Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xYl9pjyFvTfCKBeMm3tePnEIat0.roa
File: xYl9pjyFvTfCKBeMm3tePnEIat0.roa (raw, json)
Hash identifier: HZUzqU3Rngc/g437eH7q0/ZtkSzQqN8yWti1ys8get4=
Subject key identifier: C5:89:7D:A6:3C:85:BD:37:C2:28:17:8C:9B:7B:5E:3E:71:08:6A:DD
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194258FB4A935B678DF9FE8F8C786654C99
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xYl9pjyFvTfCKBeMm3tePnEIat0.roa
Signing time: Thu 02 Jan 2025 05:49:22 +0000
ROA not before: Thu 02 Jan 2025 05:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49551
IP address blocks: 31.148.202.0/23 maxlen: 24
93.171.44.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 15:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:b4:a9:35:b6:78:df:9f:e8:f8:c7:86:65:4c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 05:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5897da63c85bd37c228178c9b7b5e3e71086add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:de:2f:22:3d:50:d2:fd:14:27:8e:c7:c4:ca:
a2:9a:b7:e8:40:19:44:02:81:d8:4b:27:d3:c7:a5:
09:79:34:4c:f4:11:f9:50:72:29:d8:66:07:3d:42:
7c:0e:82:5f:5b:5b:35:56:84:c7:ad:d0:23:b8:0b:
28:a5:a8:db:d0:d9:48:37:84:62:ee:c4:c0:64:24:
de:33:fe:fe:89:6d:bf:e5:51:21:0d:cf:8a:85:c6:
7a:55:ae:04:96:74:21:43:af:0e:d5:a7:d4:39:a7:
32:05:8a:43:48:c4:20:16:e0:44:24:11:32:ef:ad:
a7:4b:e0:45:1e:2d:7d:3a:f8:ac:55:25:cc:39:bf:
7e:28:d8:74:f2:8b:bb:ea:4e:bc:94:ae:60:aa:77:
65:b6:7e:05:0b:b9:e3:00:30:a7:86:19:96:0f:ef:
98:8c:b4:af:cb:d4:54:96:02:a4:85:33:7d:39:dd:
10:8d:8d:30:05:a3:8a:6e:fa:fb:83:c6:33:f9:e8:
21:83:65:41:56:54:32:c8:58:24:97:de:11:45:d0:
04:64:d2:e4:7a:b0:78:8b:60:fd:52:7f:da:ba:84:
26:1d:38:06:5d:6e:b5:4f:c2:bd:98:62:9d:c3:fc:
0c:c2:53:56:49:94:21:e6:f8:67:7d:1e:5e:fb:8f:
67:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:89:7D:A6:3C:85:BD:37:C2:28:17:8C:9B:7B:5E:3E:71:08:6A:DD
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/xYl9pjyFvTfCKBeMm3tePnEIat0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.202.0/23
93.171.44.0/22
Signature Algorithm: sha256WithRSAEncryption
37:ec:6d:a9:4a:db:79:13:6c:b4:5c:10:dc:bc:f9:b8:02:12:
57:8b:29:6f:ea:79:b2:0c:fd:51:55:8d:50:0f:8f:91:7a:c7:
dc:0e:bc:d9:51:e2:f5:5e:89:f5:e5:50:ae:ed:b3:55:af:6f:
19:ab:57:ee:e7:68:52:02:4c:63:d0:08:f8:d7:c7:a9:82:a2:
b9:9b:e0:2b:8b:61:b1:f8:6c:8b:c6:f2:1a:a2:dd:ca:3f:09:
61:8d:fe:96:5f:d2:a8:a3:33:73:bc:54:c7:1a:af:04:90:9c:
99:57:de:21:9e:93:c9:db:eb:a6:90:3c:08:bc:20:40:8b:90:
3c:13:86:0c:52:89:ac:43:85:68:c8:03:06:81:12:31:81:5c:
e4:05:e4:a4:7c:0a:6c:67:48:70:1d:d6:2a:be:1c:9e:9b:5a:
36:b5:4f:ed:67:fd:21:b1:ad:8b:70:1c:c2:1b:aa:8e:cc:39:
03:5c:ef:32:cb:59:a2:ae:e1:4b:98:63:70:fc:25:51:ce:8f:
64:09:1d:99:82:a3:66:0b:78:90:44:03:37:36:4f:78:3a:f7:
15:5d:2c:95:cd:62:cf:88:91:f7:64:4e:c5:89:3c:1b:80:0a:
bb:24:c0:2f:16:c0:0e:e9:cf:47:33:c7:51:4d:eb:2a:8a:a3:
d1:82:d0:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj7SpNbZ435/o+MeGZUyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMTAyMDU0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTg5N2RhNjNjODViZDM3YzIyODE3OGM5YjdiNWUzZTcxMDg2YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3N4vIj1Q0v0UJ47HxMqimrfoQBlE
AoHYSyfTx6UJeTRM9BH5UHIp2GYHPUJ8DoJfW1s1VoTHrdAjuAsopajb0NlIN4Ri
7sTAZCTeM/7+iW2/5VEhDc+KhcZ6Va4ElnQhQ68O1afUOacyBYpDSMQgFuBEJBEy
762nS+BFHi19OvisVSXMOb9+KNh08ou76k68lK5gqndltn4FC7njADCnhhmWD++Y
jLSvy9RUlgKkhTN9Od0QjY0wBaOKbvr7g8Yz+eghg2VBVlQyyFgkl94RRdAEZNLk
erB4i2D9Un/auoQmHTgGXW61T8K9mGKdw/wMwlNWSZQh5vhnfR5e+49nSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMWJfaY8hb03wigXjJt7Xj5xCGrdMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEveFlsOXBqeUZ2VGZDS0JlTW0zdGVQbkVJYXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH5TKAwQC
XassMA0GCSqGSIb3DQEBCwUAA4IBAQA37G2pStt5E2y0XBDcvPm4AhJXiylv6nmy
DP1RVY1QD4+ResfcDrzZUeL1Xon15VCu7bNVr28Zq1fu52hSAkxj0Aj418epgqK5
m+Ari2Gx+GyLxvIaot3KPwlhjf6WX9KoozNzvFTHGq8EkJyZV94hnpPJ2+umkDwI
vCBAi5A8E4YMUomsQ4VoyAMGgRIxgVzkBeSkfApsZ0hwHdYqvhyem1o2tU/tZ/0h
sa2LcBzCG6qOzDkDXO8yy1miruFLmGNw/CVRzo9kCR2ZgqNmC3iQRAM3Nk94OvcV
XSyVzWLPiJH3ZE7FiTwbgAq7JMAvFsAO6c9HM8dRTesqiqPRgtDu
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:22 2025 by rpki-client