Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/XSzUVIGQIMcfp7Jo7T5OCeSulVo.roa
File: XSzUVIGQIMcfp7Jo7T5OCeSulVo.roa (raw, json)
Hash identifier: wz7pp3Uu8QCTYCVxnghFDs9J2ZPyBB5acBpQc1wnRgU=
Subject key identifier: 5D:2C:D4:54:81:90:20:C7:1F:A7:B2:68:ED:3E:4E:09:E4:AE:95:5A
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018CCA2BB53F5E76945E7C2B6DE0A16F87FB
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/XSzUVIGQIMcfp7Jo7T5OCeSulVo.roa
Signing time: Tue 02 Jan 2024 12:35:11 +0000
ROA not before: Tue 02 Jan 2024 12:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24724
IP address blocks: 193.111.37.0/24 maxlen: 24
193.111.38.0/24 maxlen: 24
212.91.8.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b5:3f:5e:76:94:5e:7c:2b:6d:e0:a1:6f:87:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 12:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d2cd454819020c71fa7b268ed3e4e09e4ae955a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:62:99:88:48:25:ad:ba:d8:4a:d5:61:de:75:
cc:b4:fb:d9:6a:90:0d:0a:fa:bb:8b:42:d9:68:ba:
61:00:cd:4a:fb:89:da:bb:51:03:d0:a1:b0:db:ba:
6b:ba:5e:3e:8a:80:a5:07:18:09:df:31:6d:63:e7:
1b:e1:fb:f6:0a:49:d6:0b:2f:b0:67:03:37:5b:54:
71:3c:f3:83:33:74:a4:6b:b7:ef:73:6d:e1:e0:e6:
4e:56:ef:10:87:8f:52:58:94:b7:8f:b8:8b:27:d7:
be:43:58:82:64:10:f6:67:b2:59:77:51:c6:09:68:
e2:21:f9:47:e5:0f:a5:8b:34:c3:7c:b0:63:80:05:
81:f5:3b:48:4b:b9:58:3e:0b:97:f2:b5:cf:d2:d4:
6e:e4:03:f9:d7:bc:c3:5d:52:ab:f0:ed:28:5b:b5:
1b:53:19:6b:7d:82:ad:75:32:ae:9d:fd:30:0f:8f:
7a:7e:fb:47:a1:06:e6:47:5c:9d:89:eb:e4:89:61:
de:b8:86:7c:c5:14:69:cd:18:a6:ed:35:81:92:b6:
06:a0:b1:53:2c:1e:3c:24:93:93:87:54:12:de:7c:
3d:43:59:3b:c2:0b:d7:21:e5:23:59:e0:27:10:e6:
21:6f:38:5d:7d:a2:d6:55:8a:41:42:9f:f8:e8:04:
9f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:2C:D4:54:81:90:20:C7:1F:A7:B2:68:ED:3E:4E:09:E4:AE:95:5A
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/XSzUVIGQIMcfp7Jo7T5OCeSulVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.37.0-193.111.38.255
212.91.8.0/23
Signature Algorithm: sha256WithRSAEncryption
11:88:78:b2:10:71:11:3f:06:03:eb:70:3e:e5:ed:83:d2:60:
83:23:2f:a4:02:fe:91:65:aa:24:d1:1f:48:51:74:cc:e3:07:
a2:d6:ea:26:b3:e5:88:6a:7d:2e:af:d1:bb:88:4d:0f:05:45:
44:8e:90:48:1d:b7:66:de:13:5a:c3:84:c5:69:0f:a0:f2:86:
77:85:d7:86:5c:91:cb:2d:69:5d:74:99:6b:d0:cf:d5:2f:c4:
d4:61:10:4e:a0:97:05:86:16:95:30:8b:1e:c8:84:c5:ed:ff:
f5:ff:bb:2c:8d:b5:b6:50:89:59:40:7a:b3:70:5c:ad:69:00:
4d:ad:3d:b6:0c:a0:f4:e5:4d:58:87:7c:61:ec:cc:fd:78:71:
ef:b3:7f:8c:c9:06:ae:0e:e4:43:87:bf:2b:96:bd:5f:24:79:
28:d7:d2:ff:45:a5:9f:93:7d:a1:b2:8a:3e:80:ca:e2:b9:0f:
c2:5d:b8:74:9c:06:4a:e5:42:cc:59:49:65:9a:39:91:de:de:
8d:24:dd:61:ef:09:b2:5b:88:db:b7:e6:eb:81:d3:29:21:a9:
b2:0d:f3:3e:db:b0:69:ba:2a:f1:20:e5:e8:8d:17:e8:c7:8d:
70:35:4e:22:11:6f:05:24:0f:d0:76:02:f7:d9:fe:db:db:3c:
9a:ea:b7:da
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzKK7U/XnaUXnwrbeChb4f7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQwMTAyMTIzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDJjZDQ1NDgxOTAyMGM3MWZhN2IyNjhlZDNlNGUwOWU0YWU5NTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGKZiEglrbrYStVh3nXMtPvZapAN
Cvq7i0LZaLphAM1K+4nau1ED0KGw27prul4+ioClBxgJ3zFtY+cb4fv2CknWCy+w
ZwM3W1RxPPODM3Ska7fvc23h4OZOVu8Qh49SWJS3j7iLJ9e+Q1iCZBD2Z7JZd1HG
CWjiIflH5Q+lizTDfLBjgAWB9TtIS7lYPguX8rXP0tRu5AP517zDXVKr8O0oW7Ub
UxlrfYKtdTKunf0wD496fvtHoQbmR1ydievkiWHeuIZ8xRRpzRim7TWBkrYGoLFT
LB48JJOTh1QS3nw9Q1k7wgvXIeUjWeAnEOYhbzhdfaLWVYpBQp/46ASf/wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFF0s1FSBkCDHH6eyaO0+TgnkrpVaMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvWFN6VVZJR1FJTWNmcDdKbzdUNU9DZVN1bFZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADBbyUD
BADBbyYDBAHUWwgwDQYJKoZIhvcNAQELBQADggEBABGIeLIQcRE/BgPrcD7l7YPS
YIMjL6QC/pFlqiTRH0hRdMzjB6LW6iaz5YhqfS6v0buITQ8FRUSOkEgdt2beE1rD
hMVpD6DyhneF14ZckcstaV10mWvQz9UvxNRhEE6glwWGFpUwix7IhMXt//X/uyyN
tbZQiVlAerNwXK1pAE2tPbYMoPTlTViHfGHszP14ce+zf4zJBq4O5EOHvyuWvV8k
eSjX0v9FpZ+TfaGyij6AyuK5D8JduHScBkrlQsxZSWWaOZHe3o0k3WHvCbJbiNu3
5uuB0ykhqbIN8z7bsGm6KvEg5eiNF+jHjXA1TiIRbwUkD9B2AvfZ/tvbPJrqt9o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:18 2025 by rpki-client