Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/aTGp14VFOuxa_lQWGbpA8-E0JZw.roa
File: aTGp14VFOuxa_lQWGbpA8-E0JZw.roa (raw, json)
Hash identifier: 7UYdiplguKRbSPgeZRwPX6UXQm68ZGP6pE4sUesv9JQ=
Subject key identifier: 69:31:A9:D7:85:45:3A:EC:5A:FE:54:16:19:BA:40:F3:E1:34:25:9C
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 019536F2E520896DCB84E79750D5BAD6A794
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/aTGp14VFOuxa_lQWGbpA8-E0JZw.roa
Signing time: Mon 24 Feb 2025 07:54:02 +0000
ROA not before: Mon 24 Feb 2025 07:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8274
IP address blocks: 176.124.20.0/23 maxlen: 23
176.124.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 14:19:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:36:f2:e5:20:89:6d:cb:84:e7:97:50:d5:ba:d6:a7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Feb 24 07:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6931a9d785453aec5afe541619ba40f3e134259c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:6c:f9:e5:df:69:30:91:bb:b3:73:e2:c8:
e5:63:70:d4:76:28:5f:54:c5:2d:55:3b:3f:ce:fa:
b9:27:5f:11:4a:b0:af:93:ff:f1:f4:e1:85:aa:0f:
10:a2:d6:77:c2:76:7c:25:4f:c4:9e:b5:9f:41:6b:
8a:48:d8:da:3f:c2:67:3c:1e:ea:75:d1:ef:37:f9:
b2:17:b2:2f:53:37:55:23:37:cd:2e:21:0f:c0:13:
d2:63:38:4e:18:0b:60:d7:9c:e2:05:c6:e8:28:fb:
06:15:aa:3a:c3:46:07:8a:af:a3:bd:50:90:44:64:
dc:47:21:0f:6c:58:d7:6f:73:cb:8b:41:b0:8f:e7:
3d:ba:78:7a:30:bf:ba:26:dd:17:25:b8:2f:35:9e:
6b:dc:ba:ba:0a:ea:b7:5c:8f:df:5f:6b:4e:73:8c:
c8:e5:f2:13:d5:f7:9f:bf:d3:d8:c6:f0:f1:2a:9f:
7b:ca:07:18:df:e9:e7:77:d2:24:b6:e0:fe:c3:7d:
aa:5b:72:5e:4c:9f:6e:11:76:42:32:f3:c7:d1:ff:
43:02:25:39:60:4d:c6:f4:12:80:ab:10:84:97:4f:
63:b3:3c:2a:11:f7:89:ab:8c:f8:88:38:9e:42:09:
e2:14:d2:06:cb:11:03:cb:a2:0e:a5:28:41:bb:c7:
db:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:31:A9:D7:85:45:3A:EC:5A:FE:54:16:19:BA:40:F3:E1:34:25:9C
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/aTGp14VFOuxa_lQWGbpA8-E0JZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.20.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:0d:b7:c9:c4:3f:74:15:05:41:38:75:83:10:67:48:3d:5a:
b3:c5:a4:8f:ba:38:74:07:ac:54:d3:79:43:ab:65:c5:e7:0a:
69:7d:5b:6e:ef:08:72:bc:40:f8:82:26:94:51:bc:cb:eb:44:
d5:c2:0b:4e:eb:bd:9f:96:77:7d:2b:87:24:fe:9b:34:a3:08:
9d:b4:65:a2:39:f4:22:fc:57:a8:43:8a:7f:d9:05:bf:67:b0:
81:3a:cf:92:43:14:a1:cc:63:a7:6a:0c:0d:70:ee:d9:c1:02:
64:b3:f2:dc:66:d5:70:84:06:ab:bd:4f:97:75:80:e3:b9:19:
82:41:64:1b:78:8a:0c:9c:ca:1a:30:f1:97:99:c6:a5:75:d9:
29:16:ac:ae:88:b3:75:0d:2d:11:a6:e9:6d:ff:67:35:da:ee:
47:f1:f3:62:7a:ee:dc:40:ae:c5:10:9e:00:08:a5:93:89:61:
c3:8d:6b:16:bd:3c:6a:24:41:cd:5a:d1:74:b5:ab:f9:93:23:
10:3f:ce:47:c0:37:a4:33:15:09:e3:90:97:bd:c8:5c:35:1a:
cf:99:2b:88:1d:e4:cd:e5:5c:68:ea:75:3d:e6:d7:de:24:bb:
da:f9:31:5a:5b:2a:d7:c0:7b:7c:bc:03:e6:27:4e:4e:7f:c6:
ab:7b:42:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU28uUgiW3LhOeXUNW61qeUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjUwMjI0MDc1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTMxYTlkNzg1NDUzYWVjNWFmZTU0MTYxOWJhNDBmM2UxMzQyNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2Zs+eXfaTCRu7Nz4sjlY3DUdihf
VMUtVTs/zvq5J18RSrCvk//x9OGFqg8QotZ3wnZ8JU/EnrWfQWuKSNjaP8JnPB7q
ddHvN/myF7IvUzdVIzfNLiEPwBPSYzhOGAtg15ziBcboKPsGFao6w0YHiq+jvVCQ
RGTcRyEPbFjXb3PLi0Gwj+c9unh6ML+6Jt0XJbgvNZ5r3Lq6Cuq3XI/fX2tOc4zI
5fIT1fefv9PYxvDxKp97ygcY3+nnd9IktuD+w32qW3JeTJ9uEXZCMvPH0f9DAiU5
YE3G9BKAqxCEl09jszwqEfeJq4z4iDieQgniFNIGyxEDy6IOpShBu8fbyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkxqdeFRTrsWv5UFhm6QPPhNCWcMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvYVRHcDE0VkZPdXhhX2xRV0dicEE4LUUwSlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHwUMA0G
CSqGSIb3DQEBCwUAA4IBAQAPDbfJxD90FQVBOHWDEGdIPVqzxaSPujh0B6xU03lD
q2XF5wppfVtu7whyvED4giaUUbzL60TVwgtO672flnd9K4ck/ps0owidtGWiOfQi
/FeoQ4p/2QW/Z7CBOs+SQxShzGOnagwNcO7ZwQJks/LcZtVwhAarvU+XdYDjuRmC
QWQbeIoMnMoaMPGXmcalddkpFqyuiLN1DS0Rpult/2c12u5H8fNieu7cQK7FEJ4A
CKWTiWHDjWsWvTxqJEHNWtF0tav5kyMQP85HwDekMxUJ45CXvchcNRrPmSuIHeTN
5Vxo6nU95tfeJLva+TFaWyrXwHt8vAPmJ05Of8are0Kz
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:39:46 2025 by rpki-client