Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/EEqs3rQwrmNocsmDM8oP0t2UJqw.roa
File: EEqs3rQwrmNocsmDM8oP0t2UJqw.roa (raw, json)
Hash identifier: 1kmTP+pH6ThWt7+SzXgpM55v/rPwaShNbsjvSHKR4Ac=
Subject key identifier: 10:4A:AC:DE:B4:30:AE:63:68:72:C9:83:33:CA:0F:D2:DD:94:26:AC
Certificate issuer: /CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Certificate serial: 0190BCE665AF2CCEF004A19544E1F1F63AD2
Authority key identifier: 30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/EEqs3rQwrmNocsmDM8oP0t2UJqw.roa
Signing time: Tue 16 Jul 2024 18:55:34 +0000
ROA not before: Tue 16 Jul 2024 18:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198906
IP address blocks: 194.28.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 08:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bc:e6:65:af:2c:ce:f0:04:a1:95:44:e1:f1:f6:3a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3075d87c197a0fa04da8f225358d3faf786f7d0b
Validity
Not Before: Jul 16 18:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=104aacdeb430ae636872c98333ca0fd2dd9426ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ca:36:cb:79:a1:99:66:90:7e:63:d7:0b:9e:
42:a6:6c:24:d3:fd:fe:6b:ed:19:70:7f:bb:9b:f3:
38:0c:9c:de:d3:f8:41:41:8c:06:ec:17:b6:7a:2a:
4d:ff:8a:81:a8:82:90:95:ed:aa:98:8c:d7:6d:b5:
9c:58:19:be:50:79:93:2b:47:1c:c8:e6:26:ad:6c:
40:3f:86:4b:05:0e:22:8d:c8:31:4a:83:2d:ba:76:
6f:28:53:65:28:2c:7f:cc:ae:6e:28:65:b6:3c:ad:
3e:b0:32:28:54:63:94:92:85:f1:95:5f:86:b3:92:
c7:9d:ca:23:fa:6b:27:17:08:c6:8e:63:a6:d6:50:
55:79:d8:ce:75:42:9d:e1:b1:6a:61:a6:e6:f4:40:
88:67:e9:f3:af:17:a5:4f:cb:0b:b3:5d:35:7a:e4:
ab:e0:22:be:a3:75:bf:38:c2:95:b4:b8:72:42:d0:
97:ee:c8:40:e6:1a:26:fb:c6:50:a3:7e:3b:32:58:
85:3a:6b:96:32:59:2e:54:6c:88:0b:82:c0:c7:3e:
a5:71:f0:29:6d:1e:05:31:8c:b7:87:f0:07:27:63:
df:29:dc:76:e0:d7:14:9f:26:d2:4d:fa:8e:bd:79:
72:66:70:6d:3e:17:56:38:05:31:62:9e:b9:d9:35:
9d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:4A:AC:DE:B4:30:AE:63:68:72:C9:83:33:CA:0F:D2:DD:94:26:AC
X509v3 Authority Key Identifier:
keyid:30:75:D8:7C:19:7A:0F:A0:4D:A8:F2:25:35:8D:3F:AF:78:6F:7D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHXYfBl6D6BNqPIlNY0_r3hvfQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/EEqs3rQwrmNocsmDM8oP0t2UJqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/a400b2-bab4-4119-a3d1-89981c8f9e7b/1/MHXYfBl6D6BNqPIlNY0_r3hvfQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.188.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:c8:09:0e:72:9b:69:af:47:d4:0c:a5:be:6b:4d:7a:d1:b7:
a0:d6:d5:7f:3e:26:ea:60:04:a3:dd:d8:a0:b0:ad:1c:1b:dd:
ca:80:4b:fb:39:8a:88:8e:60:fc:fb:dd:b0:1c:e1:c1:a6:17:
11:95:88:33:66:ee:79:92:4f:4d:78:d9:22:16:21:a4:a5:52:
66:62:48:90:33:36:08:d5:7d:c2:23:d2:79:80:8d:c2:58:42:
c2:be:6a:00:f2:e9:f7:a7:92:ef:d0:fb:f2:4f:1a:15:62:97:
e4:ec:0f:ec:f3:8b:68:16:b2:a7:da:b3:5b:a3:e0:64:ca:70:
e8:bc:1a:96:2f:07:68:d1:63:9c:55:c0:d2:d4:2e:80:04:da:
46:69:25:bf:c0:ad:fa:9b:24:d4:c2:f6:bc:90:4c:fb:ce:c9:
eb:03:63:d4:5d:ea:9e:d8:d1:fe:f3:b1:c9:33:7d:06:49:42:
48:eb:a7:18:3c:b4:da:6c:55:f5:21:c0:c6:71:d6:dd:50:50:
27:ba:ce:2d:83:5e:e3:3d:89:e2:11:9d:3c:ba:11:fc:5e:e4:
75:99:21:e9:02:ec:c9:3a:a1:1e:1c:c6:5f:0c:fa:e0:c2:28:
98:26:12:8b:58:44:29:8d:02:dd:44:27:39:d9:ab:49:9d:51:
45:25:fa:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZC85mWvLM7wBKGVROHx9jrSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzVkODdjMTk3YTBmYTA0ZGE4ZjIyNTM1OGQzZmFmNzg2
ZjdkMGIwHhcNMjQwNzE2MTg1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDRhYWNkZWI0MzBhZTYzNjg3MmM5ODMzM2NhMGZkMmRkOTQyNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38o2y3mhmWaQfmPXC55Cpmwk0/3+
a+0ZcH+7m/M4DJze0/hBQYwG7Be2eipN/4qBqIKQle2qmIzXbbWcWBm+UHmTK0cc
yOYmrWxAP4ZLBQ4ijcgxSoMtunZvKFNlKCx/zK5uKGW2PK0+sDIoVGOUkoXxlV+G
s5LHncoj+msnFwjGjmOm1lBVedjOdUKd4bFqYabm9ECIZ+nzrxelT8sLs101euSr
4CK+o3W/OMKVtLhyQtCX7shA5hom+8ZQo347MliFOmuWMlkuVGyIC4LAxz6lcfAp
bR4FMYy3h/AHJ2PfKdx24NcUnybSTfqOvXlyZnBtPhdWOAUxYp652TWdoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBBKrN60MK5jaHLJgzPKD9LdlCasMB8GA1UdIwQY
MBaAFDB12HwZeg+gTajyJTWNP694b30LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEt
ODk5ODFjOGY5ZTdiLzEvRUVxczNyUXdybU5vY3NtRE04b1AwdDJVSnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9hNDAwYjItYmFiNC00MTE5LWEzZDEtODk5ODFjOGY5ZTdi
LzEvTUhYWWZCbDZENkJOcVBJbE5ZMF9yM2h2ZlFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhy8MA0G
CSqGSIb3DQEBCwUAA4IBAQDCyAkOcptpr0fUDKW+a0160beg1tV/PibqYASj3dig
sK0cG93KgEv7OYqIjmD8+92wHOHBphcRlYgzZu55kk9NeNkiFiGkpVJmYkiQMzYI
1X3CI9J5gI3CWELCvmoA8un3p5Lv0PvyTxoVYpfk7A/s84toFrKn2rNbo+BkynDo
vBqWLwdo0WOcVcDS1C6ABNpGaSW/wK36myTUwva8kEz7zsnrA2PUXeqe2NH+87HJ
M30GSUJI66cYPLTabFX1IcDGcdbdUFAnus4tg17jPYniEZ08uhH8XuR1mSHpAuzJ
OqEeHMZfDPrgwiiYJhKLWEQpjQLdRCc52atJnVFFJfo3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:41 2025 by rpki-client