Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/Xrt273zm9Giinpo5smsFiASBV20.roa
File: Xrt273zm9Giinpo5smsFiASBV20.roa (raw, json)
Hash identifier: ZXofBUe8o7TPsS3O18JluxqDJSYmAcXNxkYQc7ImDYA=
Subject key identifier: 5E:BB:76:EF:7C:E6:F4:68:A2:9E:9A:39:B2:6B:05:88:04:81:57:6D
Certificate issuer: /CN=9fe94d2eedcd824ac1de74ade36c1f9d69d496ca
Certificate serial: 018ECE2C80E6F63A12DF6B6AF44A6F4C7164
Authority key identifier: 9F:E9:4D:2E:ED:CD:82:4A:C1:DE:74:AD:E3:6C:1F:9D:69:D4:96:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n-lNLu3NgkrB3nSt42wfnWnUlso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/Xrt273zm9Giinpo5smsFiASBV20.roa
Signing time: Thu 11 Apr 2024 17:20:06 +0000
ROA not before: Thu 11 Apr 2024 17:20:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58006
IP address blocks: 176.122.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ce:2c:80:e6:f6:3a:12:df:6b:6a:f4:4a:6f:4c:71:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fe94d2eedcd824ac1de74ade36c1f9d69d496ca
Validity
Not Before: Apr 11 17:20:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ebb76ef7ce6f468a29e9a39b26b05880481576d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:27:98:e5:d5:24:7f:cf:0b:86:4a:d2:ef:a8:
e0:02:47:0a:73:c1:92:85:a0:b1:68:d8:a3:a6:13:
3f:f6:46:94:bf:18:0e:f7:c6:3c:8f:6b:c0:85:e4:
7e:2d:d7:48:57:11:48:7e:fb:08:fb:0c:f8:b2:29:
11:f8:bb:52:e7:4a:1e:61:e7:46:3f:38:b5:a6:eb:
fb:90:dd:99:22:c3:a0:6a:23:22:9f:26:d6:ee:bc:
cb:d0:a4:6d:af:81:89:e4:e0:61:d4:7c:fd:a5:b3:
08:67:48:55:51:b8:41:1c:5f:b3:ee:bd:01:10:ad:
ce:dc:4d:7d:d3:41:aa:9c:05:af:55:5c:84:63:69:
ef:a7:91:45:8e:b3:e6:9b:15:ab:28:4f:3f:a1:9b:
c7:46:9f:e4:39:42:f6:27:f0:cd:25:29:d4:fa:93:
6c:a7:71:6d:18:2f:0f:ba:c6:7a:12:1a:e0:f6:f5:
2f:6b:f0:8e:2d:54:9e:4b:5a:d6:5a:bf:a3:8c:3f:
1d:16:9e:90:79:6a:dd:11:7f:0a:a1:e4:1b:d8:63:
31:83:ab:79:32:c8:05:c3:61:ff:b7:b9:98:a2:88:
eb:67:33:64:04:4f:17:b3:93:87:7f:0f:8c:78:5c:
c3:75:47:1e:f9:12:22:fe:97:34:ac:55:21:00:bf:
3e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BB:76:EF:7C:E6:F4:68:A2:9E:9A:39:B2:6B:05:88:04:81:57:6D
X509v3 Authority Key Identifier:
keyid:9F:E9:4D:2E:ED:CD:82:4A:C1:DE:74:AD:E3:6C:1F:9D:69:D4:96:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n-lNLu3NgkrB3nSt42wfnWnUlso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/Xrt273zm9Giinpo5smsFiASBV20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/n-lNLu3NgkrB3nSt42wfnWnUlso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.206.0/24
Signature Algorithm: sha256WithRSAEncryption
08:73:26:d9:31:30:13:80:bc:05:ee:6f:bd:e1:d5:c6:ce:da:
d7:1f:e9:6f:14:63:37:03:83:38:64:c8:32:76:97:e0:c4:e6:
ce:37:0d:99:2b:5f:bd:5c:c0:a3:2a:77:6a:8d:fd:4a:cf:e1:
d4:92:b6:da:b7:34:5d:31:83:fa:7b:93:48:3b:5d:a0:96:5c:
06:fe:e8:67:5a:ed:7b:30:e2:d3:05:a7:37:c4:e1:58:61:89:
f7:7b:3f:dc:f9:23:52:17:11:fa:1d:89:f9:1a:b9:38:20:be:
21:76:92:27:9b:32:31:a6:72:fd:56:18:62:0a:15:3d:56:e1:
66:5d:6d:22:37:8b:b6:5d:78:4c:c3:33:9a:27:94:87:e9:c4:
2b:33:e2:0d:86:c7:48:59:09:a1:02:63:1a:3b:00:61:94:97:
b9:4c:60:2e:65:6e:65:6d:d0:f7:6c:67:7c:70:2f:29:ef:38:
4b:e0:69:d6:f7:ae:84:d6:54:67:b7:36:e1:0f:e2:6f:09:0b:
09:14:f3:f7:7c:c7:f7:56:34:ff:1a:2d:aa:ef:14:18:c6:d1:
fe:59:b5:95:25:76:70:2c:2f:96:f2:a7:08:dd:27:ec:78:b8:
04:c5:7d:ff:2a:5b:98:59:c9:89:01:ac:c5:37:84:8d:36:ff:
5e:be:27:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7OLIDm9joS32tq9EpvTHFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZTk0ZDJlZWRjZDgyNGFjMWRlNzRhZGUzNmMxZjlkNjlk
NDk2Y2EwHhcNMjQwNDExMTcyMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWJiNzZlZjdjZTZmNDY4YTI5ZTlhMzliMjZiMDU4ODA0ODE1NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiieY5dUkf88LhkrS76jgAkcKc8GS
haCxaNijphM/9kaUvxgO98Y8j2vAheR+LddIVxFIfvsI+wz4sikR+LtS50oeYedG
Pzi1puv7kN2ZIsOgaiMinybW7rzL0KRtr4GJ5OBh1Hz9pbMIZ0hVUbhBHF+z7r0B
EK3O3E1900GqnAWvVVyEY2nvp5FFjrPmmxWrKE8/oZvHRp/kOUL2J/DNJSnU+pNs
p3FtGC8PusZ6Ehrg9vUva/COLVSeS1rWWr+jjD8dFp6QeWrdEX8KoeQb2GMxg6t5
MsgFw2H/t7mYoojrZzNkBE8Xs5OHfw+MeFzDdUce+RIi/pc0rFUhAL8+7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF67du985vRoop6aObJrBYgEgVdtMB8GA1UdIwQY
MBaAFJ/pTS7tzYJKwd50reNsH51p1JbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbi1sTkx1M05na3JCM25TdDQyd2ZuV25VbHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82NjBlNTQtNWM4NS00ZDI1LThlNjEt
N2NhMTFkYzNhZTgyLzEvWHJ0Mjczem05R2lpbnBvNXNtc0ZpQVNCVjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82NjBlNTQtNWM4NS00ZDI1LThlNjEtN2NhMTFkYzNhZTgy
LzEvbi1sTkx1M05na3JCM25TdDQyd2ZuV25VbHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHrOMA0G
CSqGSIb3DQEBCwUAA4IBAQAIcybZMTATgLwF7m+94dXGztrXH+lvFGM3A4M4ZMgy
dpfgxObONw2ZK1+9XMCjKndqjf1Kz+HUkrbatzRdMYP6e5NIO12gllwG/uhnWu17
MOLTBac3xOFYYYn3ez/c+SNSFxH6HYn5Grk4IL4hdpInmzIxpnL9VhhiChU9VuFm
XW0iN4u2XXhMwzOaJ5SH6cQrM+INhsdIWQmhAmMaOwBhlJe5TGAuZW5lbdD3bGd8
cC8p7zhL4GnW966E1lRntzbhD+JvCQsJFPP3fMf3VjT/Gi2q7xQYxtH+WbWVJXZw
LC+W8qcI3SfseLgExX3/KluYWcmJAazFN4SNNv9evicU
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:47:02 2025 by rpki-client