Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/t0U437kXdg5IsGo84aEqmsb_Z3M.roa
File: t0U437kXdg5IsGo84aEqmsb_Z3M.roa (raw, json)
Hash identifier: +45rC7XfLS9vWxY49IujqPIBGULw5c/kp1LB6DqsT6g=
Subject key identifier: B7:45:38:DF:B9:17:76:0E:48:B0:6A:3C:E1:A1:2A:9A:C6:FF:67:73
Certificate issuer: /CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Certificate serial: 01906DED7BB12445E070F25ED23FBC55CA59
Authority key identifier: 41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/t0U437kXdg5IsGo84aEqmsb_Z3M.roa
Signing time: Mon 01 Jul 2024 10:53:18 +0000
ROA not before: Mon 01 Jul 2024 10:53:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196936
IP address blocks: 178.217.96.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:ed:7b:b1:24:45:e0:70:f2:5e:d2:3f:bc:55:ca:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4148cbad1748205b4f4334bba638c64c2b21fc0e
Validity
Not Before: Jul 1 10:53:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b74538dfb917760e48b06a3ce1a12a9ac6ff6773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:03:88:77:06:ca:ae:07:a4:ee:e4:00:b9:d6:
47:59:e9:0d:8a:3b:72:41:4f:95:18:f1:b3:58:3c:
fb:35:0a:e6:97:9d:fb:2c:82:d8:4c:33:71:cf:b7:
86:e0:94:48:8b:b0:fd:b2:83:3f:c7:43:35:13:6a:
e6:5a:21:0a:96:f5:2f:12:d9:b8:dc:da:e7:70:b7:
87:8b:c7:19:c6:2b:0a:a2:7d:dd:1d:e3:60:9b:a3:
9d:35:3e:b8:c4:68:63:bc:78:f8:2d:97:06:4c:cb:
e6:cd:63:2c:70:f4:3d:cf:42:db:f2:53:8b:5e:f6:
de:ab:c0:59:3e:26:df:a9:df:ba:30:bd:09:9f:0c:
8c:50:7c:c8:cd:e1:aa:3d:e6:b3:aa:6e:f5:c8:e7:
75:c3:be:8c:d4:a4:01:8c:00:7a:3e:25:37:61:8b:
ca:88:b2:e7:95:6c:ad:c6:b6:f0:7a:95:bf:b6:2f:
43:cc:f0:c2:63:87:31:d7:a3:f8:ac:f8:65:80:d8:
66:98:3a:84:c5:6c:7d:d5:8a:a0:60:cc:fd:d1:d8:
d4:80:39:35:91:5b:6f:23:09:2a:34:35:be:e8:25:
08:ab:95:c8:4a:ef:0c:2e:ec:d9:b1:9c:1d:30:25:
d1:1e:9e:84:4f:41:34:7f:4f:c0:a6:54:1c:b3:78:
f3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:45:38:DF:B9:17:76:0E:48:B0:6A:3C:E1:A1:2A:9A:C6:FF:67:73
X509v3 Authority Key Identifier:
keyid:41:48:CB:AD:17:48:20:5B:4F:43:34:BB:A6:38:C6:4C:2B:21:FC:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QUjLrRdIIFtPQzS7pjjGTCsh_A4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/t0U437kXdg5IsGo84aEqmsb_Z3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/ce21b3-c4de-456d-b538-97975d34fc6c/1/QUjLrRdIIFtPQzS7pjjGTCsh_A4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.96.0/23
Signature Algorithm: sha256WithRSAEncryption
47:4f:6f:7a:f5:02:9a:cf:11:1e:f1:1e:be:31:66:66:6b:87:
32:fd:28:21:52:ee:f9:00:88:9c:9e:c3:27:78:f0:1d:4f:05:
60:b4:99:7d:78:e1:71:2d:52:d4:c0:ac:42:b8:ec:40:ba:86:
d5:7c:97:f7:2b:eb:81:d7:63:f8:1a:d8:b5:08:02:23:55:86:
4f:46:b8:b4:c9:64:3b:37:12:1f:14:c8:41:0b:84:8e:9d:fb:
69:fe:f9:90:4a:84:34:f7:5d:7a:d4:5d:94:09:e6:c8:f0:0b:
ce:65:9a:37:46:1b:fa:57:fb:7c:c9:b1:10:be:68:a6:ff:a8:
ac:b7:40:4b:c6:5e:72:95:4c:c4:b0:98:10:d9:91:30:c7:c2:
f4:94:c4:b1:7e:90:ff:f6:af:3b:d0:bc:17:7e:d1:e1:7f:02:
2e:d0:4a:62:28:cd:5c:fc:8f:25:1c:d3:aa:10:fd:36:e4:95:
70:ad:44:9e:a1:88:04:72:ba:73:64:42:75:81:29:07:21:52:
91:ce:17:52:93:9a:36:69:b7:6a:30:0c:36:08:56:1a:3c:3c:
50:c4:ed:3c:f3:0a:d1:86:9d:d1:28:c7:77:d3:c9:f1:fe:da:
e4:3b:5b:2b:c7:60:8d:f5:b1:e4:83:43:59:f7:01:c4:9d:40:
e5:04:17:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBt7XuxJEXgcPJe0j+8VcpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNDhjYmFkMTc0ODIwNWI0ZjQzMzRiYmE2MzhjNjRjMmIy
MWZjMGUwHhcNMjQwNzAxMTA1MzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQ1MzhkZmI5MTc3NjBlNDhiMDZhM2NlMWExMmE5YWM2ZmY2NzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gOIdwbKrgek7uQAudZHWekNijty
QU+VGPGzWDz7NQrml537LILYTDNxz7eG4JRIi7D9soM/x0M1E2rmWiEKlvUvEtm4
3NrncLeHi8cZxisKon3dHeNgm6OdNT64xGhjvHj4LZcGTMvmzWMscPQ9z0Lb8lOL
Xvbeq8BZPibfqd+6ML0JnwyMUHzIzeGqPeazqm71yOd1w76M1KQBjAB6PiU3YYvK
iLLnlWytxrbwepW/ti9DzPDCY4cx16P4rPhlgNhmmDqExWx91YqgYMz90djUgDk1
kVtvIwkqNDW+6CUIq5XISu8MLuzZsZwdMCXRHp6ET0E0f0/AplQcs3jzOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLdFON+5F3YOSLBqPOGhKprG/2dzMB8GA1UdIwQY
MBaAFEFIy60XSCBbT0M0u6Y4xkwrIfwOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVVqTHJSZElJRnRQUXpTN3BqakdUQ3NoX0E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9jZTIxYjMtYzRkZS00NTZkLWI1Mzgt
OTc5NzVkMzRmYzZjLzEvdDBVNDM3a1hkZzVJc0dvODRhRXFtc2JfWjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9jZTIxYjMtYzRkZS00NTZkLWI1MzgtOTc5NzVkMzRmYzZj
LzEvUVVqTHJSZElJRnRQUXpTN3BqakdUQ3NoX0E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBstlgMA0G
CSqGSIb3DQEBCwUAA4IBAQBHT2969QKazxEe8R6+MWZma4cy/SghUu75AIicnsMn
ePAdTwVgtJl9eOFxLVLUwKxCuOxAuobVfJf3K+uB12P4Gti1CAIjVYZPRri0yWQ7
NxIfFMhBC4SOnftp/vmQSoQ091161F2UCebI8AvOZZo3Rhv6V/t8ybEQvmim/6is
t0BLxl5ylUzEsJgQ2ZEwx8L0lMSxfpD/9q870LwXftHhfwIu0EpiKM1c/I8lHNOq
EP025JVwrUSeoYgEcrpzZEJ1gSkHIVKRzhdSk5o2abdqMAw2CFYaPDxQxO088wrR
hp3RKMd308nx/trkO1srx2CN9bHkg0NZ9wHEnUDlBBcP
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:34 2025 by rpki-client