Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tXiscRYSXKyktuV93-2u7LDyQqk.roa
File: tXiscRYSXKyktuV93-2u7LDyQqk.roa (raw, json)
Hash identifier: aNAskYY7BSHcFPZTMFfvk9YGg30pRTvYgdUUrER7QDc=
Subject key identifier: B5:78:AC:71:16:12:5C:AC:A4:B6:E5:7D:DF:ED:AE:EC:B0:F2:42:A9
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0191BA557A4A2E5DF2FD53A235DA905B8215
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tXiscRYSXKyktuV93-2u7LDyQqk.roa
Signing time: Wed 04 Sep 2024 00:00:49 +0000
ROA not before: Wed 04 Sep 2024 00:00:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57717
IP address blocks: 194.50.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ba:55:7a:4a:2e:5d:f2:fd:53:a2:35:da:90:5b:82:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Sep 4 00:00:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b578ac7116125caca4b6e57ddfedaeecb0f242a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:ff:3a:cb:33:5b:3f:a4:a0:0d:61:73:1e:62:
37:06:2f:43:18:8a:d6:69:bc:e2:5f:6b:b2:56:ed:
c6:07:e8:dc:b7:c4:d6:67:26:c2:af:45:11:81:dc:
ca:80:18:d0:69:3e:84:40:e0:17:4f:20:59:b8:26:
9c:0c:51:4c:c0:3c:f5:4c:b1:bb:1d:ca:e4:a9:bc:
31:be:fc:37:a5:bf:7f:f5:38:3e:d3:a2:8e:59:f7:
63:39:5e:7c:b8:b9:78:a1:f5:3c:06:f0:1e:c9:7f:
d4:72:6a:92:ce:7f:a5:e9:8e:b7:e3:2c:38:9f:ef:
59:eb:1b:8c:8d:bd:9b:d7:64:bb:a4:c8:b6:0f:ae:
93:8c:4e:a3:f3:6a:9b:1b:4a:99:25:3c:b2:48:4a:
1e:55:e7:87:ff:66:08:28:ca:09:3f:42:0c:ec:49:
bf:c9:3a:c8:12:a8:7e:d2:4b:9c:76:e0:1a:d4:57:
aa:72:c3:d7:c9:d5:4c:22:9f:25:86:88:e0:ce:0f:
65:71:c3:68:f0:5c:f8:8c:c4:2e:db:2f:bc:bc:2b:
be:13:71:77:94:01:17:24:ce:04:06:f6:d1:4e:98:
fa:7f:f2:e1:ad:41:8f:ed:3f:72:32:62:57:8b:f0:
8c:e1:a3:95:7e:de:59:fa:9b:33:84:0b:6e:db:73:
f1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:78:AC:71:16:12:5C:AC:A4:B6:E5:7D:DF:ED:AE:EC:B0:F2:42:A9
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/tXiscRYSXKyktuV93-2u7LDyQqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.17.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ec:43:7f:3d:6d:8f:d6:57:fd:30:5d:a6:05:84:e4:bd:b0:
7c:6b:8a:82:92:aa:10:fd:84:63:fd:4b:78:ee:6f:20:ba:fb:
cf:86:c0:f7:09:f4:29:03:90:46:83:fb:f6:31:b0:4e:8d:41:
85:4e:6a:f6:fd:5b:80:85:15:2c:e0:45:5c:87:b7:8c:4f:2b:
33:b8:f0:a7:f5:f5:7c:40:04:72:30:1f:f8:37:f6:99:d9:42:
bd:e0:16:12:2c:2d:89:c3:0c:6f:18:0c:0d:1d:0e:12:75:46:
36:ac:ab:b0:a8:26:a4:32:fb:22:ef:97:9b:8e:65:55:50:b3:
fa:04:b6:9b:d0:af:68:f0:d5:31:93:3c:f0:09:80:43:66:ad:
94:53:cb:ce:5a:23:09:86:f6:90:e0:50:37:4b:88:5c:2a:37:
e7:dc:a4:f5:a3:98:17:a3:29:4f:eb:ce:d6:b1:88:d2:53:ad:
7f:46:64:b7:40:90:b2:02:4d:08:c7:20:c4:bc:28:e0:c9:05:
38:51:9f:21:c6:a7:a5:44:32:c6:b6:29:93:0b:f6:4f:a3:c3:
40:aa:fd:64:ff:b7:92:28:94:9c:bc:3c:d4:91:3c:c5:99:91:
e9:1c:a0:de:5c:e2:16:ab:1d:c7:66:42:ed:32:e2:09:69:fb:
6f:3d:f7:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG6VXpKLl3y/VOiNdqQW4IVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwOTA0MDAwMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTc4YWM3MTE2MTI1Y2FjYTRiNmU1N2RkZmVkYWVlY2IwZjI0MmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4v86yzNbP6SgDWFzHmI3Bi9DGIrW
abziX2uyVu3GB+jct8TWZybCr0URgdzKgBjQaT6EQOAXTyBZuCacDFFMwDz1TLG7
Hcrkqbwxvvw3pb9/9Tg+06KOWfdjOV58uLl4ofU8BvAeyX/UcmqSzn+l6Y634yw4
n+9Z6xuMjb2b12S7pMi2D66TjE6j82qbG0qZJTyySEoeVeeH/2YIKMoJP0IM7Em/
yTrIEqh+0kucduAa1FeqcsPXydVMIp8lhojgzg9lccNo8Fz4jMQu2y+8vCu+E3F3
lAEXJM4EBvbRTpj6f/LhrUGP7T9yMmJXi/CM4aOVft5Z+pszhAtu23Px0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLV4rHEWElyspLblfd/truyw8kKpMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvdFhpc2NSWVNYS3lrdHVWOTMtMnU3TER5UXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjIRMA0G
CSqGSIb3DQEBCwUAA4IBAQBL7EN/PW2P1lf9MF2mBYTkvbB8a4qCkqoQ/YRj/Ut4
7m8guvvPhsD3CfQpA5BGg/v2MbBOjUGFTmr2/VuAhRUs4EVch7eMTyszuPCn9fV8
QARyMB/4N/aZ2UK94BYSLC2JwwxvGAwNHQ4SdUY2rKuwqCakMvsi75ebjmVVULP6
BLab0K9o8NUxkzzwCYBDZq2UU8vOWiMJhvaQ4FA3S4hcKjfn3KT1o5gXoylP687W
sYjSU61/RmS3QJCyAk0IxyDEvCjgyQU4UZ8hxqelRDLGtimTC/ZPo8NAqv1k/7eS
KJScvDzUkTzFmZHpHKDeXOIWqx3HZkLtMuIJaftvPffu
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:15:41 2025 by rpki-client