Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/z6EZwvb3PIBa6HVxMUA6MLzzdEo.roa
File: z6EZwvb3PIBa6HVxMUA6MLzzdEo.roa (raw, json)
Hash identifier: vEzHs2Ej61iBsL+QcUEDJqXuDHeeKlArrHDNs2p1fO0=
Subject key identifier: CF:A1:19:C2:F6:F7:3C:80:5A:E8:75:71:31:40:3A:30:BC:F3:74:4A
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018CC79453D6EFE74F38D43E03742F7A3F2A
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/z6EZwvb3PIBa6HVxMUA6MLzzdEo.roa
Signing time: Tue 02 Jan 2024 00:30:35 +0000
ROA not before: Tue 02 Jan 2024 00:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56616
IP address blocks: 2.188.168.0/21 maxlen: 21
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:53:d6:ef:e7:4f:38:d4:3e:03:74:2f:7a:3f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jan 2 00:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfa119c2f6f73c805ae8757131403a30bcf3744a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:34:8d:b8:c9:c5:a9:e6:81:cd:ad:95:de:21:
30:1a:b1:0c:cc:78:20:b8:7e:64:7f:a9:6e:ba:17:
cd:b8:ea:67:ce:fd:b7:bb:40:2a:40:94:b2:4f:d3:
db:b5:5a:ad:83:d7:3b:66:e2:7c:3c:6d:0b:04:72:
29:6e:0d:db:0c:75:e6:36:ec:57:72:11:f1:97:3a:
a0:20:07:73:4e:f7:f0:d5:1d:d4:6f:86:2e:f3:4e:
06:31:75:ec:9e:91:54:04:04:db:0a:e8:10:6c:91:
69:ba:a0:a8:a2:2e:b2:49:05:3d:45:b8:3e:09:37:
62:20:dd:6c:6e:67:a2:d6:9b:77:a4:3e:8b:ca:56:
23:cb:62:fb:82:d4:03:6d:d0:b1:d3:ea:bd:52:77:
e8:7a:8b:b0:c8:53:58:a8:5d:d2:10:54:aa:32:a2:
b9:f6:96:ac:17:a0:7a:90:43:04:93:c7:e9:46:b1:
e9:43:e9:e5:23:2b:3b:9b:a7:42:ed:e4:8c:b0:ff:
43:b4:a5:ee:30:9f:01:12:99:4e:48:00:4b:a6:0f:
dd:d9:dc:cd:10:a7:b1:30:d7:f7:b2:52:11:ba:6b:
cf:4c:18:60:af:f0:8d:6f:e4:ab:87:84:d5:ef:70:
3e:27:7a:92:20:42:4d:3e:fd:17:f7:99:2e:12:51:
ad:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A1:19:C2:F6:F7:3C:80:5A:E8:75:71:31:40:3A:30:BC:F3:74:4A
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/z6EZwvb3PIBa6HVxMUA6MLzzdEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.168.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:23:ac:23:6e:eb:82:6e:2a:67:6d:d5:ce:69:37:64:84:2c:
a1:31:d0:b5:42:ca:60:ea:cf:b3:93:1c:99:af:1a:9a:71:c5:
81:90:32:77:32:51:ba:8d:45:ef:8c:b5:4c:5f:6f:0f:9e:35:
8f:c1:3e:02:ba:48:3a:e5:0a:fb:4c:cc:76:51:9a:81:d3:73:
6a:06:0b:93:42:46:27:f5:a6:19:da:cb:d4:61:64:39:ce:73:
26:f4:bb:dc:6a:bc:9c:56:af:37:33:fb:b3:11:31:2c:8c:88:
3d:2f:8f:a8:09:b1:57:d5:e3:a2:4f:ea:10:c8:f5:a0:da:24:
2f:cd:fd:5c:0a:51:a8:f2:3d:14:b1:ec:2d:30:cb:c0:2c:ca:
03:24:2a:d9:ba:25:f9:ea:89:ab:74:08:52:29:b7:da:bf:e2:
18:11:b1:68:29:f2:71:fc:fe:31:b8:81:2e:3d:bb:49:49:97:
4a:ca:87:b4:c6:f2:58:ca:89:86:31:3a:b1:84:0d:c0:64:2f:
63:ff:92:af:56:8a:d1:a6:12:ef:61:ad:0f:33:ab:cb:92:b8:
c6:7d:22:72:62:89:d5:79:c7:bf:b1:f5:67:45:32:da:98:bb:
d0:17:6d:6b:e9:2d:77:71:ea:0c:18:50:0e:0f:85:fc:8f:47:
9b:4d:8f:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlFPW7+dPONQ+A3Qvej8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjQwMTAyMDAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmExMTljMmY2ZjczYzgwNWFlODc1NzEzMTQwM2EzMGJjZjM3NDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjSNuMnFqeaBza2V3iEwGrEMzHgg
uH5kf6luuhfNuOpnzv23u0AqQJSyT9PbtVqtg9c7ZuJ8PG0LBHIpbg3bDHXmNuxX
chHxlzqgIAdzTvfw1R3Ub4Yu804GMXXsnpFUBATbCugQbJFpuqCooi6ySQU9Rbg+
CTdiIN1sbmei1pt3pD6LylYjy2L7gtQDbdCx0+q9UnfoeouwyFNYqF3SEFSqMqK5
9pasF6B6kEMEk8fpRrHpQ+nlIys7m6dC7eSMsP9DtKXuMJ8BEplOSABLpg/d2dzN
EKexMNf3slIRumvPTBhgr/CNb+Srh4TV73A+J3qSIEJNPv0X95kuElGt3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM+hGcL29zyAWuh1cTFAOjC883RKMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvejZFWnd2YjNQSUJhNkhWeE1VQTZNTHp6ZEVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDAryoMA0G
CSqGSIb3DQEBCwUAA4IBAQA/I6wjbuuCbipnbdXOaTdkhCyhMdC1Qspg6s+zkxyZ
rxqaccWBkDJ3MlG6jUXvjLVMX28PnjWPwT4Cukg65Qr7TMx2UZqB03NqBguTQkYn
9aYZ2svUYWQ5znMm9LvcarycVq83M/uzETEsjIg9L4+oCbFX1eOiT+oQyPWg2iQv
zf1cClGo8j0UsewtMMvALMoDJCrZuiX56omrdAhSKbfav+IYEbFoKfJx/P4xuIEu
PbtJSZdKyoe0xvJYyomGMTqxhA3AZC9j/5KvVorRphLvYa0PM6vLkrjGfSJyYonV
ece/sfVnRTLamLvQF21r6S13ceoMGFAOD4X8j0ebTY/H
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:55 2025 by rpki-client