Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/geHXF-6ULnRcnucoI8IvQLyNtWA.roa
File: geHXF-6ULnRcnucoI8IvQLyNtWA.roa (raw, json)
Hash identifier: 1tbkNqVWxn9zaE3FFUend86t4bwI5Gq1RmKTkptDkt0=
Subject key identifier: 81:E1:D7:17:EE:94:2E:74:5C:9E:E7:28:23:C2:2F:40:BC:8D:B5:60
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE9C302AC9AD8B883CF1A2119CD03E7C5
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/geHXF-6ULnRcnucoI8IvQLyNtWA.roa
Signing time: Mon 08 Jan 2024 15:48:40 +0000
ROA not before: Mon 08 Jan 2024 15:48:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49795
IP address blocks: 178.238.213.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Mar 2024 13:56:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:c3:02:ac:9a:d8:b8:83:cf:1a:21:19:cd:03:e7:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 15:48:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81e1d717ee942e745c9ee72823c22f40bc8db560
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0f:53:49:54:fb:b8:04:7f:14:d6:48:8f:36:
f7:d2:c2:b0:f6:5f:3e:fb:78:b5:56:ac:7c:28:19:
25:59:93:d5:1f:f6:2c:ba:6d:a2:2a:22:3a:f5:5a:
13:be:5e:58:ce:11:13:c7:f6:89:32:95:ff:7b:84:
79:59:e3:b2:fd:16:09:20:22:77:f0:b5:80:d4:a1:
d3:e6:aa:93:ef:41:2b:ab:93:8b:cd:06:f5:1d:08:
63:7a:df:42:5f:8e:aa:0b:b4:76:d1:5f:95:6e:44:
50:ec:13:12:78:a7:df:7f:96:0a:61:29:30:37:f0:
54:d7:72:46:7a:f5:22:93:b8:70:dc:58:31:17:a9:
4a:32:f1:18:d2:25:a4:b5:5f:14:f1:28:bd:e4:6c:
32:bc:40:b9:3c:de:43:59:2e:e8:c8:7b:24:2f:a8:
bb:cb:24:ec:3e:e8:c0:50:98:d3:7a:37:9b:34:b1:
67:fd:92:30:60:8c:12:62:c4:3b:8a:ac:72:f0:a3:
89:96:f8:22:be:bd:11:05:d0:0a:f6:6f:af:6a:29:
40:f1:7a:5b:8e:03:1b:e0:19:09:8e:80:f0:be:c0:
04:da:05:2e:f5:44:f0:27:c1:8a:30:48:e0:cb:ab:
4b:2f:fe:db:4e:e5:bb:ec:d3:1b:4e:e6:81:05:10:
31:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E1:D7:17:EE:94:2E:74:5C:9E:E7:28:23:C2:2F:40:BC:8D:B5:60
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/geHXF-6ULnRcnucoI8IvQLyNtWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.238.213.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b4:de:3c:cf:09:36:13:a5:8a:5d:83:84:4a:75:fd:1c:a8:
92:67:2d:e5:e6:b5:c3:69:2b:76:0e:31:61:c2:3c:18:29:96:
81:3c:ef:27:51:f2:48:a0:49:0d:f6:7a:7e:f7:e4:8e:68:a4:
6d:36:77:6c:9d:b1:50:d9:fd:dd:d8:8d:34:ca:71:83:7c:61:
41:63:93:f1:fd:32:5d:6d:a8:e2:83:26:4a:64:7d:ab:c6:d7:
f1:38:2b:cc:4a:e5:73:cf:27:8a:c4:3d:f8:b2:c9:79:79:03:
13:4e:07:8e:8b:90:55:75:96:26:a5:ac:a7:4a:70:28:cc:bc:
51:2b:83:1a:4b:64:6f:01:50:bd:d5:04:6f:6a:f7:79:39:9c:
2c:d4:af:3a:09:a0:91:40:30:1f:3e:fe:f1:f1:f9:bd:51:29:
16:06:48:23:97:4d:ec:3d:c8:25:63:b8:60:8d:30:e7:ca:ba:
93:14:c2:b7:75:12:66:d8:01:be:47:ec:1d:74:f0:4a:78:f5:
ad:64:0f:99:a9:bf:c9:bd:e9:3a:77:33:7f:f6:75:62:62:04:
2d:cd:bd:c9:32:01:32:64:ce:42:fd:6e:ba:02:a1:0f:00:0d:
3d:37:74:e8:8b:a8:cb:6b:4c:70:d7:82:88:45:c6:05:9c:31:
79:6b:7b:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzpwwKsmti4g88aIRnNA+fFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTU0ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWUxZDcxN2VlOTQyZTc0NWM5ZWU3MjgyM2MyMmY0MGJjOGRiNTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA9TSVT7uAR/FNZIjzb30sKw9l8+
+3i1Vqx8KBklWZPVH/Ysum2iKiI69VoTvl5YzhETx/aJMpX/e4R5WeOy/RYJICJ3
8LWA1KHT5qqT70Erq5OLzQb1HQhjet9CX46qC7R20V+VbkRQ7BMSeKfff5YKYSkw
N/BU13JGevUik7hw3FgxF6lKMvEY0iWktV8U8Si95GwyvEC5PN5DWS7oyHskL6i7
yyTsPujAUJjTejebNLFn/ZIwYIwSYsQ7iqxy8KOJlvgivr0RBdAK9m+vailA8Xpb
jgMb4BkJjoDwvsAE2gUu9UTwJ8GKMEjgy6tLL/7bTuW77NMbTuaBBRAxHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHh1xfulC50XJ7nKCPCL0C8jbVgMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvZ2VIWEYtNlVMblJjbnVjb0k4SXZRTHlOdFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsu7VMA0G
CSqGSIb3DQEBCwUAA4IBAQBdtN48zwk2E6WKXYOESnX9HKiSZy3l5rXDaSt2DjFh
wjwYKZaBPO8nUfJIoEkN9np+9+SOaKRtNndsnbFQ2f3d2I00ynGDfGFBY5Px/TJd
bajigyZKZH2rxtfxOCvMSuVzzyeKxD34ssl5eQMTTgeOi5BVdZYmpaynSnAozLxR
K4MaS2RvAVC91QRvavd5OZws1K86CaCRQDAfPv7x8fm9USkWBkgjl03sPcglY7hg
jTDnyrqTFMK3dRJm2AG+R+wddPBKePWtZA+Zqb/Jvek6dzN/9nViYgQtzb3JMgEy
ZM5C/W66AqEPAA09N3Toi6jLa0xw14KIRcYFnDF5a3vk
-----END CERTIFICATE-----