Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/xNsBg3RKiei2KRWB3kZlba5Zttw.roa
File: xNsBg3RKiei2KRWB3kZlba5Zttw.roa (raw, json)
Hash identifier: zrANRqq0owfVJXAV3WdxhIfx15sCqPxqnFPZLVVDNeM=
Subject key identifier: C4:DB:01:83:74:4A:89:E8:B6:29:15:81:DE:46:65:6D:AE:59:B6:DC
Certificate issuer: /CN=0950228904b9dbeb4792a697727e36aafd84d2e9
Certificate serial: 018CC56DDD61A7E153682232B8C65AA03206
Authority key identifier: 09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/xNsBg3RKiei2KRWB3kZlba5Zttw.roa
Signing time: Mon 01 Jan 2024 14:29:20 +0000
ROA not before: Mon 01 Jan 2024 14:29:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199008
IP address blocks: 176.122.50.0/24 maxlen: 24
176.122.49.0/24 maxlen: 24
176.122.48.0/24 maxlen: 24
176.122.51.0/24 maxlen: 24
176.122.56.0/21 maxlen: 21
176.122.52.0/22 maxlen: 22
176.122.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 11:20:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:dd:61:a7:e1:53:68:22:32:b8:c6:5a:a0:32:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0950228904b9dbeb4792a697727e36aafd84d2e9
Validity
Not Before: Jan 1 14:29:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4db0183744a89e8b6291581de46656dae59b6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:da:05:e5:5d:b8:b1:89:09:a8:c6:a0:cc:51:
e5:e9:51:a6:88:29:cb:1d:81:25:33:24:56:2e:e5:
75:47:af:8a:c0:bc:67:74:9f:97:43:93:f6:66:e4:
eb:cf:71:f8:9d:5d:06:f3:22:7e:48:de:cf:e9:52:
ac:a7:1b:a2:13:2d:de:ee:72:fa:42:e0:6d:92:b9:
67:a5:34:25:0c:73:50:c2:1d:a7:da:ba:52:c7:58:
39:b7:0a:8d:3e:7a:70:34:92:c4:dd:87:22:46:41:
ff:2e:a1:98:9c:1c:4b:4c:f2:74:a9:78:52:82:c0:
83:0d:19:be:5d:d2:25:65:76:24:ba:2c:d1:ec:90:
f1:58:4d:95:0b:f5:4a:4d:83:88:62:9d:4f:72:c0:
65:e1:1f:54:db:06:4c:ff:4c:20:6c:f5:a8:84:17:
57:e6:d3:30:b6:2c:50:20:94:82:ec:d3:58:1e:2c:
c4:fb:ea:c1:81:fc:34:8a:e7:b1:6c:e0:5d:5f:bb:
d9:52:fb:50:35:30:2e:03:7f:2d:4e:61:9d:a9:1e:
f4:ff:78:6d:65:6a:76:69:7d:4b:42:d2:98:a5:22:
48:81:7b:d0:ed:59:9e:5b:ad:43:17:e6:43:6a:f9:
31:af:b0:4c:82:ad:fa:41:a7:37:d3:6e:89:01:0c:
60:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:DB:01:83:74:4A:89:E8:B6:29:15:81:DE:46:65:6D:AE:59:B6:DC
X509v3 Authority Key Identifier:
keyid:09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/xNsBg3RKiei2KRWB3kZlba5Zttw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.48.0/20
Signature Algorithm: sha256WithRSAEncryption
23:00:d0:ac:31:7a:0e:c3:f5:38:94:aa:fd:91:b7:38:36:6d:
b3:b1:69:a7:be:5d:90:1d:9c:56:a7:f8:13:50:a6:e3:72:e9:
48:33:d7:16:46:fb:d5:49:35:e2:f1:b6:c2:04:1b:82:04:40:
57:77:d9:19:65:c8:51:81:1c:39:3d:ca:2a:9e:c2:5b:e1:50:
6d:06:69:f8:b9:60:12:91:74:ba:57:89:8e:3f:66:ce:9c:5d:
a9:b1:23:bd:9c:35:b6:3b:c3:0d:5d:fb:ff:46:05:c8:4d:49:
d5:7d:0a:98:d2:2e:7e:95:ff:e9:3a:7e:0e:59:cb:da:d2:d8:
62:33:e8:4e:73:c5:cc:ec:06:75:bc:8d:a6:fe:46:af:a4:56:
1b:75:39:d5:b8:11:51:0f:59:d8:1c:b3:4f:b1:45:ac:a2:d6:
a3:ce:2d:11:28:9a:19:db:92:19:a9:33:80:3a:83:da:e7:e4:
bd:8e:27:77:9f:11:d5:10:2d:d8:7f:d1:2b:0b:38:70:8b:dd:
ea:6e:4b:73:0c:95:8e:ae:af:59:88:b4:6d:ad:01:fe:e8:76:
1c:19:5c:66:d0:f3:21:73:7b:af:c3:7e:60:86:db:46:4e:3c:
96:63:ce:d3:0b:ff:c9:b5:a1:1b:b9:80:89:c0:3a:42:14:0a:
dd:3d:cf:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbd1hp+FTaCIyuMZaoDIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTAyMjg5MDRiOWRiZWI0NzkyYTY5NzcyN2UzNmFhZmQ4
NGQyZTkwHhcNMjQwMTAxMTQyOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGRiMDE4Mzc0NGE4OWU4YjYyOTE1ODFkZTQ2NjU2ZGFlNTliNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2toF5V24sYkJqMagzFHl6VGmiCnL
HYElMyRWLuV1R6+KwLxndJ+XQ5P2ZuTrz3H4nV0G8yJ+SN7P6VKspxuiEy3e7nL6
QuBtkrlnpTQlDHNQwh2n2rpSx1g5twqNPnpwNJLE3YciRkH/LqGYnBxLTPJ0qXhS
gsCDDRm+XdIlZXYkuizR7JDxWE2VC/VKTYOIYp1PcsBl4R9U2wZM/0wgbPWohBdX
5tMwtixQIJSC7NNYHizE++rBgfw0iuexbOBdX7vZUvtQNTAuA38tTmGdqR70/3ht
ZWp2aX1LQtKYpSJIgXvQ7VmeW61DF+ZDavkxr7BMgq36Qac3026JAQxgwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTbAYN0SonotikVgd5GZW2uWbbcMB8GA1UdIwQY
MBaAFAlQIokEudvrR5Kml3J+Nqr9hNLpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQt
NjI4MjFjMmMyOTlmLzEveE5zQmczUktpZWkyS1JXQjNrWmxiYTVadHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQtNjI4MjFjMmMyOTlm
LzEvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsHowMA0G
CSqGSIb3DQEBCwUAA4IBAQAjANCsMXoOw/U4lKr9kbc4Nm2zsWmnvl2QHZxWp/gT
UKbjculIM9cWRvvVSTXi8bbCBBuCBEBXd9kZZchRgRw5PcoqnsJb4VBtBmn4uWAS
kXS6V4mOP2bOnF2psSO9nDW2O8MNXfv/RgXITUnVfQqY0i5+lf/pOn4OWcva0thi
M+hOc8XM7AZ1vI2m/kavpFYbdTnVuBFRD1nYHLNPsUWsotajzi0RKJoZ25IZqTOA
OoPa5+S9jid3nxHVEC3Yf9ErCzhwi93qbktzDJWOrq9ZiLRtrQH+6HYcGVxm0PMh
c3uvw35ghttGTjyWY87TC//JtaEbuYCJwDpCFArdPc+1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:50 2025 by rpki-client