Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/cxsP7pSe5PfizmR0nfg9cH9gjbc.roa
File: cxsP7pSe5PfizmR0nfg9cH9gjbc.roa (raw, json)
Hash identifier: Q9mh3CX1NH4NAYVGTB8F/JklfT4cutOjdzxU1pYeJmI=
Subject key identifier: 73:1B:0F:EE:94:9E:E4:F7:E2:CE:64:74:9D:F8:3D:70:7F:60:8D:B7
Certificate issuer: /CN=68d24addcc3d5b77a099a907122252a47c8f6310
Certificate serial: 018CC793344D38980A0B308C859686BB28F7
Authority key identifier: 68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/cxsP7pSe5PfizmR0nfg9cH9gjbc.roa
Signing time: Tue 02 Jan 2024 00:29:22 +0000
ROA not before: Tue 02 Jan 2024 00:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200504
IP address blocks: 178.183.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:34:4d:38:98:0a:0b:30:8c:85:96:86:bb:28:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d24addcc3d5b77a099a907122252a47c8f6310
Validity
Not Before: Jan 2 00:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=731b0fee949ee4f7e2ce64749df83d707f608db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:20:fd:24:60:32:52:32:03:cc:e6:8d:dd:61:
14:49:14:83:1e:bb:6f:37:2d:e8:a6:9e:0e:d5:53:
2d:32:a1:98:5c:88:28:66:8e:94:06:0b:8c:91:8d:
08:ed:e9:79:36:34:83:51:9b:7f:5b:d8:84:7d:e4:
b6:db:d5:18:22:72:3b:11:56:39:2c:aa:02:85:d6:
90:2c:74:98:01:c0:e5:e2:ff:0b:53:51:6e:64:8d:
39:0f:2f:d6:26:62:93:0f:16:2a:dc:a2:06:b8:c9:
f2:c9:9f:36:38:b2:94:d0:9f:e6:ea:b0:16:54:34:
29:a5:1c:d2:27:2a:db:01:a6:b4:21:44:c5:1a:1c:
70:e8:3d:b7:90:32:58:18:bf:74:5d:ec:df:94:94:
95:7f:75:49:1f:6c:37:8f:16:a6:00:4a:fa:88:41:
0d:10:e8:6d:0d:6c:88:5b:65:c7:f7:e9:ba:2e:b9:
b7:12:cc:1b:1b:a3:06:f0:24:b4:3c:a5:97:9f:99:
01:13:50:29:37:4a:ba:c4:bf:c4:27:20:74:f8:a1:
a7:ce:67:78:8f:02:28:e7:03:77:f0:91:87:8c:f1:
63:82:89:78:69:2d:2e:67:74:1d:a3:27:d9:a1:0d:
ce:81:e0:5a:12:97:ef:22:ec:8c:86:9c:f7:37:74:
b1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1B:0F:EE:94:9E:E4:F7:E2:CE:64:74:9D:F8:3D:70:7F:60:8D:B7
X509v3 Authority Key Identifier:
keyid:68:D2:4A:DD:CC:3D:5B:77:A0:99:A9:07:12:22:52:A4:7C:8F:63:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNJK3cw9W3egmakHEiJSpHyPYxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/cxsP7pSe5PfizmR0nfg9cH9gjbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/51a655-2735-49ef-80df-b316db5938ff/1/aNJK3cw9W3egmakHEiJSpHyPYxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.183.21.0/24
Signature Algorithm: sha256WithRSAEncryption
87:45:50:96:89:20:20:90:95:55:23:aa:c9:df:a6:47:6e:5f:
e3:48:20:b9:b2:ac:39:14:2b:22:51:f9:3c:ca:36:40:fc:5c:
24:15:2a:9f:09:c0:7c:88:eb:4c:38:62:f9:d2:1b:21:fe:f2:
3b:e1:d6:17:90:ab:57:07:43:3d:3c:1e:5c:58:e4:31:d6:5a:
ff:d0:7d:3f:e2:20:4d:7d:8e:99:ad:98:ff:9a:86:79:21:4f:
95:8e:a7:19:1c:35:1f:44:11:eb:f4:99:7d:13:bb:ea:4c:31:
c7:bf:55:32:73:66:00:27:87:95:20:bd:93:86:e5:a2:9c:0d:
0e:a7:b2:7e:ab:a9:5e:90:08:77:4c:fb:e1:5f:69:fb:10:0b:
ba:d0:89:ad:6d:fd:45:42:8a:7e:79:fa:d9:6f:eb:46:b4:06:
24:17:93:d4:85:74:c6:25:0b:ba:c9:b7:b9:b8:3f:0c:c1:c8:
e2:a8:35:9c:9f:0f:68:85:86:4e:f0:6b:a4:77:cd:2c:a6:aa:
28:20:a3:0a:9e:96:f4:cd:54:17:dc:87:cf:42:d4:c7:23:b4:
62:3d:10:52:c5:40:2a:99:96:e3:31:9c:62:c8:90:91:81:e3:
84:72:ee:bc:92:69:82:86:dd:53:ed:32:d6:d2:7f:ea:c7:bd:
56:ef:69:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHkzRNOJgKCzCMhZaGuyj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDI0YWRkY2MzZDViNzdhMDk5YTkwNzEyMjI1MmE0N2M4
ZjYzMTAwHhcNMjQwMTAyMDAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzFiMGZlZTk0OWVlNGY3ZTJjZTY0NzQ5ZGY4M2Q3MDdmNjA4ZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSD9JGAyUjIDzOaN3WEUSRSDHrtv
Ny3opp4O1VMtMqGYXIgoZo6UBguMkY0I7el5NjSDUZt/W9iEfeS229UYInI7EVY5
LKoChdaQLHSYAcDl4v8LU1FuZI05Dy/WJmKTDxYq3KIGuMnyyZ82OLKU0J/m6rAW
VDQppRzSJyrbAaa0IUTFGhxw6D23kDJYGL90XezflJSVf3VJH2w3jxamAEr6iEEN
EOhtDWyIW2XH9+m6Lrm3EswbG6MG8CS0PKWXn5kBE1ApN0q6xL/EJyB0+KGnzmd4
jwIo5wN38JGHjPFjgol4aS0uZ3QdoyfZoQ3OgeBaEpfvIuyMhpz3N3SxdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMbD+6UnuT34s5kdJ34PXB/YI23MB8GA1UdIwQY
MBaAFGjSSt3MPVt3oJmpBxIiUqR8j2MQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5KSzNjdzlXM2VnbWFrSEVpSlNwSHlQWXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi81MWE2NTUtMjczNS00OWVmLTgwZGYt
YjMxNmRiNTkzOGZmLzEvY3hzUDdwU2U1UGZpem1SMG5mZzljSDlnamJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi81MWE2NTUtMjczNS00OWVmLTgwZGYtYjMxNmRiNTkzOGZm
LzEvYU5KSzNjdzlXM2VnbWFrSEVpSlNwSHlQWXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsrcVMA0G
CSqGSIb3DQEBCwUAA4IBAQCHRVCWiSAgkJVVI6rJ36ZHbl/jSCC5sqw5FCsiUfk8
yjZA/FwkFSqfCcB8iOtMOGL50hsh/vI74dYXkKtXB0M9PB5cWOQx1lr/0H0/4iBN
fY6ZrZj/moZ5IU+VjqcZHDUfRBHr9Jl9E7vqTDHHv1Uyc2YAJ4eVIL2ThuWinA0O
p7J+q6lekAh3TPvhX2n7EAu60Imtbf1FQop+efrZb+tGtAYkF5PUhXTGJQu6ybe5
uD8MwcjiqDWcnw9ohYZO8Gukd80spqooIKMKnpb0zVQX3IfPQtTHI7RiPRBSxUAq
mZbjMZxiyJCRgeOEcu68kmmCht1T7TLW0n/qx71W72kb
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:03:39 2025 by rpki-client