Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/xZRXjEN-uEg3AJO8c8IqadLvoek.roa
File: xZRXjEN-uEg3AJO8c8IqadLvoek.roa (raw, json)
Hash identifier: hPyfUbvOrtzZXshD2TgYiz4Tbzj4/BEtc89ehJih0Pw=
Subject key identifier: C5:94:57:8C:43:7E:B8:48:37:00:93:BC:73:C2:2A:69:D2:EF:A1:E9
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01942746ECF20F274DB5080D3353180C6E9C
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/xZRXjEN-uEg3AJO8c8IqadLvoek.roa
Signing time: Thu 02 Jan 2025 13:49:07 +0000
ROA not before: Thu 02 Jan 2025 13:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13763
IP address blocks: 195.180.150.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 12:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:ec:f2:0f:27:4d:b5:08:0d:33:53:18:0c:6e:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 2 13:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c594578c437eb848370093bc73c22a69d2efa1e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:15:c6:2b:3b:4d:02:19:b8:4f:ad:62:21:fa:
fe:7a:30:e8:94:ad:d0:2c:e8:7e:74:2b:61:9f:aa:
a8:41:39:60:50:c4:c9:aa:51:df:14:d0:62:e8:db:
55:7a:95:5e:8e:50:9c:dc:de:6d:ad:fc:d4:b0:cd:
25:14:7c:8d:bc:78:34:ac:c4:2c:ed:8f:54:d3:91:
3c:01:6f:13:0c:fa:d1:bf:72:35:1e:95:49:b5:a4:
42:f3:3a:bc:f3:2c:ab:a5:0f:1c:24:3c:ca:b1:cf:
3e:ec:a7:64:f6:4e:3e:62:08:c1:e3:89:0f:36:73:
dc:d8:da:ad:46:e5:f8:2c:fa:b9:4c:02:9f:3e:9c:
eb:aa:7b:7f:41:5d:76:af:57:dd:28:f9:8d:63:cb:
5d:5b:41:ea:c7:6a:de:7b:1d:bc:94:33:d7:f0:d8:
c7:ec:aa:26:0b:ba:fa:43:12:7e:7b:9f:75:be:35:
3c:c9:50:a9:e9:1b:d9:5c:dc:d3:99:aa:f8:2d:ef:
a4:6b:6f:24:54:ba:a3:de:ce:f8:32:1f:ac:98:a8:
58:7b:69:51:48:43:d7:1e:d7:45:96:d1:06:d5:c6:
00:bb:58:28:3e:a4:1b:41:bc:ec:6c:94:f5:1a:26:
89:d0:68:ac:b3:ac:50:17:a3:51:dc:5f:59:04:62:
4d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:94:57:8C:43:7E:B8:48:37:00:93:BC:73:C2:2A:69:D2:EF:A1:E9
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/xZRXjEN-uEg3AJO8c8IqadLvoek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.180.150.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:53:66:fb:1e:2f:f3:80:35:2c:c9:b7:ce:fd:d4:94:bd:bc:
b6:5e:1a:b4:b8:5c:2a:ec:da:9a:2e:0f:1c:2b:8e:25:6c:c9:
7a:d3:c6:6b:37:ab:50:32:d8:c7:b0:d6:fe:9d:ca:0e:f3:22:
78:42:df:ba:e7:7c:fc:27:de:2c:ba:a2:62:ae:b6:dc:e0:7c:
81:1c:d0:80:5d:b1:34:ea:ee:0d:30:09:b7:23:96:df:08:90:
27:29:08:ae:0f:f9:08:95:d6:31:4d:0f:f0:58:9f:25:d2:3b:
1d:b0:30:4c:9d:07:cb:cf:b7:46:cd:79:7b:0f:23:04:38:b7:
5e:70:87:46:ed:89:ee:1a:1a:ef:c2:62:4f:b0:10:ce:7a:31:
fe:41:ef:13:f5:22:31:84:e6:52:83:17:e4:c8:fa:f1:d1:36:
c0:8f:48:c6:58:d0:8a:7f:3b:81:25:e4:3c:9c:98:60:9a:00:
65:91:81:9a:cb:19:dc:39:19:e1:64:4e:55:71:7e:b9:fc:87:
30:d7:2f:cd:f0:8f:40:cf:f3:9f:2c:9a:cf:67:08:a2:22:f5:
12:8c:18:1f:7e:cc:74:34:29:68:c7:b3:96:c9:d0:31:98:d4:
a3:bf:bb:1f:b3:b9:7c:b6:88:20:11:6a:ab:14:ae:44:29:61:
54:be:b6:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRuzyDydNtQgNM1MYDG6cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjUwMTAyMTM0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTk0NTc4YzQzN2ViODQ4MzcwMDkzYmM3M2MyMmE2OWQyZWZhMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRXGKztNAhm4T61iIfr+ejDolK3Q
LOh+dCthn6qoQTlgUMTJqlHfFNBi6NtVepVejlCc3N5trfzUsM0lFHyNvHg0rMQs
7Y9U05E8AW8TDPrRv3I1HpVJtaRC8zq88yyrpQ8cJDzKsc8+7Kdk9k4+YgjB44kP
NnPc2NqtRuX4LPq5TAKfPpzrqnt/QV12r1fdKPmNY8tdW0Hqx2reex28lDPX8NjH
7KomC7r6QxJ+e591vjU8yVCp6RvZXNzTmar4Le+ka28kVLqj3s74Mh+smKhYe2lR
SEPXHtdFltEG1cYAu1goPqQbQbzsbJT1GiaJ0Giss6xQF6NR3F9ZBGJNwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWUV4xDfrhINwCTvHPCKmnS76HpMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEveFpSWGpFTi11RWczQUpPOGM4SXFhZEx2b2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7SWMA0G
CSqGSIb3DQEBCwUAA4IBAQBcU2b7Hi/zgDUsybfO/dSUvby2Xhq0uFwq7NqaLg8c
K44lbMl608ZrN6tQMtjHsNb+ncoO8yJ4Qt+653z8J94suqJirrbc4HyBHNCAXbE0
6u4NMAm3I5bfCJAnKQiuD/kIldYxTQ/wWJ8l0jsdsDBMnQfLz7dGzXl7DyMEOLde
cIdG7YnuGhrvwmJPsBDOejH+Qe8T9SIxhOZSgxfkyPrx0TbAj0jGWNCKfzuBJeQ8
nJhgmgBlkYGayxncORnhZE5VcX65/Icw1y/N8I9Az/OfLJrPZwiiIvUSjBgffsx0
NClox7OWydAxmNSjv7sfs7l8toggEWqrFK5EKWFUvrZ8
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:28 2025 by rpki-client