Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/fAsxgYyVcHSoAG3aCyyvg0iPx_U.roa
File: fAsxgYyVcHSoAG3aCyyvg0iPx_U.roa (raw, json)
Hash identifier: rD53toD4tsd7wUi1pJ1ZCtUz2bLSHXKmrSZVljz2szk=
Subject key identifier: 7C:0B:31:81:8C:95:70:74:A8:00:6D:DA:0B:2C:AF:83:48:8F:C7:F5
Certificate issuer: /CN=0c57cb3a1e53e7629ee3b9f2672d4571ef85d2c8
Certificate serial: 018CC2DACF45F3B0ED925C1A0CE2FEF0B5A2
Authority key identifier: 0C:57:CB:3A:1E:53:E7:62:9E:E3:B9:F2:67:2D:45:71:EF:85:D2:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFfLOh5T52Ke47nyZy1Fce-F0sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/fAsxgYyVcHSoAG3aCyyvg0iPx_U.roa
Signing time: Mon 01 Jan 2024 02:29:28 +0000
ROA not before: Mon 01 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200884
IP address blocks: 94.126.50.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cf:45:f3:b0:ed:92:5c:1a:0c:e2:fe:f0:b5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c57cb3a1e53e7629ee3b9f2672d4571ef85d2c8
Validity
Not Before: Jan 1 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c0b31818c957074a8006dda0b2caf83488fc7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c5:62:e2:5f:3b:e9:3c:f9:65:27:a5:02:72:
f8:8f:11:99:d9:89:f9:36:fd:3e:eb:44:cb:ae:68:
be:f3:56:58:09:b3:c6:59:4b:3d:fc:be:66:8c:0f:
0c:05:44:c6:f6:b5:da:f0:d2:79:9c:30:88:df:96:
21:7a:9e:6a:5a:b9:fd:a3:76:2b:6f:9b:55:9b:17:
1d:c0:51:c8:3a:06:cd:db:99:35:b8:cf:b6:3e:38:
8a:89:37:17:f0:60:a6:0d:20:f9:fa:07:53:d9:e3:
a3:ab:0b:2a:8a:ad:f7:7d:9f:87:10:ae:e6:84:e6:
90:7c:d4:f7:d3:87:7c:b9:df:b1:e8:c1:62:8f:a9:
6a:43:b8:d8:c3:5e:15:39:d9:54:fa:3d:b1:cc:8f:
e4:ac:91:27:a4:8b:fc:57:0d:ce:c5:35:60:10:cc:
4e:16:4e:f9:98:b5:a4:68:86:59:90:89:19:62:d8:
ac:f5:2c:ae:45:20:7e:fb:4b:7a:e9:b9:0f:da:0c:
85:58:2b:5f:e5:d1:79:c4:6b:03:48:a1:6a:8a:3c:
2d:3d:5d:a8:65:d4:cd:4d:66:d9:27:92:ab:71:4a:
47:5b:aa:55:79:1a:71:fa:c4:ce:b1:9a:cb:86:4f:
4a:e8:16:14:69:4c:25:e4:a6:c5:82:47:d7:d4:4a:
47:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:0B:31:81:8C:95:70:74:A8:00:6D:DA:0B:2C:AF:83:48:8F:C7:F5
X509v3 Authority Key Identifier:
keyid:0C:57:CB:3A:1E:53:E7:62:9E:E3:B9:F2:67:2D:45:71:EF:85:D2:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFfLOh5T52Ke47nyZy1Fce-F0sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/fAsxgYyVcHSoAG3aCyyvg0iPx_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/6c1e01-1595-47b0-9e03-cf7232ddebec/1/DFfLOh5T52Ke47nyZy1Fce-F0sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.126.50.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:b6:d7:c8:b4:fd:35:91:23:c4:8c:7f:e8:bd:d4:72:6e:7f:
81:6f:70:bd:3a:3a:6a:29:89:68:89:b6:9c:33:27:29:2e:fc:
86:b5:29:2d:59:3a:b8:54:52:11:79:e9:1f:73:cf:be:fa:3c:
40:d9:dc:2f:bc:7b:41:1b:17:18:14:29:02:72:f3:c6:09:a5:
20:82:73:b5:2c:78:ea:d9:7e:dd:77:88:3c:d3:86:91:00:bc:
42:71:67:e8:03:fc:af:a1:16:9e:ae:03:38:55:86:34:85:1f:
6f:aa:ad:93:b6:6b:2f:70:1f:d1:96:2d:39:1e:3e:5d:b4:25:
aa:94:7d:01:cf:56:0b:d8:63:4e:55:37:b5:f5:ff:6c:b7:a9:
42:20:d6:8e:21:ed:71:1a:1b:31:1b:0f:36:51:df:27:cc:bc:
ac:ba:34:36:a6:5d:04:18:b3:58:41:68:5d:30:ff:dd:6c:fe:
48:63:64:15:0c:09:b0:9b:02:10:36:2b:58:92:8d:50:34:48:
51:ae:8a:be:2f:7a:13:5c:f8:71:36:ec:31:0c:c6:3e:78:03:
b9:e7:70:83:fc:b8:3b:8e:17:3e:86:1b:03:69:82:93:74:77:
c7:10:55:24:7f:35:24:cc:9d:e9:7e:40:12:b6:41:cc:ba:05:
f3:a1:f9:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2s9F87DtklwaDOL+8LWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTdjYjNhMWU1M2U3NjI5ZWUzYjlmMjY3MmQ0NTcxZWY4
NWQyYzgwHhcNMjQwMTAxMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzBiMzE4MThjOTU3MDc0YTgwMDZkZGEwYjJjYWY4MzQ4OGZjN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcVi4l876Tz5ZSelAnL4jxGZ2Yn5
Nv0+60TLrmi+81ZYCbPGWUs9/L5mjA8MBUTG9rXa8NJ5nDCI35Yhep5qWrn9o3Yr
b5tVmxcdwFHIOgbN25k1uM+2PjiKiTcX8GCmDSD5+gdT2eOjqwsqiq33fZ+HEK7m
hOaQfNT304d8ud+x6MFij6lqQ7jYw14VOdlU+j2xzI/krJEnpIv8Vw3OxTVgEMxO
Fk75mLWkaIZZkIkZYtis9SyuRSB++0t66bkP2gyFWCtf5dF5xGsDSKFqijwtPV2o
ZdTNTWbZJ5KrcUpHW6pVeRpx+sTOsZrLhk9K6BYUaUwl5KbFgkfX1EpHnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwLMYGMlXB0qABt2gssr4NIj8f1MB8GA1UdIwQY
MBaAFAxXyzoeU+dinuO58mctRXHvhdLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZmTE9oNVQ1MktlNDdueVp5MUZjZS1GMHNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS82YzFlMDEtMTU5NS00N2IwLTllMDMt
Y2Y3MjMyZGRlYmVjLzEvZkFzeGdZeVZjSFNvQUczYUN5eXZnMGlQeF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS82YzFlMDEtMTU5NS00N2IwLTllMDMtY2Y3MjMyZGRlYmVj
LzEvREZmTE9oNVQ1MktlNDdueVp5MUZjZS1GMHNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXn4yMA0G
CSqGSIb3DQEBCwUAA4IBAQBLttfItP01kSPEjH/ovdRybn+Bb3C9OjpqKYloibac
MycpLvyGtSktWTq4VFIReekfc8+++jxA2dwvvHtBGxcYFCkCcvPGCaUggnO1LHjq
2X7dd4g804aRALxCcWfoA/yvoRaergM4VYY0hR9vqq2TtmsvcB/Rli05Hj5dtCWq
lH0Bz1YL2GNOVTe19f9st6lCINaOIe1xGhsxGw82Ud8nzLysujQ2pl0EGLNYQWhd
MP/dbP5IY2QVDAmwmwIQNitYko1QNEhRroq+L3oTXPhxNuwxDMY+eAO553CD/Lg7
jhc+hhsDaYKTdHfHEFUkfzUkzJ3pfkAStkHMugXzofmA
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:13:36 2025 by rpki-client