Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1-oQEhCBxlBnuFgNCi2PYTzy6LTg.roa
File: 1-oQEhCBxlBnuFgNCi2PYTzy6LTg.roa (raw, json)
Hash identifier: 3KI9RDMS/EQemXdXrnBfubi83vMwfLosMVImyGuuF7o=
Subject key identifier: FA:84:04:84:20:71:94:19:EE:16:03:42:8B:63:D8:4F:3C:BA:2D:38
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0190B111D69CA28607040AD39CCFAB192329
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1-oQEhCBxlBnuFgNCi2PYTzy6LTg.roa
Signing time: Sun 14 Jul 2024 11:47:34 +0000
ROA not before: Sun 14 Jul 2024 11:47:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212860
IP address blocks: 176.221.24.0/23 maxlen: 24
176.221.28.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b1:11:d6:9c:a2:86:07:04:0a:d3:9c:cf:ab:19:23:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jul 14 11:47:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa84048420719419ee1603428b63d84f3cba2d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:88:8d:58:ba:93:a3:5f:9f:38:62:83:0d:04:
be:96:07:25:01:b5:9c:c6:14:9a:06:56:8f:fe:f2:
17:44:56:77:97:60:9a:19:65:a9:4b:e6:cc:2e:c9:
37:c0:9b:6d:d1:9b:04:84:35:ed:63:11:14:dc:ee:
b4:e9:1a:2a:43:4c:98:f1:f7:ab:e5:b8:bd:02:2f:
1d:5d:02:a3:4b:b2:a3:e8:a1:14:79:01:1b:9f:5c:
9e:4b:85:85:6b:99:02:68:38:89:62:41:91:13:79:
17:0e:38:6b:a7:bf:36:72:27:94:9f:d3:90:89:cd:
23:77:c5:66:f0:d8:50:dc:fb:c7:9b:8e:17:76:12:
15:7a:aa:8e:f0:59:ca:54:90:80:de:84:a3:4c:d0:
f7:62:8e:8f:8b:fe:53:92:35:d0:90:9b:7e:d3:91:
81:16:45:4e:5a:cf:72:22:54:c6:93:83:14:01:d1:
9d:3d:27:e9:8c:a6:fc:2b:20:cd:0b:e8:66:52:9d:
f3:a7:a6:da:76:b6:e7:19:d4:0e:81:ae:6f:d8:8e:
af:66:82:fe:b6:92:40:5e:90:36:15:4c:09:f2:e1:
7e:19:e7:11:e0:53:31:0c:fe:b2:03:d2:f5:d8:ea:
ca:92:d5:f6:29:46:da:e0:92:c5:c1:71:01:e4:3f:
be:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:84:04:84:20:71:94:19:EE:16:03:42:8B:63:D8:4F:3C:BA:2D:38
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/1-oQEhCBxlBnuFgNCi2PYTzy6LTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.24.0/23
176.221.28.0/23
Signature Algorithm: sha256WithRSAEncryption
61:98:92:2f:4a:1c:c3:2a:eb:ac:82:d4:00:dd:07:fb:7c:94:
58:29:52:c5:17:ae:36:3b:5d:fa:27:83:f8:69:f1:ea:f3:e3:
38:dc:67:9b:1a:28:01:f5:ae:c6:6b:38:dc:a6:94:94:0a:80:
4d:61:27:ea:29:7b:f5:d7:48:1e:c5:19:a3:77:9e:ff:49:e8:
55:eb:7e:5a:8a:9f:fe:13:f3:7d:f9:0e:be:20:d2:60:92:e5:
b0:3c:64:63:e1:68:02:36:5c:19:dd:19:08:f1:c6:0f:6c:0a:
d0:46:41:9d:dc:d6:ae:a2:b1:36:ba:c9:26:92:1e:b9:41:d7:
1d:18:11:89:0f:0b:90:50:3d:de:4b:01:19:58:28:5a:9d:4e:
fb:aa:93:24:11:7c:c8:bd:1d:9b:80:7f:0a:6b:7f:58:5b:df:
3e:7c:95:54:fd:2e:7a:37:5b:93:4a:90:a8:5c:a5:bc:01:0e:
a5:f8:db:c0:f8:6e:55:32:a0:5e:75:fb:9a:74:b7:8e:e0:c4:
d2:09:61:60:21:22:c7:4c:a8:f7:41:c4:b7:da:36:af:40:c1:
46:0c:7c:a2:c4:99:7b:2a:b0:de:c0:68:06:8c:16:e2:cd:92:
a4:76:65:ac:16:f6:08:43:c8:16:9f:70:19:0c:67:b5:68:68:
12:0a:63:d9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZCxEdacooYHBArTnM+rGSMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNzE0MTE0NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg0MDQ4NDIwNzE5NDE5ZWUxNjAzNDI4YjYzZDg0ZjNjYmEyZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4iNWLqTo1+fOGKDDQS+lgclAbWc
xhSaBlaP/vIXRFZ3l2CaGWWpS+bMLsk3wJtt0ZsEhDXtYxEU3O606RoqQ0yY8fer
5bi9Ai8dXQKjS7Kj6KEUeQEbn1yeS4WFa5kCaDiJYkGRE3kXDjhrp782cieUn9OQ
ic0jd8Vm8NhQ3PvHm44XdhIVeqqO8FnKVJCA3oSjTND3Yo6Pi/5TkjXQkJt+05GB
FkVOWs9yIlTGk4MUAdGdPSfpjKb8KyDNC+hmUp3zp6badrbnGdQOga5v2I6vZoL+
tpJAXpA2FUwJ8uF+GecR4FMxDP6yA9L12OrKktX2KUba4JLFwXEB5D++IQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPqEBIQgcZQZ7hYDQotj2E88ui04MB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvMS1vUUVoQ0J4bEJudUZnTkNpMlBZVHp5NkxUZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDIvNTdhMzRmLWUzM2ItNGUxNy1iYzMyLTY2NDU3NzI0YzJk
My8xL2IzWGs2VXRjdDBVWHQ3QVZhQUZkcWVidXpiWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAbDdGAME
AbDdHDANBgkqhkiG9w0BAQsFAAOCAQEAYZiSL0ocwyrrrILUAN0H+3yUWClSxReu
Njtd+ieD+Gnx6vPjONxnmxooAfWuxms43KaUlAqATWEn6il79ddIHsUZo3ee/0no
Vet+Woqf/hPzffkOviDSYJLlsDxkY+FoAjZcGd0ZCPHGD2wK0EZBndzWrqKxNrrJ
JpIeuUHXHRgRiQ8LkFA93ksBGVgoWp1O+6qTJBF8yL0dm4B/Cmt/WFvfPnyVVP0u
ejdbk0qQqFylvAEOpfjbwPhuVTKgXnX7mnS3juDE0glhYCEix0yo90HEt9o2r0DB
Rgx8osSZeyqw3sBoBowW4s2SpHZlrBb2CEPIFp9wGQxntWhoEgpj2Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:14 2025 by rpki-client