Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/oqbB6sR2Swyn1vsZcLRpmQhMNmM.roa
File: oqbB6sR2Swyn1vsZcLRpmQhMNmM.roa (raw, json)
Hash identifier: ZqaapHh1IUU6KeDPpOKuGCgEwlw8Rh2126Rn6zZ/ULw=
Subject key identifier: A2:A6:C1:EA:C4:76:4B:0C:A7:D6:FB:19:70:B4:69:99:08:4C:36:63
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 0191B7FAA6440B16C83460D4C7BBB0605F9C
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/oqbB6sR2Swyn1vsZcLRpmQhMNmM.roa
Signing time: Tue 03 Sep 2024 13:02:22 +0000
ROA not before: Tue 03 Sep 2024 13:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214268
IP address blocks: 178.217.160.0/22 maxlen: 24
178.217.164.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 18:59:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:fa:a6:44:0b:16:c8:34:60:d4:c7:bb:b0:60:5f:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Sep 3 13:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2a6c1eac4764b0ca7d6fb1970b46999084c3663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1e:70:d3:76:f1:1f:d1:32:b0:a7:1d:60:0d:
64:00:40:c5:72:72:14:bd:29:51:d4:cd:82:63:50:
3d:df:43:c4:de:88:a9:a8:da:51:36:7d:a4:49:ee:
0b:7c:07:f5:ff:10:ea:19:17:97:74:e8:7f:bd:78:
9d:82:ef:88:1e:48:73:8b:1b:b6:77:66:36:cd:ab:
b7:07:cb:52:10:97:d3:7f:22:c8:1d:06:97:ee:b7:
6c:f1:48:42:f4:c0:27:30:a5:8f:f1:b0:db:51:c5:
8b:b6:95:f2:ec:5d:bc:ce:da:bc:db:42:3e:2c:3d:
c7:37:35:9c:85:1d:6d:04:23:e8:43:94:73:b0:09:
9e:14:b1:fc:77:89:2b:2d:86:73:02:48:07:a9:3a:
ac:b7:b9:23:7c:0e:d4:0e:15:80:c2:e8:a7:9c:d7:
f0:5a:15:d6:c9:57:6f:36:a8:3d:44:79:b5:6e:ac:
2f:4a:e3:4e:ea:54:d0:0c:d5:6b:32:4a:26:59:a8:
f5:0f:16:d2:b9:c4:81:a4:ae:a6:95:a9:42:c4:8a:
48:6e:dd:a1:6e:60:ee:3f:eb:09:80:de:1f:60:e2:
59:5e:a1:55:33:0a:e7:d2:58:c2:dd:b4:e1:85:50:
ba:76:b3:2c:6d:39:5a:e7:e4:91:23:e0:2e:22:dd:
7a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A6:C1:EA:C4:76:4B:0C:A7:D6:FB:19:70:B4:69:99:08:4C:36:63
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/oqbB6sR2Swyn1vsZcLRpmQhMNmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.160.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:b7:40:a2:31:fd:98:c9:0e:77:ac:5d:01:72:a1:89:ed:0c:
ca:60:3a:c4:34:dd:82:1a:9f:c2:59:7c:3f:e1:3e:d9:56:16:
5e:2e:93:bc:b1:92:c7:b7:b2:e3:2c:8e:93:df:c8:32:a5:30:
50:2f:12:1d:f8:21:23:25:43:28:05:e9:81:1a:69:d5:5f:da:
c9:d7:6d:05:d0:90:25:7b:c3:ae:2d:b4:8c:02:aa:f1:10:cf:
56:76:89:89:40:dc:33:ca:1a:64:d6:d6:aa:38:0b:09:54:97:
35:b8:09:fb:fb:93:05:0d:fd:ca:e3:e4:bf:d3:a2:8d:ec:38:
99:91:0f:18:2e:ae:5f:c0:ce:15:98:15:36:74:a7:54:98:d8:
30:50:a9:ad:c8:9c:dc:22:35:9b:be:17:60:79:ec:8b:ca:fa:
77:ed:07:6a:0a:bf:e0:64:00:2a:77:ab:f1:85:68:7d:73:74:
1e:b4:3f:c4:e8:1b:7d:94:bc:62:bb:17:02:ae:f6:0e:1b:1a:
cd:0f:fe:b7:c5:8a:09:0c:71:67:d1:60:81:ce:75:f4:46:b1:
41:23:0a:92:99:f0:c8:d4:23:43:44:be:84:34:d5:86:2c:79:
54:ee:92:f0:52:92:2e:07:80:1e:d9:af:af:a2:6d:cc:d9:70:
b1:23:31:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG3+qZECxbINGDUx7uwYF+cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjQwOTAzMTMwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE2YzFlYWM0NzY0YjBjYTdkNmZiMTk3MGI0Njk5OTA4NGMzNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B5w03bxH9EysKcdYA1kAEDFcnIU
vSlR1M2CY1A930PE3oipqNpRNn2kSe4LfAf1/xDqGReXdOh/vXidgu+IHkhzixu2
d2Y2zau3B8tSEJfTfyLIHQaX7rds8UhC9MAnMKWP8bDbUcWLtpXy7F28ztq820I+
LD3HNzWchR1tBCPoQ5RzsAmeFLH8d4krLYZzAkgHqTqst7kjfA7UDhWAwuinnNfw
WhXWyVdvNqg9RHm1bqwvSuNO6lTQDNVrMkomWaj1DxbSucSBpK6mlalCxIpIbt2h
bmDuP+sJgN4fYOJZXqFVMwrn0ljC3bThhVC6drMsbTla5+SRI+AuIt16TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKmwerEdksMp9b7GXC0aZkITDZjMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvb3FiQjZzUjJTd3luMXZzWmNMUnBtUWhNTm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDstmgMA0G
CSqGSIb3DQEBCwUAA4IBAQA/t0CiMf2YyQ53rF0BcqGJ7QzKYDrENN2CGp/CWXw/
4T7ZVhZeLpO8sZLHt7LjLI6T38gypTBQLxId+CEjJUMoBemBGmnVX9rJ120F0JAl
e8OuLbSMAqrxEM9WdomJQNwzyhpk1taqOAsJVJc1uAn7+5MFDf3K4+S/06KN7DiZ
kQ8YLq5fwM4VmBU2dKdUmNgwUKmtyJzcIjWbvhdgeeyLyvp37QdqCr/gZAAqd6vx
hWh9c3QetD/E6Bt9lLxiuxcCrvYOGxrND/63xYoJDHFn0WCBznX0RrFBIwqSmfDI
1CNDRL6ENNWGLHlU7pLwUpIuB4Ae2a+vom3M2XCxIzEI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:31 2025 by rpki-client