Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/lEXlTYgc1VivLY8DRNAz_sz89Bw.roa
File: lEXlTYgc1VivLY8DRNAz_sz89Bw.roa (raw, json)
Hash identifier: CiPmwSFuqQy+UuaJiDK6CkaDyZSY8qHcd7zI7jlyf2s=
Subject key identifier: 94:45:E5:4D:88:1C:D5:58:AF:2D:8F:03:44:D0:33:FE:CC:FC:F4:1C
Certificate issuer: /CN=5e9b9bed8f8d3d579bb0552e4fc4b81986861e64
Certificate serial: 018CC8DF11E9608B1DB163983901F8CF8A7C
Authority key identifier: 5E:9B:9B:ED:8F:8D:3D:57:9B:B0:55:2E:4F:C4:B8:19:86:86:1E:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/lEXlTYgc1VivLY8DRNAz_sz89Bw.roa
Signing time: Tue 02 Jan 2024 06:31:51 +0000
ROA not before: Tue 02 Jan 2024 06:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24836
IP address blocks: 193.111.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:11:e9:60:8b:1d:b1:63:98:39:01:f8:cf:8a:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e9b9bed8f8d3d579bb0552e4fc4b81986861e64
Validity
Not Before: Jan 2 06:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9445e54d881cd558af2d8f0344d033feccfcf41c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dc:41:3a:42:af:49:d6:63:e1:b1:c2:f2:e2:
88:29:63:2b:e9:c6:46:ac:25:b0:9b:2e:72:1a:9d:
52:41:f6:59:dc:55:4a:d2:f0:30:2d:93:19:87:20:
af:d3:97:b4:67:1d:39:d2:e1:93:ba:76:a0:f1:6d:
bd:21:e4:47:13:d8:63:76:93:3f:2f:f5:34:82:aa:
ce:b1:d7:51:82:f0:c0:28:ef:6e:fc:06:de:2f:64:
ed:3f:62:fa:dc:bc:09:6e:ec:a3:41:21:9c:49:b5:
df:40:d1:92:1e:e3:10:0d:79:ed:07:99:c2:6f:87:
dd:33:0b:ae:27:c8:26:e5:4f:13:00:51:48:8f:df:
6b:89:2a:82:6c:dc:c2:15:36:17:4d:f7:29:d8:05:
da:6f:78:d6:c0:23:38:43:c0:79:81:68:d7:ca:c0:
39:40:c8:23:6f:27:1e:d7:e8:8d:29:82:5b:b0:9d:
01:19:8c:b8:d9:ea:2d:1e:57:a6:3e:02:1e:60:82:
ad:4a:cf:7f:de:58:a0:5b:6c:f7:3c:3d:af:d5:e8:
77:ec:7e:b0:05:2e:b3:0d:65:fb:6d:44:b5:7d:5a:
68:36:c5:da:e2:d3:12:fb:13:36:d1:8d:9f:f0:80:
01:4a:48:6a:1f:4d:02:7b:5b:39:a0:31:d4:30:81:
34:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:45:E5:4D:88:1C:D5:58:AF:2D:8F:03:44:D0:33:FE:CC:FC:F4:1C
X509v3 Authority Key Identifier:
keyid:5E:9B:9B:ED:8F:8D:3D:57:9B:B0:55:2E:4F:C4:B8:19:86:86:1E:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/lEXlTYgc1VivLY8DRNAz_sz89Bw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/448c85-a966-4df2-98e4-a5a5ad06eb43/1/Xpub7Y-NPVebsFUuT8S4GYaGHmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.163.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:53:f1:cf:0d:fc:1e:50:ff:b2:84:a1:36:e5:79:df:6c:37:
08:65:0f:a8:3f:98:19:a3:dd:41:ac:f7:ec:15:14:e2:a3:78:
f6:3e:7b:c5:81:54:d1:a7:fc:d5:19:62:9f:ac:d4:d8:9b:9d:
f2:f8:06:dc:c7:0e:71:1d:26:67:12:2f:6b:88:49:52:77:e1:
0b:04:39:e2:b7:91:4d:e7:8e:1f:e1:f4:60:9d:c3:5c:60:7a:
1f:29:db:bb:c9:85:b4:23:d0:49:72:ab:98:e8:7a:17:57:b6:
d0:60:ac:43:dc:42:13:e0:cb:e0:e7:1a:b6:74:39:8a:71:9e:
57:a1:c8:c3:cd:8d:9a:b6:5e:31:ca:f9:e6:a8:22:51:43:ca:
9f:14:63:5e:e8:82:7a:6c:d6:7c:4a:d4:f7:2e:0e:51:f4:ec:
80:b2:f9:52:61:92:e6:42:b6:3f:3a:64:1b:14:07:84:a3:23:
2d:02:5a:a6:a2:5d:a0:63:74:0e:88:cd:89:0a:c8:8a:0c:aa:
8b:4b:2d:ef:49:dd:2e:c0:60:a6:95:b5:0b:77:c2:0c:a1:25:
aa:67:8c:6c:fc:76:c5:91:9d:af:4c:be:2e:9f:08:4d:02:fc:
8f:60:40:02:90:1a:ca:3f:ab:bf:a5:c5:b0:99:70:6a:8c:c1:
88:19:39:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3xHpYIsdsWOYOQH4z4p8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOWI5YmVkOGY4ZDNkNTc5YmIwNTUyZTRmYzRiODE5ODY4
NjFlNjQwHhcNMjQwMTAyMDYzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDQ1ZTU0ZDg4MWNkNTU4YWYyZDhmMDM0NGQwMzNmZWNjZmNmNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09xBOkKvSdZj4bHC8uKIKWMr6cZG
rCWwmy5yGp1SQfZZ3FVK0vAwLZMZhyCv05e0Zx050uGTunag8W29IeRHE9hjdpM/
L/U0gqrOsddRgvDAKO9u/AbeL2TtP2L63LwJbuyjQSGcSbXfQNGSHuMQDXntB5nC
b4fdMwuuJ8gm5U8TAFFIj99riSqCbNzCFTYXTfcp2AXab3jWwCM4Q8B5gWjXysA5
QMgjbyce1+iNKYJbsJ0BGYy42eotHlemPgIeYIKtSs9/3ligW2z3PD2v1eh37H6w
BS6zDWX7bUS1fVpoNsXa4tMS+xM20Y2f8IABSkhqH00Ce1s5oDHUMIE0xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRF5U2IHNVYry2PA0TQM/7M/PQcMB8GA1UdIwQY
MBaAFF6bm+2PjT1Xm7BVLk/EuBmGhh5kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHB1YjdZLU5QVmVic0ZVdVQ4UzRHWWFHSG1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80NDhjODUtYTk2Ni00ZGYyLTk4ZTQt
YTVhNWFkMDZlYjQzLzEvbEVYbFRZZ2MxVml2TFk4RFJOQXpfc3o4OUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80NDhjODUtYTk2Ni00ZGYyLTk4ZTQtYTVhNWFkMDZlYjQz
LzEvWHB1YjdZLU5QVmVic0ZVdVQ4UzRHWWFHSG1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW+jMA0G
CSqGSIb3DQEBCwUAA4IBAQCyU/HPDfweUP+yhKE25XnfbDcIZQ+oP5gZo91BrPfs
FRTio3j2PnvFgVTRp/zVGWKfrNTYm53y+Abcxw5xHSZnEi9riElSd+ELBDnit5FN
544f4fRgncNcYHofKdu7yYW0I9BJcquY6HoXV7bQYKxD3EIT4Mvg5xq2dDmKcZ5X
ocjDzY2atl4xyvnmqCJRQ8qfFGNe6IJ6bNZ8StT3Lg5R9OyAsvlSYZLmQrY/OmQb
FAeEoyMtAlqmol2gY3QOiM2JCsiKDKqLSy3vSd0uwGCmlbULd8IMoSWqZ4xs/HbF
kZ2vTL4unwhNAvyPYEACkBrKP6u/pcWwmXBqjMGIGTn2
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:20:55 2025 by rpki-client