Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/4WvYmhQgI05gXLTFGci95lxfBOw.roa
File: 4WvYmhQgI05gXLTFGci95lxfBOw.roa (raw, json)
Hash identifier: BJKMT6+9drSniHWyZbRxk4s4papstfq3cqqD1D8B0iQ=
Subject key identifier: E1:6B:D8:9A:14:20:23:4E:60:5C:B4:C5:19:C8:BD:E6:5C:5F:04:EC
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CC500CE06A0EAABDB4CEF92D37E83DB04
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/4WvYmhQgI05gXLTFGci95lxfBOw.roa
Signing time: Mon 01 Jan 2024 12:30:13 +0000
ROA not before: Mon 01 Jan 2024 12:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47159
IP address blocks: 87.229.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 04 Jan 2024 13:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ce:06:a0:ea:ab:db:4c:ef:92:d3:7e:83:db:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 1 12:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e16bd89a1420234e605cb4c519c8bde65c5f04ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c1:24:dc:ee:94:7d:00:25:8a:d8:eb:d7:01:
94:ac:60:e5:a7:37:7a:b8:79:40:bc:9e:33:2a:79:
a5:04:ea:51:0b:cc:cb:42:81:f7:41:f1:6f:ab:c0:
bf:a6:fd:23:10:d4:1f:06:3f:d4:fe:6c:6c:4c:6e:
00:79:95:f1:48:00:6f:a2:bc:e9:0d:ac:c6:25:bf:
55:b5:af:69:fb:68:a1:6b:13:34:e5:ca:63:68:95:
b1:85:be:68:bb:a1:57:a8:31:da:24:0c:91:2d:78:
b1:16:07:cf:b1:b4:3f:b2:60:dd:d4:06:c0:4f:b4:
3f:1d:49:57:9a:45:f2:f5:72:d6:df:e5:14:db:bf:
82:5b:14:bf:49:6e:17:ba:8d:0a:e7:7f:01:3c:c2:
0b:05:0c:1e:65:29:05:6a:8c:75:e0:48:df:41:b7:
c2:ee:3b:06:68:9a:29:19:1b:3e:c9:8f:12:66:bc:
9d:18:5c:f3:2b:31:35:ca:15:a7:da:1d:b5:28:06:
f4:2a:a8:7b:87:ce:b8:cf:b3:26:e3:d3:29:d6:ab:
06:74:e6:be:7a:67:c2:a1:d1:59:88:b8:28:8f:44:
27:ab:7b:95:54:e5:8a:36:59:29:a0:74:ae:06:f0:
9e:2a:32:36:bf:b2:96:fa:93:76:c0:ea:6f:75:ba:
3c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:6B:D8:9A:14:20:23:4E:60:5C:B4:C5:19:C8:BD:E6:5C:5F:04:EC
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/4WvYmhQgI05gXLTFGci95lxfBOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.60.0/22
Signature Algorithm: sha256WithRSAEncryption
68:14:e6:ff:3a:cc:9a:20:2f:34:4e:89:7f:cb:38:bc:56:7d:
98:a2:97:f3:3c:2c:b0:bd:2d:71:a0:5f:5a:13:e7:f0:12:4f:
f2:ef:44:5f:fb:2c:90:1d:57:ce:be:f3:06:7d:74:cb:e0:1d:
c9:b7:1f:d3:7e:b8:42:50:c6:95:a1:63:c4:f3:ae:5e:90:71:
9f:dd:a2:4b:59:44:f6:83:ed:3c:f1:f9:27:e6:49:fe:a3:75:
63:34:ab:f7:3c:c0:7c:d0:27:6e:6a:69:e7:19:32:c7:5b:44:
51:0c:cd:31:40:02:8e:e6:03:8e:56:38:48:9f:4d:b5:05:0f:
ba:1d:0a:87:92:dc:72:a8:93:50:3a:f3:97:a7:81:16:dc:9c:
22:df:7c:32:66:5c:fd:9d:97:fa:d1:ec:54:37:47:4d:40:9c:
88:5f:bf:48:91:84:23:12:46:3a:c3:35:75:38:dc:6d:5a:33:
69:f5:ae:8d:1c:45:ab:30:ad:80:34:57:0f:14:c8:27:da:60:
e6:c1:5b:b6:98:d8:2d:c2:08:5a:6d:47:12:1e:ff:dc:56:e5:
22:f9:ae:c2:22:c0:6d:04:bc:30:62:77:eb:ad:c9:67:35:3d:
a5:48:b7:c9:24:a2:83:2e:8a:31:50:99:4b:41:64:5a:a4:f1:
56:e1:fd:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAM4GoOqr20zvktN+g9sEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTAxMTIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTZiZDg5YTE0MjAyMzRlNjA1Y2I0YzUxOWM4YmRlNjVjNWYwNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicEk3O6UfQAlitjr1wGUrGDlpzd6
uHlAvJ4zKnmlBOpRC8zLQoH3QfFvq8C/pv0jENQfBj/U/mxsTG4AeZXxSABvorzp
DazGJb9Vta9p+2ihaxM05cpjaJWxhb5ou6FXqDHaJAyRLXixFgfPsbQ/smDd1AbA
T7Q/HUlXmkXy9XLW3+UU27+CWxS/SW4Xuo0K538BPMILBQweZSkFaox14EjfQbfC
7jsGaJopGRs+yY8SZrydGFzzKzE1yhWn2h21KAb0Kqh7h864z7Mm49Mp1qsGdOa+
emfCodFZiLgoj0Qnq3uVVOWKNlkpoHSuBvCeKjI2v7KW+pN2wOpvdbo83wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFr2JoUICNOYFy0xRnIveZcXwTsMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvNFd2WW1oUWdJMDVnWExURkdjaTk1bHhmQk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCV+U8MA0G
CSqGSIb3DQEBCwUAA4IBAQBoFOb/OsyaIC80Tol/yzi8Vn2YopfzPCywvS1xoF9a
E+fwEk/y70Rf+yyQHVfOvvMGfXTL4B3Jtx/TfrhCUMaVoWPE865ekHGf3aJLWUT2
g+088fkn5kn+o3VjNKv3PMB80CduamnnGTLHW0RRDM0xQAKO5gOOVjhIn021BQ+6
HQqHktxyqJNQOvOXp4EW3Jwi33wyZlz9nZf60exUN0dNQJyIX79IkYQjEkY6wzV1
ONxtWjNp9a6NHEWrMK2ANFcPFMgn2mDmwVu2mNgtwghabUcSHv/cVuUi+a7CIsBt
BLwwYnfrrclnNT2lSLfJJKKDLooxUJlLQWRapPFW4f1S
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:24 2025 by rpki-client