Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/83c881-bef7-4f79-90ba-5590768de2cf/1/tI7GzP_0Es_s7DIWPCj6TszLXYY.roa
File: tI7GzP_0Es_s7DIWPCj6TszLXYY.roa (raw, json)
Hash identifier: 7kL9hzkqr+h1PYZHaGFLoNFmf6XOV+2VluVeZbR2ne4=
Subject key identifier: B4:8E:C6:CC:FF:F4:12:CF:EC:EC:32:16:3C:28:FA:4E:CC:CB:5D:86
Certificate issuer: /CN=ad17e7016f953a0e62cca4566ff9d1052c30f25a
Certificate serial: 018E3D8D2919864FBD79FDA28827E6A00D8A
Authority key identifier: AD:17:E7:01:6F:95:3A:0E:62:CC:A4:56:6F:F9:D1:05:2C:30:F2:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRfnAW-VOg5izKRWb_nRBSww8lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/83c881-bef7-4f79-90ba-5590768de2cf/1/tI7GzP_0Es_s7DIWPCj6TszLXYY.roa
Signing time: Thu 14 Mar 2024 15:20:45 +0000
ROA not before: Thu 14 Mar 2024 15:20:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 195.60.186.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:8d:29:19:86:4f:bd:79:fd:a2:88:27:e6:a0:0d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad17e7016f953a0e62cca4566ff9d1052c30f25a
Validity
Not Before: Mar 14 15:20:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b48ec6ccfff412cfecec32163c28fa4ecccb5d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:73:a3:24:b4:5a:1c:01:76:24:b8:20:f1:b7:
ea:bc:f0:77:d7:a9:43:36:e5:9b:1d:71:e0:83:e6:
28:4c:64:34:b5:4a:87:e9:e9:a3:bf:cd:1e:7b:41:
70:7f:6d:a6:55:0f:0d:2c:46:04:f9:14:2b:06:87:
f9:93:b9:30:ce:b6:db:a4:a0:d3:01:21:46:42:f5:
23:3c:7d:a8:97:41:2d:97:00:6e:66:62:2c:a9:b5:
8c:7a:43:f4:db:e3:55:97:42:bb:6b:61:76:66:16:
bb:70:38:f3:fe:af:da:46:77:de:a0:57:52:02:03:
01:52:0b:74:a5:e8:13:ed:48:d8:82:2d:38:a6:75:
93:90:f7:70:b2:34:b1:82:b9:4a:62:76:72:a7:6f:
14:8b:e5:27:26:89:80:ba:0f:e4:45:ae:f3:a2:16:
43:f9:87:aa:fa:70:a7:05:ea:37:a6:2f:80:57:b9:
78:04:5f:35:64:5e:c9:7d:db:e8:7a:65:56:22:e0:
da:11:f6:0e:8b:53:6e:75:f3:c1:cb:90:34:77:9c:
84:cf:14:ca:09:a7:da:1e:52:8d:12:32:d3:fd:76:
f5:4b:94:38:37:30:ac:e5:43:f6:69:b8:15:ea:8b:
70:d6:6e:8d:a0:fe:db:3b:0a:3a:62:81:cf:73:b6:
73:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:8E:C6:CC:FF:F4:12:CF:EC:EC:32:16:3C:28:FA:4E:CC:CB:5D:86
X509v3 Authority Key Identifier:
keyid:AD:17:E7:01:6F:95:3A:0E:62:CC:A4:56:6F:F9:D1:05:2C:30:F2:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRfnAW-VOg5izKRWb_nRBSww8lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/83c881-bef7-4f79-90ba-5590768de2cf/1/tI7GzP_0Es_s7DIWPCj6TszLXYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/83c881-bef7-4f79-90ba-5590768de2cf/1/rRfnAW-VOg5izKRWb_nRBSww8lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.186.0/23
Signature Algorithm: sha256WithRSAEncryption
48:34:be:5a:f5:68:96:33:01:30:61:2b:74:75:50:7e:07:aa:
28:45:7d:f0:22:44:9b:64:c4:e0:35:35:3f:93:f4:f3:ca:73:
06:58:c7:43:ec:c1:ec:73:09:3d:02:fc:00:c6:0b:43:3f:b8:
e3:de:a2:f7:d3:f1:75:c1:0e:9f:22:1b:d2:45:54:14:e7:b2:
3a:de:55:6e:1b:0e:a8:b4:87:b6:cc:aa:fc:e2:f7:97:82:84:
db:c2:fc:19:8a:4e:f6:aa:c3:42:4f:4e:82:b3:82:27:ab:2f:
49:e8:92:98:9e:62:3b:ad:c5:cd:94:69:04:e3:47:5c:9d:18:
eb:5c:67:ad:e4:bc:5d:4d:d4:24:70:35:2b:40:be:f6:17:16:
4e:2f:36:52:a7:57:1e:14:9c:b7:16:e3:0f:03:50:40:f2:36:
47:da:3c:11:06:42:da:16:ed:33:bd:5d:ea:80:0c:8e:6e:a2:
a5:ab:a5:7a:49:15:19:8a:ec:0c:d6:3c:f4:46:04:e7:e6:39:
99:5d:62:1f:b4:65:ad:df:a0:4c:a6:8a:f3:cb:bc:1c:70:f4:
07:07:2e:38:a1:0f:f5:d4:ae:9f:03:ab:63:18:b8:7a:61:58:
b5:56:47:0d:2a:6c:7d:4d:d5:da:a3:2f:1b:c8:23:31:97:5e:
51:3c:9f:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY49jSkZhk+9ef2iiCfmoA2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMTdlNzAxNmY5NTNhMGU2MmNjYTQ1NjZmZjlkMTA1MmMz
MGYyNWEwHhcNMjQwMzE0MTUyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDhlYzZjY2ZmZjQxMmNmZWNlYzMyMTYzYzI4ZmE0ZWNjY2I1ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3OjJLRaHAF2JLgg8bfqvPB316lD
NuWbHXHgg+YoTGQ0tUqH6emjv80ee0Fwf22mVQ8NLEYE+RQrBof5k7kwzrbbpKDT
ASFGQvUjPH2ol0EtlwBuZmIsqbWMekP02+NVl0K7a2F2Zha7cDjz/q/aRnfeoFdS
AgMBUgt0pegT7UjYgi04pnWTkPdwsjSxgrlKYnZyp28Ui+UnJomAug/kRa7zohZD
+Yeq+nCnBeo3pi+AV7l4BF81ZF7JfdvoemVWIuDaEfYOi1NudfPBy5A0d5yEzxTK
CafaHlKNEjLT/Xb1S5Q4NzCs5UP2abgV6otw1m6NoP7bOwo6YoHPc7ZzGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSOxsz/9BLP7OwyFjwo+k7My12GMB8GA1UdIwQY
MBaAFK0X5wFvlToOYsykVm/50QUsMPJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclJmbkFXLVZPZzVpektSV2JfblJCU3d3OGxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My84M2M4ODEtYmVmNy00Zjc5LTkwYmEt
NTU5MDc2OGRlMmNmLzEvdEk3R3pQXzBFc19zN0RJV1BDajZUc3pMWFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My84M2M4ODEtYmVmNy00Zjc5LTkwYmEtNTU5MDc2OGRlMmNm
LzEvclJmbkFXLVZPZzVpektSV2JfblJCU3d3OGxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzy6MA0G
CSqGSIb3DQEBCwUAA4IBAQBINL5a9WiWMwEwYSt0dVB+B6ooRX3wIkSbZMTgNTU/
k/TzynMGWMdD7MHscwk9AvwAxgtDP7jj3qL30/F1wQ6fIhvSRVQU57I63lVuGw6o
tIe2zKr84veXgoTbwvwZik72qsNCT06Cs4Inqy9J6JKYnmI7rcXNlGkE40dcnRjr
XGet5LxdTdQkcDUrQL72FxZOLzZSp1ceFJy3FuMPA1BA8jZH2jwRBkLaFu0zvV3q
gAyObqKlq6V6SRUZiuwM1jz0RgTn5jmZXWIftGWt36BMporzy7wccPQHBy44oQ/1
1K6fA6tjGLh6YVi1VkcNKmx9TdXaoy8byCMxl15RPJ+t
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:15 2025 by rpki-client