Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/834aa0-a8f4-454c-b315-435af14aa07a/1/SAq5dIv7k45ets9mCckxqRH7A8A.roa
File: SAq5dIv7k45ets9mCckxqRH7A8A.roa (raw, json)
Hash identifier: ydWzbTsXsvUmBwoTmKz3zgIfpwZHCURN7kqkgniTPN4=
Subject key identifier: 48:0A:B9:74:8B:FB:93:8E:5E:B6:CF:66:09:C9:31:A9:11:FB:03:C0
Certificate issuer: /CN=fdc568657e50e6f8e5c6bfefa89cef350d94f82e
Certificate serial: 01936EA075E36007BB0DFF9461FB3B091DF6
Authority key identifier: FD:C5:68:65:7E:50:E6:F8:E5:C6:BF:EF:A8:9C:EF:35:0D:94:F8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_cVoZX5Q5vjlxr_vqJzvNQ2U-C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/834aa0-a8f4-454c-b315-435af14aa07a/1/SAq5dIv7k45ets9mCckxqRH7A8A.roa
Signing time: Wed 27 Nov 2024 17:17:09 +0000
ROA not before: Wed 27 Nov 2024 17:17:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213842
IP address blocks: 193.101.12.0/24 maxlen: 24
2a01:e540::/40 maxlen: 40
Validation: Failed, certificate revoked on Fri 29 Nov 2024 10:15:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6e:a0:75:e3:60:07:bb:0d:ff:94:61:fb:3b:09:1d:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fdc568657e50e6f8e5c6bfefa89cef350d94f82e
Validity
Not Before: Nov 27 17:17:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=480ab9748bfb938e5eb6cf6609c931a911fb03c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a9:f6:0d:1e:9e:0e:2a:2f:04:0d:ca:11:3c:
02:fe:56:f5:f8:7d:ef:b2:2f:d3:f8:8c:e0:e9:bb:
e2:10:55:fa:26:44:25:ae:fc:d3:24:e4:36:01:99:
37:80:9e:2a:b1:f3:ac:85:8b:bd:11:04:36:78:82:
fe:78:c2:cf:a1:30:f3:7f:e9:9d:90:73:eb:73:26:
d4:b0:a0:2f:b8:5e:b7:0b:d0:d8:4a:47:50:c2:69:
4c:95:09:2c:99:0a:36:85:2f:85:30:35:a8:02:8e:
ac:2c:68:61:1c:76:83:d8:43:ca:23:35:dd:c5:f3:
28:2f:af:22:58:8b:3e:a9:b1:45:70:f8:3b:dd:a9:
3b:7e:3e:c4:7e:6c:17:f4:d5:b4:8f:33:ae:5d:54:
b8:aa:7c:d6:e7:cb:dc:c7:de:b5:f8:33:35:a7:b5:
11:c3:27:c1:b6:57:74:63:55:1c:d9:dc:49:6f:fb:
6b:f3:77:96:18:c6:8a:e6:e2:11:b2:0e:ca:10:af:
80:dd:ea:32:a9:21:0e:b9:ce:f2:92:10:a1:c1:c5:
c2:6d:6c:4c:cf:88:d2:69:37:7f:96:0d:23:ef:4b:
3f:ac:a9:b7:8c:1d:33:54:85:c5:02:c0:b5:80:fc:
b0:29:b0:eb:fd:22:c0:c0:e0:25:48:11:42:dd:96:
59:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0A:B9:74:8B:FB:93:8E:5E:B6:CF:66:09:C9:31:A9:11:FB:03:C0
X509v3 Authority Key Identifier:
keyid:FD:C5:68:65:7E:50:E6:F8:E5:C6:BF:EF:A8:9C:EF:35:0D:94:F8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_cVoZX5Q5vjlxr_vqJzvNQ2U-C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/834aa0-a8f4-454c-b315-435af14aa07a/1/SAq5dIv7k45ets9mCckxqRH7A8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/834aa0-a8f4-454c-b315-435af14aa07a/1/_cVoZX5Q5vjlxr_vqJzvNQ2U-C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.101.12.0/24
IPv6:
2a01:e540::/40
Signature Algorithm: sha256WithRSAEncryption
65:ac:b0:44:ae:9a:60:ac:1b:5e:d7:21:d9:55:4c:f9:a6:57:
5f:54:a5:b2:6d:e2:f1:8b:95:69:c4:00:77:53:32:9b:09:fa:
d7:96:79:62:92:d0:a2:25:34:ef:41:b3:0c:bb:18:f9:7a:67:
4d:67:dc:5f:42:c0:eb:27:63:6d:b2:b3:64:2d:f7:b7:fa:f8:
19:a2:a7:6b:ec:61:c0:70:fb:38:ac:29:f5:4e:a0:ef:14:79:
62:d5:9c:d9:5d:3a:73:a7:08:d5:9e:5f:15:16:1e:f6:bc:5c:
8b:66:fb:f1:4c:0a:ec:1c:bb:df:95:98:f6:f6:ca:6d:6b:a0:
9d:ea:c5:e5:8a:72:64:61:22:80:6b:a9:99:c6:dd:fb:04:68:
14:fb:8f:15:26:2d:99:11:b9:97:62:b1:60:2a:a4:89:02:a2:
85:71:be:37:67:89:64:20:37:01:87:d7:6f:66:c2:3b:80:37:
1e:a7:34:a5:39:ef:d3:ff:a5:8d:ec:eb:7d:5b:d6:45:58:cd:
65:39:8f:c0:b1:88:4e:6d:aa:66:79:82:5d:98:99:d3:40:33:
52:b2:ce:3e:e2:b1:eb:cb:91:39:d4:02:70:a8:98:30:c3:92:
a4:a8:e6:b9:83:5a:b5:ee:5c:19:53:c8:3f:12:a1:93:b1:4c:
ba:98:d8:b2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZNuoHXjYAe7Df+UYfs7CR32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkYzU2ODY1N2U1MGU2ZjhlNWM2YmZlZmE4OWNlZjM1MGQ5
NGY4MmUwHhcNMjQxMTI3MTcxNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODBhYjk3NDhiZmI5MzhlNWViNmNmNjYwOWM5MzFhOTExZmIwM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qn2DR6eDiovBA3KETwC/lb1+H3v
si/T+Izg6bviEFX6JkQlrvzTJOQ2AZk3gJ4qsfOshYu9EQQ2eIL+eMLPoTDzf+md
kHPrcybUsKAvuF63C9DYSkdQwmlMlQksmQo2hS+FMDWoAo6sLGhhHHaD2EPKIzXd
xfMoL68iWIs+qbFFcPg73ak7fj7EfmwX9NW0jzOuXVS4qnzW58vcx961+DM1p7UR
wyfBtld0Y1Uc2dxJb/tr83eWGMaK5uIRsg7KEK+A3eoyqSEOuc7ykhChwcXCbWxM
z4jSaTd/lg0j70s/rKm3jB0zVIXFAsC1gPywKbDr/SLAwOAlSBFC3ZZZbwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEgKuXSL+5OOXrbPZgnJMakR+wPAMB8GA1UdIwQY
MBaAFP3FaGV+UOb45ca/76ic7zUNlPguMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2NWb1pYNVE1dmpseHJfdnFKenZOUTJVLUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84MzRhYTAtYThmNC00NTRjLWIzMTUt
NDM1YWYxNGFhMDdhLzEvU0FxNWRJdjdrNDVldHM5bUNja3hxUkg3QThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi84MzRhYTAtYThmNC00NTRjLWIzMTUtNDM1YWYxNGFhMDdh
LzEvX2NWb1pYNVE1dmpseHJfdnFKenZOUTJVLUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwWUMMA4E
AgACMAgDBgAqAeVAADANBgkqhkiG9w0BAQsFAAOCAQEAZaywRK6aYKwbXtch2VVM
+aZXX1Slsm3i8YuVacQAd1Mymwn615Z5YpLQoiU070GzDLsY+XpnTWfcX0LA6ydj
bbKzZC33t/r4GaKna+xhwHD7OKwp9U6g7xR5YtWc2V06c6cI1Z5fFRYe9rxci2b7
8UwK7By735WY9vbKbWugnerF5YpyZGEigGupmcbd+wRoFPuPFSYtmRG5l2KxYCqk
iQKihXG+N2eJZCA3AYfXb2bCO4A3Hqc0pTnv0/+ljezrfVvWRVjNZTmPwLGITm2q
ZnmCXZiZ00AzUrLOPuKx68uROdQCcKiYMMOSpKjmuYNate5cGVPIPxKhk7FMupjY
sg==
-----END CERTIFICATE-----
Generated at Sat May 10 14:47:48 2025 by rpki-client