Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xYR1xKpPHFUBj4KCRIjAATL5jh0.roa
File: xYR1xKpPHFUBj4KCRIjAATL5jh0.roa (raw, json)
Hash identifier: Upswuac9I75jOjEuruD4iOZvCP7cDMnIsMg9aSxow5g=
Subject key identifier: C5:84:75:C4:AA:4F:1C:55:01:8F:82:82:44:88:C0:01:32:F9:8E:1D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193D6400F717E04401CBF2CD4D74EDD5507
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xYR1xKpPHFUBj4KCRIjAATL5jh0.roa
Signing time: Tue 17 Dec 2024 20:12:22 +0000
ROA not before: Tue 17 Dec 2024 20:12:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57494
IP address blocks: 195.133.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:51:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d6:40:0f:71:7e:04:40:1c:bf:2c:d4:d7:4e:dd:55:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 17 20:12:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c58475c4aa4f1c55018f82824488c00132f98e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ff:b9:ab:22:14:30:21:8a:8c:11:c2:8d:50:
80:21:0a:bc:6f:de:d0:59:af:c0:50:d2:76:2b:52:
16:2a:8b:61:8f:d0:60:d4:51:b8:00:b5:cd:8c:6f:
5b:98:7c:8c:dd:d9:84:bd:d2:75:3b:df:ea:62:bd:
23:f1:28:8f:1e:9b:1c:b7:a1:bb:19:65:83:df:0d:
96:52:b5:68:a4:ce:95:9c:64:f3:93:af:6a:3b:ae:
fd:f5:27:f7:71:b6:4d:da:34:ec:72:48:5c:76:e2:
20:4c:4e:8c:f1:63:e2:bb:23:74:54:35:a2:a4:b2:
68:21:54:de:71:bb:32:00:23:ee:8f:43:fc:0a:ec:
0e:60:25:94:b3:a6:fa:37:7d:aa:06:da:4e:07:9e:
95:cc:19:db:58:9e:cb:64:f0:cf:3f:99:b2:1c:a3:
04:2f:12:c6:d0:3f:25:0b:86:48:ca:5b:a4:96:f5:
9e:49:34:63:45:16:2a:c7:4e:00:19:d7:96:f9:12:
e6:0a:75:56:04:f9:6d:c6:16:b0:82:aa:6c:b3:da:
b8:a8:d4:55:f5:0e:f0:ae:1a:87:3b:46:3b:94:62:
01:83:fb:31:39:77:97:d7:8c:ba:2e:33:b7:01:bf:
15:02:96:7f:e2:50:c7:8c:54:1d:43:92:56:8d:a7:
b1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:84:75:C4:AA:4F:1C:55:01:8F:82:82:44:88:C0:01:32:F9:8E:1D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/xYR1xKpPHFUBj4KCRIjAATL5jh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.133.194.0/24
Signature Algorithm: sha256WithRSAEncryption
55:13:29:63:09:2b:a6:3a:f4:5a:4d:2b:0a:7e:7e:02:25:a8:
98:b8:d1:e5:10:3d:fd:b7:26:84:0f:8e:33:40:b8:e5:d3:1e:
4e:37:63:d5:7e:2b:42:9d:f9:f6:17:e6:ab:66:d4:7d:87:f9:
f5:99:c9:bd:95:a7:9c:d0:3c:28:66:68:28:2c:65:08:47:39:
ac:75:84:bd:d5:4e:70:ea:2b:ac:f5:f5:5a:b6:c0:9b:a7:6b:
d4:01:3c:c7:b7:b2:b7:a3:4b:e6:f7:a4:0b:78:3a:14:5d:7f:
ba:87:1d:b0:51:80:22:20:e5:f2:83:52:81:8a:f8:d6:10:cd:
3e:da:0c:90:27:db:eb:e3:61:63:01:9f:c1:95:50:59:39:13:
c0:a7:7c:ac:20:1c:e0:6d:cd:66:f3:ff:a4:96:7c:34:03:20:
76:01:c7:d7:bc:cd:90:13:0f:61:0a:e4:80:aa:e6:b1:87:6a:
34:f0:d7:51:30:6d:b7:fa:33:68:5e:32:83:47:e9:ad:5a:f6:
cc:73:4a:a2:9d:10:18:36:fa:6c:12:48:ec:b1:45:39:77:17:
b9:69:9a:7d:17:15:ef:b4:ca:70:45:d9:81:1c:bc:e9:fa:63:
0f:c5:11:8b:ef:72:be:01:e0:47:8b:12:95:19:97:3a:df:d4:
8c:99:c5:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPWQA9xfgRAHL8s1NdO3VUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjE3MjAxMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTg0NzVjNGFhNGYxYzU1MDE4ZjgyODI0NDg4YzAwMTMyZjk4ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf+5qyIUMCGKjBHCjVCAIQq8b97Q
Wa/AUNJ2K1IWKothj9Bg1FG4ALXNjG9bmHyM3dmEvdJ1O9/qYr0j8SiPHpsct6G7
GWWD3w2WUrVopM6VnGTzk69qO6799Sf3cbZN2jTsckhcduIgTE6M8WPiuyN0VDWi
pLJoIVTecbsyACPuj0P8CuwOYCWUs6b6N32qBtpOB56VzBnbWJ7LZPDPP5myHKME
LxLG0D8lC4ZIyluklvWeSTRjRRYqx04AGdeW+RLmCnVWBPltxhawgqpss9q4qNRV
9Q7wrhqHO0Y7lGIBg/sxOXeX14y6LjO3Ab8VApZ/4lDHjFQdQ5JWjaexPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWEdcSqTxxVAY+CgkSIwAEy+Y4dMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEveFlSMXhLcFBIRlVCajRLQ1JJakFBVEw1amgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4XCMA0G
CSqGSIb3DQEBCwUAA4IBAQBVEyljCSumOvRaTSsKfn4CJaiYuNHlED39tyaED44z
QLjl0x5ON2PVfitCnfn2F+arZtR9h/n1mcm9laec0DwoZmgoLGUIRzmsdYS91U5w
6ius9fVatsCbp2vUATzHt7K3o0vm96QLeDoUXX+6hx2wUYAiIOXyg1KBivjWEM0+
2gyQJ9vr42FjAZ/BlVBZORPAp3ysIBzgbc1m8/+klnw0AyB2AcfXvM2QEw9hCuSA
quaxh2o08NdRMG23+jNoXjKDR+mtWvbMc0qinRAYNvpsEkjssUU5dxe5aZp9FxXv
tMpwRdmBHLzp+mMPxRGL73K+AeBHixKVGZc639SMmcVa
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:20:46 2025 by rpki-client