Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_XLfthLBj0xZ25tOEG7k3dAM6TE.roa
File: _XLfthLBj0xZ25tOEG7k3dAM6TE.roa (raw, json)
Hash identifier: +bzi1WgGC8ltdepLgqA4ASE1Dt6ynhS62hi/pi0r0VQ=
Subject key identifier: FD:72:DF:B6:12:C1:8F:4C:59:DB:9B:4E:10:6E:E4:DD:D0:0C:E9:31
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018E4F4CEC6C127D72F1CCBD3135B5180DA4
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_XLfthLBj0xZ25tOEG7k3dAM6TE.roa
Signing time: Mon 18 Mar 2024 02:03:45 +0000
ROA not before: Mon 18 Mar 2024 02:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19318
IP address blocks: 176.221.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 May 2024 11:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4f:4c:ec:6c:12:7d:72:f1:cc:bd:31:35:b5:18:0d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Mar 18 02:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fd72dfb612c18f4c59db9b4e106ee4ddd00ce931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:51:10:be:35:6d:f6:33:44:9b:ee:cb:c5:8c:
dc:17:20:47:4a:0d:05:f5:a8:f0:cc:e6:11:b1:4d:
0e:09:0f:c6:7a:53:55:fd:a3:7c:ea:45:c5:30:59:
85:fa:3a:14:c1:e1:a0:77:07:d1:9d:2f:a8:46:50:
54:2d:24:85:7a:8d:10:76:ca:13:ae:a9:8d:5c:6d:
11:55:26:93:9f:ef:04:2e:dd:39:08:af:50:c4:9f:
c8:c5:32:b6:90:8a:5d:c6:f6:df:62:d2:c8:ef:70:
fd:c7:6c:bf:64:80:cb:12:ff:73:4d:aa:c2:71:c7:
b7:06:b7:f4:21:6c:98:ef:bb:f8:7e:aa:e1:53:b9:
08:24:b5:a9:74:fb:7e:0a:9f:31:a6:4f:fe:58:69:
c3:a1:2c:a6:0c:8b:44:f7:47:02:87:1a:57:b5:fd:
f9:4b:c5:cc:77:4c:92:28:ed:73:00:cc:d2:e1:aa:
0a:53:46:b5:1a:d5:54:95:f9:43:3f:cb:13:d9:6e:
fe:e7:dd:67:ad:80:3f:ee:da:ba:09:d0:b1:1c:91:
9d:fa:be:76:6d:29:9c:51:01:38:84:9c:41:47:a7:
87:30:74:5a:c2:b4:b3:a9:21:0d:24:5b:0d:43:da:
0a:e9:ba:f6:43:eb:6a:7a:09:8a:2b:43:4b:23:02:
80:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:72:DF:B6:12:C1:8F:4C:59:DB:9B:4E:10:6E:E4:DD:D0:0C:E9:31
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_XLfthLBj0xZ25tOEG7k3dAM6TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.26.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:5d:0a:3c:d4:2a:a0:fc:be:d6:04:46:b0:17:17:14:2d:1c:
08:43:f2:92:f7:06:63:3e:78:b4:02:9e:9b:c0:7e:fb:ec:f1:
9b:77:db:0b:98:55:c2:7e:6b:59:d0:22:f4:97:91:c2:77:30:
bd:9e:8b:47:bc:73:d0:e9:3b:6c:b3:eb:54:03:f1:54:3d:bc:
8d:c4:68:b5:fb:57:2d:73:a9:59:2b:49:b7:7a:c0:87:dd:4a:
ec:99:93:56:c4:9d:bf:41:b7:1a:ba:73:8f:9f:79:c7:90:31:
82:d1:02:0e:98:40:59:c1:54:ce:e3:b1:2b:c8:2e:c1:07:fa:
27:48:77:45:92:ac:ca:5b:06:59:17:20:91:b7:f3:96:af:83:
29:89:20:72:34:53:0e:22:29:05:38:81:fc:70:7f:35:53:7c:
0f:7c:1d:87:73:37:3f:33:df:da:07:5b:ff:96:0f:94:63:52:
cc:c6:01:c1:ce:33:2e:43:f7:b5:8c:a6:ca:c1:b8:fc:88:66:
d5:d3:15:9b:a9:98:6e:f0:41:7b:8c:fb:2f:95:3b:63:87:5a:
95:21:15:0d:2c:ff:86:43:00:b8:b6:9f:4a:c0:a0:36:b3:a7:
e9:9e:69:93:02:0e:c3:7f:b8:06:ea:d9:10:ea:87:f2:cc:54:
0f:c4:53:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5PTOxsEn1y8cy9MTW1GA2kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwMzE4MDIwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDcyZGZiNjEyYzE4ZjRjNTlkYjliNGUxMDZlZTRkZGQwMGNlOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVEQvjVt9jNEm+7LxYzcFyBHSg0F
9ajwzOYRsU0OCQ/GelNV/aN86kXFMFmF+joUweGgdwfRnS+oRlBULSSFeo0QdsoT
rqmNXG0RVSaTn+8ELt05CK9QxJ/IxTK2kIpdxvbfYtLI73D9x2y/ZIDLEv9zTarC
cce3Brf0IWyY77v4fqrhU7kIJLWpdPt+Cp8xpk/+WGnDoSymDItE90cChxpXtf35
S8XMd0ySKO1zAMzS4aoKU0a1GtVUlflDP8sT2W7+591nrYA/7tq6CdCxHJGd+r52
bSmcUQE4hJxBR6eHMHRawrSzqSENJFsNQ9oK6br2Q+tqegmKK0NLIwKANQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1y37YSwY9MWdubThBu5N3QDOkxMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvX1hMZnRoTEJqMHhaMjV0T0VHN2szZEFNNlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsN0aMA0G
CSqGSIb3DQEBCwUAA4IBAQCtXQo81Cqg/L7WBEawFxcULRwIQ/KS9wZjPni0Ap6b
wH777PGbd9sLmFXCfmtZ0CL0l5HCdzC9notHvHPQ6Ttss+tUA/FUPbyNxGi1+1ct
c6lZK0m3esCH3UrsmZNWxJ2/QbcaunOPn3nHkDGC0QIOmEBZwVTO47EryC7BB/on
SHdFkqzKWwZZFyCRt/OWr4MpiSByNFMOIikFOIH8cH81U3wPfB2Hczc/M9/aB1v/
lg+UY1LMxgHBzjMuQ/e1jKbKwbj8iGbV0xWbqZhu8EF7jPsvlTtjh1qVIRUNLP+G
QwC4tp9KwKA2s6fpnmmTAg7Df7gG6tkQ6ofyzFQPxFO9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:22 2025 by rpki-client