Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/l7VGb2C4erNw-xfOKKBu9VZWrPU.roa
File: l7VGb2C4erNw-xfOKKBu9VZWrPU.roa (raw, json)
Hash identifier: 9yOaApjQqKl+CQumyFjjc+4z/JwrelyQuv+Lz0TTZD4=
Subject key identifier: 97:B5:46:6F:60:B8:7A:B3:70:FB:17:CE:28:A0:6E:F5:56:56:AC:F5
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 018CC492454DBFF5308EDF7C6F92364B3F39
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/l7VGb2C4erNw-xfOKKBu9VZWrPU.roa
Signing time: Mon 01 Jan 2024 10:29:29 +0000
ROA not before: Mon 01 Jan 2024 10:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22773
IP address blocks: 195.64.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 20:16:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:45:4d:bf:f5:30:8e:df:7c:6f:92:36:4b:3f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: Jan 1 10:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97b5466f60b87ab370fb17ce28a06ef55656acf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ba:a5:d4:aa:1e:aa:6e:d4:c2:2f:a2:aa:f5:
ef:31:ef:a4:88:2e:b7:33:4b:aa:d2:77:87:2d:bb:
77:48:95:87:98:73:34:92:50:e9:51:8b:3e:ee:73:
b3:dc:f5:2f:eb:ad:bb:7e:7f:4a:bb:d2:c9:47:14:
68:95:29:e5:80:d9:df:52:68:46:ef:99:fc:09:8a:
ba:3e:cf:b3:71:63:8b:a0:28:52:0a:29:29:78:68:
57:eb:2f:98:28:78:35:9d:75:3b:48:1f:46:16:85:
49:72:40:ce:0b:10:86:aa:b6:5a:fd:f1:0a:79:55:
ef:7b:ec:58:b3:33:3c:31:4d:b9:a6:09:2a:79:87:
f1:52:08:99:f0:e5:db:71:ed:c7:aa:52:2e:1c:21:
42:08:12:8c:bb:2e:58:19:30:8a:fb:15:a1:94:aa:
ae:38:08:65:8d:d3:c7:0e:5b:91:1f:13:47:ea:7c:
06:fb:e2:ee:e9:ed:2d:35:88:3b:8a:ae:98:83:62:
0d:1a:98:b1:50:74:bc:06:80:c1:7a:11:04:33:b7:
ff:8b:b5:08:47:4b:9b:7b:6b:bf:b8:1a:77:07:e2:
20:b6:33:26:26:98:60:66:95:94:50:e4:e7:a4:fa:
2f:6a:7e:6a:7b:14:5f:4f:5e:30:34:28:1e:cf:f5:
eb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B5:46:6F:60:B8:7A:B3:70:FB:17:CE:28:A0:6E:F5:56:56:AC:F5
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/l7VGb2C4erNw-xfOKKBu9VZWrPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.122.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:db:bf:de:67:18:87:a2:5d:01:a5:66:cb:09:fa:38:55:62:
e7:6e:75:46:48:e7:e5:54:49:fd:34:08:e6:6d:2c:e8:50:40:
63:0f:cd:f9:29:29:4f:19:53:40:0a:88:ff:17:d4:e2:66:ea:
87:cc:bf:fa:06:4c:39:cb:20:d7:42:f3:73:64:75:80:87:34:
19:e3:7f:64:8d:25:af:b7:ef:dc:4d:91:b9:63:a6:9f:8a:3d:
d0:a3:60:05:14:8a:74:96:ee:bc:51:0b:f4:f4:f0:27:b1:9a:
85:da:d3:06:e9:6c:ed:9f:10:b0:08:e2:04:0d:df:11:2f:95:
62:8a:31:d8:88:a5:0a:2e:94:fa:11:18:3b:b9:d3:89:5c:c7:
99:b0:7d:e6:87:e3:a2:94:f6:29:51:e1:93:6c:a3:b9:d5:2f:
52:be:d9:81:8a:9e:9e:8f:72:31:27:c8:07:84:09:83:ad:87:
cc:1d:20:2d:8d:75:c7:12:09:ee:69:82:35:69:11:04:9b:77:
de:06:15:1f:ac:d3:88:80:29:f0:46:09:22:b2:b2:3b:31:f4:
d6:c1:e7:84:33:df:26:e5:49:2c:3c:8e:d9:53:a8:47:03:22:
4c:b0:04:9d:ae:15:6c:71:59:e0:97:1d:2f:16:08:f1:91:a6:
0a:4b:d2:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkkVNv/Uwjt98b5I2Sz85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjQwMTAxMTAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2I1NDY2ZjYwYjg3YWIzNzBmYjE3Y2UyOGEwNmVmNTU2NTZhY2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorql1Koeqm7Uwi+iqvXvMe+kiC63
M0uq0neHLbt3SJWHmHM0klDpUYs+7nOz3PUv6627fn9Ku9LJRxRolSnlgNnfUmhG
75n8CYq6Ps+zcWOLoChSCikpeGhX6y+YKHg1nXU7SB9GFoVJckDOCxCGqrZa/fEK
eVXve+xYszM8MU25pgkqeYfxUgiZ8OXbce3HqlIuHCFCCBKMuy5YGTCK+xWhlKqu
OAhljdPHDluRHxNH6nwG++Lu6e0tNYg7iq6Yg2INGpixUHS8BoDBehEEM7f/i7UI
R0ube2u/uBp3B+IgtjMmJphgZpWUUOTnpPovan5qexRfT14wNCgez/XrsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJe1Rm9guHqzcPsXziigbvVWVqz1MB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvbDdWR2IyQzRlck53LXhmT0tLQnU5VlpXclBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B6MA0G
CSqGSIb3DQEBCwUAA4IBAQDA27/eZxiHol0BpWbLCfo4VWLnbnVGSOflVEn9NAjm
bSzoUEBjD835KSlPGVNACoj/F9TiZuqHzL/6Bkw5yyDXQvNzZHWAhzQZ439kjSWv
t+/cTZG5Y6afij3Qo2AFFIp0lu68UQv09PAnsZqF2tMG6WztnxCwCOIEDd8RL5Vi
ijHYiKUKLpT6ERg7udOJXMeZsH3mh+OilPYpUeGTbKO51S9SvtmBip6ej3IxJ8gH
hAmDrYfMHSAtjXXHEgnuaYI1aREEm3feBhUfrNOIgCnwRgkisrI7MfTWweeEM98m
5UksPI7ZU6hHAyJMsASdrhVscVnglx0vFgjxkaYKS9I4
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:09:22 2025 by rpki-client