Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/2wNW8xa8P7_79vN0O4xf9PgeSi8.roa
File: 2wNW8xa8P7_79vN0O4xf9PgeSi8.roa (raw, json)
Hash identifier: jidqeMG4Jvg8CNCQMWn55h5s+owR/kDshV7wQZgn2PU=
Subject key identifier: DB:03:56:F3:16:BC:3F:BF:FB:F6:F3:74:3B:8C:5F:F4:F8:1E:4A:2F
Certificate issuer: /CN=6311a9d4c10252fbf73b7165f35acc1dce9f0a93
Certificate serial: 018CC492FA6D880D638C66F154C191540F66
Authority key identifier: 63:11:A9:D4:C1:02:52:FB:F7:3B:71:65:F3:5A:CC:1D:CE:9F:0A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YxGp1MECUvv3O3Fl81rMHc6fCpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/2wNW8xa8P7_79vN0O4xf9PgeSi8.roa
Signing time: Mon 01 Jan 2024 10:30:15 +0000
ROA not before: Mon 01 Jan 2024 10:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42
IP address blocks: 194.0.17.0/24 maxlen: 24
2001:678:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fa:6d:88:0d:63:8c:66:f1:54:c1:91:54:0f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6311a9d4c10252fbf73b7165f35acc1dce9f0a93
Validity
Not Before: Jan 1 10:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db0356f316bc3fbffbf6f3743b8c5ff4f81e4a2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c8:6e:59:b5:a3:57:54:86:54:f7:52:41:c3:
7a:9c:97:54:c1:dc:b3:d0:bd:87:f2:3e:4b:4f:78:
b5:ce:33:54:2e:2f:87:28:c3:a8:60:3a:42:10:5f:
ec:fd:e4:df:3c:ef:55:8c:e3:35:69:05:87:32:79:
53:08:67:9f:09:d8:8f:34:6e:09:38:69:0d:ca:42:
e8:92:c3:68:f1:41:9e:13:cc:68:ea:b2:9b:a1:cf:
fb:92:ae:65:3b:31:50:3c:38:28:26:18:e1:9c:ca:
3d:f1:fd:05:b8:1f:e9:51:4b:05:5a:cd:29:b3:5f:
cc:0b:f6:03:2b:30:7f:83:65:38:3f:a5:b3:95:d9:
b2:dd:8c:32:15:17:7e:f0:61:62:30:79:53:28:9d:
17:f3:6e:da:2f:e3:a8:82:63:67:a3:47:ff:45:7a:
c1:ee:95:77:23:76:e6:d6:4c:c5:e5:6d:41:d0:fa:
60:6e:a3:1c:4e:0d:d3:42:2c:d2:4a:de:4e:ba:1e:
79:aa:ff:c8:ed:06:b6:00:8c:9e:ad:9a:1e:a2:2d:
cb:6f:7e:0d:24:01:24:19:31:4a:77:39:c3:da:3d:
59:1a:59:62:e4:2b:ed:53:7e:67:92:d7:5a:d2:3d:
e8:ba:0e:33:a3:cd:e0:20:0b:05:14:1c:8a:08:f8:
73:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:03:56:F3:16:BC:3F:BF:FB:F6:F3:74:3B:8C:5F:F4:F8:1E:4A:2F
X509v3 Authority Key Identifier:
keyid:63:11:A9:D4:C1:02:52:FB:F7:3B:71:65:F3:5A:CC:1D:CE:9F:0A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YxGp1MECUvv3O3Fl81rMHc6fCpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/2wNW8xa8P7_79vN0O4xf9PgeSi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/5ed5d3-b99c-486b-af9c-7cfd957f08ff/1/YxGp1MECUvv3O3Fl81rMHc6fCpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.17.0/24
IPv6:
2001:678:3::/48
Signature Algorithm: sha256WithRSAEncryption
a5:13:8f:ff:88:a3:a7:1e:b5:57:86:ca:d6:07:f2:49:6e:7d:
3c:5d:c2:d2:c8:ed:c7:a5:7a:23:a4:0a:20:24:c6:bd:e1:05:
1c:77:a6:62:b3:1c:94:69:70:e3:7f:e4:f0:b5:c2:bb:20:07:
00:21:02:11:39:38:45:08:9d:10:f9:87:71:09:ad:91:3c:97:
dc:f7:3d:08:d5:60:a4:f4:41:94:d8:87:03:4b:bb:32:ec:ab:
3e:68:04:22:d0:2c:e5:91:80:31:b9:c7:56:be:4b:d4:9f:69:
06:13:25:45:f3:8e:37:cf:48:3d:5a:f0:ae:6d:95:ef:15:dc:
af:33:d1:29:0a:81:85:24:24:bf:2f:2c:81:71:4a:ab:54:8e:
5d:cf:78:e3:31:14:4d:36:c8:6b:88:e1:72:e4:e6:91:1a:b7:
06:be:84:9e:36:62:cc:77:a8:34:7a:fb:8e:cb:b0:e5:25:f0:
01:c3:03:1b:60:81:8c:eb:87:35:c9:0b:62:4d:79:6e:9d:8f:
5c:61:89:77:2c:57:35:3c:a0:e6:a7:3d:b5:94:91:c5:71:ec:
be:6a:71:2c:af:94:6c:6a:81:e4:6d:aa:b9:ef:43:3f:e0:2f:
85:1f:a9:c6:89:30:ae:68:83:c0:c7:c1:17:f9:23:58:43:9a:
f2:7a:e5:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEkvptiA1jjGbxVMGRVA9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMTFhOWQ0YzEwMjUyZmJmNzNiNzE2NWYzNWFjYzFkY2U5
ZjBhOTMwHhcNMjQwMTAxMTAzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjAzNTZmMzE2YmMzZmJmZmJmNmYzNzQzYjhjNWZmNGY4MWU0YTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsshuWbWjV1SGVPdSQcN6nJdUwdyz
0L2H8j5LT3i1zjNULi+HKMOoYDpCEF/s/eTfPO9VjOM1aQWHMnlTCGefCdiPNG4J
OGkNykLoksNo8UGeE8xo6rKboc/7kq5lOzFQPDgoJhjhnMo98f0FuB/pUUsFWs0p
s1/MC/YDKzB/g2U4P6Wzldmy3YwyFRd+8GFiMHlTKJ0X827aL+OogmNno0f/RXrB
7pV3I3bm1kzF5W1B0PpgbqMcTg3TQizSSt5Ouh55qv/I7Qa2AIyerZoeoi3Lb34N
JAEkGTFKdznD2j1ZGlli5CvtU35nktda0j3oug4zo83gIAsFFByKCPhzdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNsDVvMWvD+/+/bzdDuMX/T4HkovMB8GA1UdIwQY
MBaAFGMRqdTBAlL79ztxZfNazB3OnwqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXhHcDFNRUNVdnYzTzNGbDgxck1IYzZmQ3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ZWQ1ZDMtYjk5Yy00ODZiLWFmOWMt
N2NmZDk1N2YwOGZmLzEvMndOVzh4YThQN183OXZOME80eGY5UGdlU2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ZWQ1ZDMtYjk5Yy00ODZiLWFmOWMtN2NmZDk1N2YwOGZm
LzEvWXhHcDFNRUNVdnYzTzNGbDgxck1IYzZmQ3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgARMA8E
AgACMAkDBwAgAQZ4AAMwDQYJKoZIhvcNAQELBQADggEBAKUTj/+Io6cetVeGytYH
8klufTxdwtLI7celeiOkCiAkxr3hBRx3pmKzHJRpcON/5PC1wrsgBwAhAhE5OEUI
nRD5h3EJrZE8l9z3PQjVYKT0QZTYhwNLuzLsqz5oBCLQLOWRgDG5x1a+S9SfaQYT
JUXzjjfPSD1a8K5tle8V3K8z0SkKgYUkJL8vLIFxSqtUjl3PeOMxFE02yGuI4XLk
5pEatwa+hJ42Ysx3qDR6+47LsOUl8AHDAxtggYzrhzXJC2JNeW6dj1xhiXcsVzU8
oOanPbWUkcVx7L5qcSyvlGxqgeRtqrnvQz/gL4UfqcaJMK5og8DHwRf5I1hDmvJ6
5RQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:23 2025 by rpki-client