Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m1E8Bd8903ZmDtXC7LcSqnCX3pg.roa
File: m1E8Bd8903ZmDtXC7LcSqnCX3pg.roa (raw, json)
Hash identifier: xcxmTYPe4UKhODve4P67dgWOELT8RLBFbmzV5ug51kg=
Subject key identifier: 9B:51:3C:05:DF:3D:D3:76:66:0E:D5:C2:EC:B7:12:AA:70:97:DE:98
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01938C20A7EBC39C9284CC4282A07F57AA9D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m1E8Bd8903ZmDtXC7LcSqnCX3pg.roa
Signing time: Tue 03 Dec 2024 10:46:10 +0000
ROA not before: Tue 03 Dec 2024 10:46:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207388
IP address blocks: 192.145.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Dec 2024 11:28:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:20:a7:eb:c3:9c:92:84:cc:42:82:a0:7f:57:aa:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 3 10:46:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b513c05df3dd376660ed5c2ecb712aa7097de98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:76:ee:c8:cd:6c:e5:a0:0b:90:d2:15:e9:91:
ac:92:2a:22:14:ab:5b:ba:57:6f:f5:2d:e3:79:2b:
ed:06:76:48:86:a7:2f:61:bb:ce:b2:52:97:41:eb:
cd:9f:52:e7:b0:60:e9:98:d3:17:26:5c:4c:8f:1a:
98:53:c0:93:25:bb:a1:70:0f:cc:34:d3:c3:36:ae:
91:14:a1:c7:4c:08:2e:55:ed:5a:ea:2d:17:9e:9a:
14:42:74:58:7e:4b:0f:c3:05:8e:95:1a:66:2d:c7:
65:09:52:83:6f:61:de:e6:b3:87:24:d7:9b:6a:71:
ad:bb:60:a1:9c:4d:e4:49:8c:a8:4b:68:59:ea:d4:
14:67:05:04:25:c1:a4:95:a7:38:ca:0b:7b:8f:f1:
88:6a:83:43:50:d8:70:d6:d9:92:fd:b4:4f:c1:64:
b4:c7:7f:9a:da:45:cf:21:5c:97:69:b8:da:68:90:
b7:7e:5b:cd:73:44:33:a0:49:6b:d3:28:92:dc:e3:
d0:61:70:e3:32:d7:e2:3b:74:b7:8f:0b:f9:a7:dd:
02:7a:9f:33:46:72:cc:32:fa:55:9a:53:e7:9f:b2:
79:7f:93:dd:36:74:be:cc:55:65:43:b7:5a:d8:14:
fd:a4:29:9b:10:1f:f8:f4:28:7b:68:9a:c1:ee:05:
5c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:51:3C:05:DF:3D:D3:76:66:0E:D5:C2:EC:B7:12:AA:70:97:DE:98
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m1E8Bd8903ZmDtXC7LcSqnCX3pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:a5:b0:66:0e:aa:21:10:bd:2b:1b:c4:31:9d:21:23:de:79:
8a:7b:b3:44:6e:99:b8:b5:42:f0:83:b5:57:d2:56:1f:59:12:
89:b0:f4:f4:96:ad:5a:48:2c:5a:06:7b:5b:92:88:8f:37:a9:
dc:a8:41:9b:71:96:cd:aa:02:0c:17:fd:21:dd:00:9f:6f:b8:
5b:6c:d9:12:fe:32:e8:75:1e:c9:35:ac:53:6b:2f:b6:36:26:
58:2e:7d:4f:db:f4:9b:66:eb:6e:99:07:43:53:b5:8a:21:5d:
a9:db:8f:49:c4:ae:25:62:de:3b:de:fd:1e:4b:d3:c1:ef:8c:
4f:a2:96:f6:dd:5c:99:79:0b:31:e8:ce:7f:04:05:b7:d9:73:
c7:59:cf:81:c6:13:35:b9:81:30:78:9c:58:b5:8b:7d:57:38:
17:69:ea:19:b8:92:8d:e0:de:3d:32:53:b6:95:dd:68:5d:8e:
94:c9:17:d0:77:fa:25:d3:1c:66:c2:6e:ad:ce:6c:46:78:20:
24:23:76:e6:63:d0:79:21:4d:73:d5:3f:4e:27:ff:e6:e9:a9:
02:85:d7:ee:6f:ac:8a:9a:13:81:a2:61:58:6a:1a:f8:f0:44:
f5:8d:a3:13:f6:dd:f1:5f:e7:e0:a6:e9:cb:fe:9a:92:6e:c4:
60:26:d2:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOMIKfrw5yShMxCgqB/V6qdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjAzMTA0NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjUxM2MwNWRmM2RkMzc2NjYwZWQ1YzJlY2I3MTJhYTcwOTdkZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3buyM1s5aALkNIV6ZGskioiFKtb
uldv9S3jeSvtBnZIhqcvYbvOslKXQevNn1LnsGDpmNMXJlxMjxqYU8CTJbuhcA/M
NNPDNq6RFKHHTAguVe1a6i0XnpoUQnRYfksPwwWOlRpmLcdlCVKDb2He5rOHJNeb
anGtu2ChnE3kSYyoS2hZ6tQUZwUEJcGklac4ygt7j/GIaoNDUNhw1tmS/bRPwWS0
x3+a2kXPIVyXabjaaJC3flvNc0QzoElr0yiS3OPQYXDjMtfiO3S3jwv5p90Cep8z
RnLMMvpVmlPnn7J5f5PdNnS+zFVlQ7da2BT9pCmbEB/49Ch7aJrB7gVcwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJtRPAXfPdN2Zg7Vwuy3Eqpwl96YMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbTFFOEJkODkwM1ptRHRYQzdMY1NxbkNYM3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJEcMA0G
CSqGSIb3DQEBCwUAA4IBAQCipbBmDqohEL0rG8QxnSEj3nmKe7NEbpm4tULwg7VX
0lYfWRKJsPT0lq1aSCxaBntbkoiPN6ncqEGbcZbNqgIMF/0h3QCfb7hbbNkS/jLo
dR7JNaxTay+2NiZYLn1P2/SbZutumQdDU7WKIV2p249JxK4lYt473v0eS9PB74xP
opb23VyZeQsx6M5/BAW32XPHWc+BxhM1uYEweJxYtYt9VzgXaeoZuJKN4N49MlO2
ld1oXY6UyRfQd/ol0xxmwm6tzmxGeCAkI3bmY9B5IU1z1T9OJ//m6akChdfub6yK
mhOBomFYahr48ET1jaMT9t3xX+fgpunL/pqSbsRgJtK6
-----END CERTIFICATE-----
Generated at Tue Apr 29 04:24:29 2025 by rpki-client