Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/bk4ichCxX7PAWPlb8PkGiwbP1IQ.roa
File: bk4ichCxX7PAWPlb8PkGiwbP1IQ.roa (raw, json)
Hash identifier: JdE6kYb42zrAj0xFONlUqHFHWDk3LqmV/T+D12BajI4=
Subject key identifier: 6E:4E:22:72:10:B1:5F:B3:C0:58:F9:5B:F0:F9:06:8B:06:CF:D4:84
Certificate issuer: /CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Certificate serial: 018DCC0221C2D0EA3FCA76A7E8727818447B
Authority key identifier: 1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/bk4ichCxX7PAWPlb8PkGiwbP1IQ.roa
Signing time: Wed 21 Feb 2024 14:11:48 +0000
ROA not before: Wed 21 Feb 2024 14:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57910
IP address blocks: 194.127.162.0/23 maxlen: 23
194.127.162.0/24 maxlen: 24
194.127.163.0/24 maxlen: 24
2a00:b5c0::/32 maxlen: 32
2a02:2110::/32 maxlen: 32
2a0c:7a00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 27 Feb 2024 08:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:02:21:c2:d0:ea:3f:ca:76:a7:e8:72:78:18:44:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5aaf3d0683dc8a0d58c643826e166d3c28cca9
Validity
Not Before: Feb 21 14:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e4e227210b15fb3c058f95bf0f9068b06cfd484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:79:9b:bd:3e:cc:61:83:c2:5a:0d:33:f7:36:
cc:86:15:e7:b3:b0:9b:84:d7:e9:8b:8e:ad:4b:67:
64:b5:c3:4a:4e:f9:d5:9e:9a:11:03:61:af:41:d5:
f0:ea:81:74:0e:4b:6d:26:71:b5:26:c6:b1:8f:dc:
2c:6d:76:02:94:d5:4d:b5:2d:71:0b:eb:42:6d:30:
03:49:b0:72:51:ce:3d:10:ba:cd:f0:1a:f5:60:de:
85:83:28:35:0d:6a:53:f5:ef:57:1a:09:e8:f1:21:
1b:cd:49:da:02:34:de:16:1b:80:e8:ef:21:bf:d0:
24:ed:8d:56:3f:eb:ae:19:04:10:76:be:35:9f:54:
8b:84:ca:cc:85:62:96:b6:3a:2c:fc:74:9c:3b:1d:
81:62:21:18:8f:f7:b4:16:3f:d5:77:5c:18:a8:c2:
95:ab:5d:fc:7b:41:50:73:9a:1d:c7:71:d0:09:2e:
61:6d:05:49:f8:86:68:9d:36:53:26:d3:3a:b5:c4:
d8:cd:61:f0:a0:12:7c:85:9e:23:2a:0c:f3:59:e9:
ce:e5:ed:42:74:d0:d4:f5:43:5b:46:7f:5d:d5:bc:
7d:d9:cf:b0:e1:57:de:d7:13:25:b9:76:0b:8a:11:
ad:10:d5:79:2d:11:8d:a3:77:c7:f3:cf:60:5d:8e:
3b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4E:22:72:10:B1:5F:B3:C0:58:F9:5B:F0:F9:06:8B:06:CF:D4:84
X509v3 Authority Key Identifier:
keyid:1E:5A:AF:3D:06:83:DC:8A:0D:58:C6:43:82:6E:16:6D:3C:28:CC:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlqvPQaD3IoNWMZDgm4WbTwozKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/bk4ichCxX7PAWPlb8PkGiwbP1IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/83df5b-d153-4cb6-baf3-4cd38b758d5c/1/HlqvPQaD3IoNWMZDgm4WbTwozKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.162.0/23
IPv6:
2a00:b5c0::/32
2a02:2110::/32
2a0c:7a00::/29
Signature Algorithm: sha256WithRSAEncryption
2b:f4:8d:b5:c7:4a:3d:0d:72:2c:09:f7:2e:21:d2:3f:e3:10:
d0:74:d0:e2:21:b5:c5:ef:bb:b2:9f:e3:e6:e2:03:b2:60:be:
2a:82:51:15:84:de:f6:03:ff:65:df:0c:49:28:29:00:3b:e7:
59:8d:83:e6:71:24:66:3a:64:89:05:fc:88:2d:50:31:5b:15:
d2:ca:a1:97:d0:3e:ae:de:20:9f:e3:f8:86:19:3f:5d:ea:da:
2f:18:3f:3b:43:7e:ce:42:31:35:42:0a:55:3d:49:fd:d9:17:
46:85:b3:2a:5e:e2:7a:7f:d5:3c:39:3a:23:3f:39:8d:ee:9e:
f6:23:86:00:12:c4:26:08:30:b9:24:6d:1e:01:8f:66:49:7c:
0b:6c:2f:2d:8f:4c:d7:b3:5f:f5:a3:d0:51:bc:36:4c:f0:58:
56:53:9a:51:88:5d:a2:14:52:f9:59:74:a6:43:fc:e8:3a:46:
29:16:01:37:6d:f9:9d:b5:ae:12:b6:fd:50:f6:04:69:fd:be:
f8:1b:d5:91:60:a0:e3:13:ad:ca:42:e6:31:c7:2c:b3:4a:fd:
84:4b:1b:ab:64:57:23:af:9b:f2:07:61:56:96:82:b4:51:74:
c7:1e:9f:ed:c6:66:82:bf:bd:ae:c2:17:90:24:58:78:85:c6:
81:e1:e3:03
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY3MAiHC0Oo/ynan6HJ4GER7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWFhZjNkMDY4M2RjOGEwZDU4YzY0MzgyNmUxNjZkM2My
OGNjYTkwHhcNMjQwMjIxMTQxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRlMjI3MjEwYjE1ZmIzYzA1OGY5NWJmMGY5MDY4YjA2Y2ZkNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXmbvT7MYYPCWg0z9zbMhhXns7Cb
hNfpi46tS2dktcNKTvnVnpoRA2GvQdXw6oF0DkttJnG1Jsaxj9wsbXYClNVNtS1x
C+tCbTADSbByUc49ELrN8Br1YN6Fgyg1DWpT9e9XGgno8SEbzUnaAjTeFhuA6O8h
v9Ak7Y1WP+uuGQQQdr41n1SLhMrMhWKWtjos/HScOx2BYiEYj/e0Fj/Vd1wYqMKV
q138e0FQc5odx3HQCS5hbQVJ+IZonTZTJtM6tcTYzWHwoBJ8hZ4jKgzzWenO5e1C
dNDU9UNbRn9d1bx92c+w4Vfe1xMluXYLihGtENV5LRGNo3fH889gXY47/wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFG5OInIQsV+zwFj5W/D5BosGz9SEMB8GA1UdIwQY
MBaAFB5arz0Gg9yKDVjGQ4JuFm08KMypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMt
NGNkMzhiNzU4ZDVjLzEvYms0aWNoQ3hYN1BBV1BsYjhQa0dpd2JQMUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84M2RmNWItZDE1My00Y2I2LWJhZjMtNGNkMzhiNzU4ZDVj
LzEvSGxxdlBRYUQzSW9OV01aRGdtNFdiVHdvektrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQBwn+iMBsE
AgACMBUDBQAqALXAAwUAKgIhEAMFAyoMegAwDQYJKoZIhvcNAQELBQADggEBACv0
jbXHSj0NciwJ9y4h0j/jENB00OIhtcXvu7Kf4+biA7JgviqCURWE3vYD/2XfDEko
KQA751mNg+ZxJGY6ZIkF/IgtUDFbFdLKoZfQPq7eIJ/j+IYZP13q2i8YPztDfs5C
MTVCClU9Sf3ZF0aFsype4np/1Tw5OiM/OY3unvYjhgASxCYIMLkkbR4Bj2ZJfAts
Ly2PTNezX/Wj0FG8NkzwWFZTmlGIXaIUUvlZdKZD/Og6RikWATdt+Z21rhK2/VD2
BGn9vvgb1ZFgoOMTrcpC5jHHLLNK/YRLG6tkVyOvm/IHYVaWgrRRdMcen+3GZoK/
va7CF5AkWHiFxoHh4wM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:42 2025 by rpki-client