Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/rtxm20hAc_Es5ngnsPqXeCgxlus.roa
File: rtxm20hAc_Es5ngnsPqXeCgxlus.roa (raw, json)
Hash identifier: tUM8GZ8KetvwDcMgpbpXONGPmeCRtnqu7Vhjt971fYs=
Subject key identifier: AE:DC:66:DB:48:40:73:F1:2C:E6:78:27:B0:FA:97:78:28:31:96:EB
Certificate issuer: /CN=6bb95cfc2d187f40530ef083bbd10c88c4956c1d
Certificate serial: 018EC9E0F503C0F4552C1F6EB41EB6F06875
Authority key identifier: 6B:B9:5C:FC:2D:18:7F:40:53:0E:F0:83:BB:D1:0C:88:C4:95:6C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/rtxm20hAc_Es5ngnsPqXeCgxlus.roa
Signing time: Wed 10 Apr 2024 21:19:06 +0000
ROA not before: Wed 10 Apr 2024 21:19:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 188.172.137.0/24 maxlen: 24
188.172.138.0/24 maxlen: 24
2a03:7d40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Apr 2024 21:39:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:e0:f5:03:c0:f4:55:2c:1f:6e:b4:1e:b6:f0:68:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bb95cfc2d187f40530ef083bbd10c88c4956c1d
Validity
Not Before: Apr 10 21:19:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aedc66db484073f12ce67827b0fa9778283196eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5a:a0:25:bb:88:29:d2:03:72:b6:cd:66:18:
2a:f0:26:a4:b3:a7:ec:2f:0e:54:6b:8e:d6:93:ea:
fb:98:c2:dd:97:55:7e:10:c5:04:95:75:db:d2:e7:
55:bd:4c:73:e7:e7:0b:ad:ef:e9:6d:dc:88:26:e7:
6a:96:29:42:57:b4:7a:a4:72:e2:bb:6a:30:5f:e8:
fe:be:3a:93:9f:2d:8c:65:d3:0b:a8:21:5a:b3:94:
36:af:fa:1f:ab:4f:7a:2e:e5:86:9c:04:0b:07:db:
b1:16:9d:2a:6b:16:8f:6d:ad:ec:f3:6d:07:b7:2c:
e9:9e:ea:9c:48:3e:55:c6:10:82:78:1b:c7:7e:22:
23:6a:e5:e3:04:af:81:3a:52:50:42:b2:eb:b8:a3:
15:96:f7:5e:70:84:ab:92:55:28:bc:e7:10:bf:87:
9f:ef:17:7a:f2:c4:39:77:32:56:4d:e1:4c:4d:d5:
dd:22:70:79:02:36:c3:be:dd:c3:5b:7e:0d:90:ac:
a8:0b:9b:ad:26:e7:74:e4:c9:72:ec:29:07:75:79:
f0:33:42:34:b2:af:88:92:7c:67:b3:c3:b0:96:3f:
2f:58:b9:bb:c3:c1:3c:cd:d0:2d:3e:e2:dd:e1:4e:
21:36:da:2e:f2:cb:38:84:f4:f8:9d:12:61:5e:e5:
49:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:DC:66:DB:48:40:73:F1:2C:E6:78:27:B0:FA:97:78:28:31:96:EB
X509v3 Authority Key Identifier:
keyid:6B:B9:5C:FC:2D:18:7F:40:53:0E:F0:83:BB:D1:0C:88:C4:95:6C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/rtxm20hAc_Es5ngnsPqXeCgxlus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/547a7f-4baf-4b7e-afb8-466013435079/1/a7lc_C0Yf0BTDvCDu9EMiMSVbB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.172.137.0-188.172.138.255
IPv6:
2a03:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
0a:9e:1b:80:ca:ba:0b:81:c5:e0:11:1b:55:21:b0:43:89:7d:
3c:e3:a5:dd:23:6c:9b:e9:47:6c:76:88:66:1d:6a:cc:5d:57:
40:34:6c:c8:ea:41:49:c2:da:ac:3a:0c:b7:bd:29:8a:15:2c:
4b:91:39:bd:61:3e:d5:22:48:9d:0c:2e:9a:ff:1c:d8:12:c8:
e5:a0:f3:5d:2b:77:cd:31:c1:0a:e3:4c:ef:50:01:83:cb:3e:
0b:24:c7:94:ac:23:60:7c:fd:76:f4:0e:cd:07:27:7e:30:90:
22:2b:8c:0c:f2:30:9d:cf:fa:5d:19:81:3a:5e:c7:33:b9:19:
35:ca:0a:d3:f1:8d:34:f0:97:48:73:b2:0b:06:a6:31:b1:45:
84:f4:3c:cd:7e:48:a7:be:b7:35:c3:80:93:4b:a3:4e:66:81:
51:87:b3:43:91:a9:6e:b0:52:d4:2d:93:43:74:a2:fe:7b:f7:
d8:aa:32:e7:6c:79:4f:3f:99:d0:d9:4b:da:e9:35:f4:53:2d:
7e:f6:44:f9:a2:57:fc:7c:16:b4:0f:29:74:2e:96:68:48:90:
e7:ec:bd:fc:cb:27:dd:4d:33:57:7a:eb:b5:f1:2f:bc:4b:85:
9c:b7:9a:f1:2c:ea:29:90:bc:a4:20:b5:73:69:ba:87:2b:3c:
7d:d3:29:02
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY7J4PUDwPRVLB9utB628Gh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYjk1Y2ZjMmQxODdmNDA1MzBlZjA4M2JiZDEwYzg4YzQ5
NTZjMWQwHhcNMjQwNDEwMjExOTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWRjNjZkYjQ4NDA3M2YxMmNlNjc4MjdiMGZhOTc3ODI4MzE5NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVqgJbuIKdIDcrbNZhgq8Caks6fs
Lw5Ua47Wk+r7mMLdl1V+EMUElXXb0udVvUxz5+cLre/pbdyIJudqlilCV7R6pHLi
u2owX+j+vjqTny2MZdMLqCFas5Q2r/ofq096LuWGnAQLB9uxFp0qaxaPba3s820H
tyzpnuqcSD5VxhCCeBvHfiIjauXjBK+BOlJQQrLruKMVlvdecISrklUovOcQv4ef
7xd68sQ5dzJWTeFMTdXdInB5AjbDvt3DW34NkKyoC5utJud05Mly7CkHdXnwM0I0
sq+Iknxns8Owlj8vWLm7w8E8zdAtPuLd4U4hNtou8ss4hPT4nRJhXuVJwwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK7cZttIQHPxLOZ4J7D6l3goMZbrMB8GA1UdIwQY
MBaAFGu5XPwtGH9AUw7wg7vRDIjElWwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTdsY19DMFlmMEJURHZDRHU5RU1pTVNWYkIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81NDdhN2YtNGJhZi00YjdlLWFmYjgt
NDY2MDEzNDM1MDc5LzEvcnR4bTIwaEFjX0VzNW5nbnNQcVhlQ2d4bHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81NDdhN2YtNGJhZi00YjdlLWFmYjgtNDY2MDEzNDM1MDc5
LzEvYTdsY19DMFlmMEJURHZDRHU5RU1pTVNWYkIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC8rIkD
BAC8rIowDQQCAAIwBwMFACoDfUAwDQYJKoZIhvcNAQELBQADggEBAAqeG4DKuguB
xeARG1UhsEOJfTzjpd0jbJvpR2x2iGYdasxdV0A0bMjqQUnC2qw6DLe9KYoVLEuR
Ob1hPtUiSJ0MLpr/HNgSyOWg810rd80xwQrjTO9QAYPLPgskx5SsI2B8/Xb0Ds0H
J34wkCIrjAzyMJ3P+l0ZgTpexzO5GTXKCtPxjTTwl0hzsgsGpjGxRYT0PM1+SKe+
tzXDgJNLo05mgVGHs0ORqW6wUtQtk0N0ov5799iqMudseU8/mdDZS9rpNfRTLX72
RPmiV/x8FrQPKXQulmhIkOfsvfzLJ91NM1d667XxL7xLhZy3mvEs6imQvKQgtXNp
uocrPH3TKQI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:08:17 2025 by rpki-client