Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/XthgDNKmkBNupQLkZUzxOahyFeQ.roa
File: XthgDNKmkBNupQLkZUzxOahyFeQ.roa (raw, json)
Hash identifier: AxRU+e0N39UtPChiPxguOqd476Pd3mbAx9pXC2MRzcU=
Subject key identifier: 5E:D8:60:0C:D2:A6:90:13:6E:A5:02:E4:65:4C:F1:39:A8:72:15:E4
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 018CC8DFA42D09863CF1B281BBB3B538806A
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/XthgDNKmkBNupQLkZUzxOahyFeQ.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47757
IP address blocks: 194.120.164.0/24 maxlen: 24
194.120.171.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 13:20:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a4:2d:09:86:3c:f1:b2:81:bb:b3:b5:38:80:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ed8600cd2a690136ea502e4654cf139a87215e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a7:0d:b1:d2:d4:e5:ff:a7:07:90:a8:57:06:
41:37:fd:30:cb:65:94:b5:b8:ef:67:b9:52:6d:fd:
4a:a7:3b:18:e5:b6:69:cf:40:fb:37:f6:53:1a:bd:
75:66:15:6d:a7:31:3c:d2:ac:ba:23:b7:fc:b5:c4:
0f:a5:48:46:af:36:21:8a:67:a7:cb:d9:ce:d6:29:
c2:f9:c2:a5:f4:af:53:0f:47:2c:2e:e8:4f:46:3e:
c2:b6:cc:51:b4:28:0c:19:c7:ae:ba:8e:36:22:6a:
80:9f:9a:9d:b0:2c:6f:05:3a:8f:d2:6d:bf:3f:49:
e5:3e:ca:f4:0d:74:a5:61:eb:aa:0e:91:3b:9a:4e:
dc:fb:cc:7d:68:85:f6:ce:07:bb:2b:39:80:72:66:
42:f0:17:77:88:20:3f:2e:4a:c3:f0:77:34:20:85:
95:ee:b7:7a:c4:c6:b3:5c:33:ba:6b:ba:48:7b:94:
7a:27:53:95:10:f4:19:f6:b9:20:54:cf:64:bc:e7:
d5:8d:80:2e:b8:83:b8:ee:a9:d5:ef:b4:49:f3:d1:
75:29:59:e4:9f:db:05:7f:c1:be:0f:e1:ce:16:5b:
48:93:b6:62:fb:28:8a:43:b0:0a:ed:70:17:17:8d:
2d:d0:c9:22:fd:26:d5:d8:67:03:5b:c5:4e:56:e4:
ab:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:D8:60:0C:D2:A6:90:13:6E:A5:02:E4:65:4C:F1:39:A8:72:15:E4
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/XthgDNKmkBNupQLkZUzxOahyFeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.120.164.0/24
194.120.171.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:f7:45:77:70:00:ed:38:e9:30:8e:c0:2d:ae:44:c6:4c:90:
ee:c7:d9:92:f6:44:2a:72:31:aa:1a:cb:d9:cf:bb:15:f9:fd:
a9:f7:b2:32:c5:74:21:0e:55:dd:83:93:8f:68:82:a3:9b:d9:
a5:11:cc:f0:0d:de:52:63:78:38:55:ca:8d:42:a8:09:60:3b:
28:48:94:a8:83:60:c5:f7:e6:b0:17:7f:bb:c1:6c:70:23:1e:
eb:6f:a6:0d:f8:b6:5a:aa:e8:93:ec:f8:6e:2d:54:1a:7e:26:
94:34:64:f2:48:fa:46:cc:ea:76:c5:73:9b:40:50:a2:bf:aa:
f6:ad:6e:64:9e:97:eb:01:0d:22:24:2d:1c:dd:00:fb:36:e2:
72:a6:03:90:75:5c:80:c7:e6:4f:03:a0:63:ee:3e:1f:9e:1f:
9f:f8:41:78:f4:36:d6:e5:70:c3:2b:26:6c:30:d1:b7:27:48:
e7:16:6d:d1:23:41:b0:99:98:32:05:dd:db:34:88:f1:04:b2:
c1:e0:f6:48:20:f1:35:6c:d3:40:07:b3:39:b5:6d:1f:ac:e4:
3a:7f:77:46:37:ae:85:3f:80:8f:5e:5d:08:e6:77:6a:c5:9f:
87:43:2c:fa:81:ba:4c:f1:be:3b:71:7e:d2:ab:1f:73:f8:48:
48:62:bd:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI36QtCYY88bKBu7O1OIBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWQ4NjAwY2QyYTY5MDEzNmVhNTAyZTQ2NTRjZjEzOWE4NzIxNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhacNsdLU5f+nB5CoVwZBN/0wy2WU
tbjvZ7lSbf1KpzsY5bZpz0D7N/ZTGr11ZhVtpzE80qy6I7f8tcQPpUhGrzYhimen
y9nO1inC+cKl9K9TD0csLuhPRj7CtsxRtCgMGceuuo42ImqAn5qdsCxvBTqP0m2/
P0nlPsr0DXSlYeuqDpE7mk7c+8x9aIX2zge7KzmAcmZC8Bd3iCA/LkrD8Hc0IIWV
7rd6xMazXDO6a7pIe5R6J1OVEPQZ9rkgVM9kvOfVjYAuuIO47qnV77RJ89F1KVnk
n9sFf8G+D+HOFltIk7Zi+yiKQ7AK7XAXF40t0Mki/SbV2GcDW8VOVuSrMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF7YYAzSppATbqUC5GVM8TmochXkMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvWHRoZ0ROS21rQk51cFFMa1pVenhPYWh5RmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwnikAwQA
wnirMA0GCSqGSIb3DQEBCwUAA4IBAQCm90V3cADtOOkwjsAtrkTGTJDux9mS9kQq
cjGqGsvZz7sV+f2p97IyxXQhDlXdg5OPaIKjm9mlEczwDd5SY3g4VcqNQqgJYDso
SJSog2DF9+awF3+7wWxwIx7rb6YN+LZaquiT7PhuLVQafiaUNGTySPpGzOp2xXOb
QFCiv6r2rW5knpfrAQ0iJC0c3QD7NuJypgOQdVyAx+ZPA6Bj7j4fnh+f+EF49DbW
5XDDKyZsMNG3J0jnFm3RI0GwmZgyBd3bNIjxBLLB4PZIIPE1bNNAB7M5tW0frOQ6
f3dGN66FP4CPXl0I5ndqxZ+HQyz6gbpM8b47cX7Sqx9z+EhIYr2Y
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:08 2025 by rpki-client