d6:82:7c:93:ce:30:42:e3:21:b4:8d:8f:75:88:96:
7f:be:4f:99:39:1d:f9:f8:1c:32:52:39:30:9e:d5:
1a:0d:ef:7b:17:39:f3:2f:7e:7d:ed:bf:a2:21:b1:
c2:35:35:45:61:71:81:93:62:43:62:8d:60:cc:28:
5e:ac:8a:c6:16:ab:6a:e5:45:9a:56:c6:36:2b:22:
e4:e4:b4:d4:b4:e2:81:c4:ef:f9:1f:bf:cc:a0:38:
ee:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:1E:D2:5B:84:BF:06:87:91:E5:12:8B:D5:16:E7:04:AA:72:75:86
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8h7SW4S_BoeR5RKL1RbnBKpydYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:81:1a:0a:8b:fc:21:6a:07:93:cc:31:6a:b2:cf:07:2d:7a:
be:b8:a0:23:f6:c3:52:52:e0:83:28:67:db:5d:73:b2:8b:48:
85:b2:99:21:8c:f9:43:c9:24:c6:76:77:e5:3b:8a:b7:d8:a7:
53:b9:a9:db:25:f4:dc:22:8a:65:e7:c6:65:d5:e6:d2:df:fd:
9e:b1:11:e1:01:8d:d3:32:60:69:4f:ad:00:a2:c9:86:31:c1:
53:e1:6d:9a:1b:c2:84:6f:cc:7e:f8:84:96:01:cd:ab:6d:8a:
f8:1d:4e:e7:ab:6a:d3:d0:eb:da:a1:24:9c:e8:ba:ee:fb:3d:
86:76:b5:09:1e:60:d8:95:c2:f5:05:81:e4:4c:2b:b2:0c:e7:
b0:76:48:f7:10:b4:15:c0:b1:8b:0f:22:05:65:3d:03:96:89:
fd:d7:49:ba:63:ff:f7:16:a9:20:80:25:68:52:79:7e:07:4f:
0d:dc:15:dc:94:23:b3:16:3e:5f:cc:3e:e0:0a:aa:49:d8:2f:
c2:c4:c8:56:69:dc:d1:bc:79:4f:42:5a:b3:fb:c5:f4:83:c6:
ea:3f:e6:84:b2:df:b7:dd:48:45:ab:04:74:8e:59:f2:15:f4:
e4:20:37:57:b4:bb:34:93:c6:c3:52:8a:b4:d1:fe:84:80:a2:
2a:8f:3e:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZN3f+QzRw7dlIVK2vqHKH8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTI5MTAzODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjFlZDI1Yjg0YmYwNjg3OTFlNTEyOGJkNTE2ZTcwNGFhNzI3NTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE6gvjHzDHE82qm79UTMTuE7mZ0O
bWrx7wYFpwI5YGPJIjmXCnGPEb46U68z1D6IiN/QdlhIt4trckPZWdW8K5SH9S/c
208tlIOW8ZdkGS02LrkJ4oEvsDufKpC6qhoTennFdJWDnXvQfZhHQE8fEO1zB2ac
H3jbU0o20r0a2hAXJjiWjA9Y5GqDi+CaivZS/tfWuZh23mSR2w7CfPnvLR8VcAPW
gnyTzjBC4yG0jY91iJZ/vk+ZOR35+BwyUjkwntUaDe97FznzL3597b+iIbHCNTVF
YXGBk2JDYo1gzCherIrGFqtq5UWaVsY2KyLk5LTUtOKBxO/5H7/MoDju3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIe0luEvwaHkeUSi9UW5wSqcnWGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOGg3U1c0U19Cb2VSNVJLTDFSYm5CS3B5ZFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJEcMA0G
CSqGSIb3DQEBCwUAA4IBAQB9gRoKi/whageTzDFqss8HLXq+uKAj9sNSUuCDKGfb
XXOyi0iFspkhjPlDySTGdnflO4q32KdTuanbJfTcIopl58Zl1ebS3/2esRHhAY3T
MmBpT60AosmGMcFT4W2aG8KEb8x++ISWAc2rbYr4HU7nq2rT0OvaoSSc6Lru+z2G
drUJHmDYlcL1BYHkTCuyDOewdkj3ELQVwLGLDyIFZT0Dlon910m6Y//3FqkggCVo
Unl+B08N3BXclCOzFj5fzD7gCqpJ2C/CxMhWadzRvHlPQlqz+8X0g8bqP+aEst+3
3UhFqwR0jlnyFfTkIDdXtLs0k8bDUoq00f6EgKIqjz7x
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:07:57 2025 by rpki-client