Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/sJCbUtqq3SVlgu2i9l06V1mpaX8.roa
File: sJCbUtqq3SVlgu2i9l06V1mpaX8.roa (raw, json)
Hash identifier: ilquhEclUqc6l69DARk00P70BYVwCY9Rb1a9Q4c4m6s=
Subject key identifier: B0:90:9B:52:DA:AA:DD:25:65:82:ED:A2:F6:5D:3A:57:59:A9:69:7F
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 019384D8A41BD30BABFF1C025F9E3BB5515F
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/sJCbUtqq3SVlgu2i9l06V1mpaX8.roa
Signing time: Mon 02 Dec 2024 00:50:10 +0000
ROA not before: Mon 02 Dec 2024 00:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49304
IP address blocks: 178.173.232.0/23 maxlen: 23
178.173.232.0/24 maxlen: 24
178.173.233.0/24 maxlen: 24
178.173.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:d8:a4:1b:d3:0b:ab:ff:1c:02:5f:9e:3b:b5:51:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 2 00:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0909b52daaadd256582eda2f65d3a5759a9697f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b6:2f:4e:c8:e9:67:8d:f9:97:a3:3b:f2:8d:
3e:7e:36:1e:10:81:6a:b0:e7:15:63:9d:25:7e:e0:
b8:06:80:13:e5:7f:f5:5d:3b:f5:80:f8:f0:62:26:
7f:3c:1b:09:6f:1b:39:79:16:b2:fb:5d:e8:bf:aa:
18:b9:6e:c5:3c:93:93:9b:75:1c:22:86:4b:63:31:
a9:e7:25:f5:68:39:75:12:9e:3d:dc:b7:fd:ad:7a:
e6:da:87:db:73:ef:d9:a8:e2:0c:31:2d:ab:e5:3c:
03:f9:de:44:6c:79:35:32:a9:ff:8f:0d:af:c0:a0:
31:91:ba:ff:95:14:c2:3b:ec:8d:af:03:36:ba:5b:
5c:af:0a:8b:1b:73:51:f4:bb:8e:99:5f:c6:ff:64:
4e:0d:c2:8e:a6:eb:b4:a0:e9:df:bb:66:2c:25:2f:
bc:79:dc:b5:c3:47:7c:2b:ae:69:c9:c9:a9:cf:5f:
55:fe:95:93:03:a6:d5:6d:2b:ad:a1:47:e7:1f:ef:
bb:9f:e7:7b:0e:21:0d:6e:0f:0e:28:7b:1c:a4:7e:
5b:6e:7b:e2:e8:9c:df:e4:ba:0e:f8:0c:5a:6f:d8:
e1:cf:a4:b6:4b:30:db:57:c2:15:78:e0:f4:5f:56:
99:01:b3:3a:f5:c3:2c:21:a2:a3:ee:38:18:f4:8e:
12:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:90:9B:52:DA:AA:DD:25:65:82:ED:A2:F6:5D:3A:57:59:A9:69:7F
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/sJCbUtqq3SVlgu2i9l06V1mpaX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.232.0/23
178.173.235.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:6d:ab:19:53:c9:98:82:45:75:31:b3:f4:45:bf:8b:9d:03:
41:5f:e8:48:a6:1d:e7:4c:3f:8a:e6:97:45:36:c8:b0:5e:e6:
25:1c:2b:5d:01:c5:1f:ff:1d:8a:0d:39:60:45:fe:71:47:cb:
2b:c8:4d:88:be:00:e2:1f:94:3a:37:a5:08:d7:49:f9:16:24:
86:69:53:d2:12:be:e2:fc:dd:cb:d3:50:6f:3d:6b:97:24:7e:
9b:bf:44:55:dc:97:58:2a:bf:dd:7c:e5:7c:6c:41:91:79:40:
de:79:ee:eb:87:2d:01:9a:57:17:77:57:9b:65:da:15:64:34:
04:49:de:1e:ff:38:f6:5a:75:5b:69:54:09:27:4d:11:14:f4:
9f:c3:57:50:4f:4a:1c:49:a7:bb:08:94:39:93:4a:7e:8c:7b:
1d:31:ec:13:56:af:3d:52:af:8f:9a:7c:75:0c:7f:26:2d:67:
86:ba:d2:ef:76:f9:8a:88:6e:d5:6c:dc:96:05:cc:e6:4a:c8:
fb:20:ed:1c:b2:a8:17:93:f4:0f:65:06:11:b5:1a:52:d2:15:
ca:f6:2d:13:fb:7d:ad:ff:60:ee:3f:0b:82:28:81:3b:54:4c:
16:78:4a:b4:f3:8e:96:e9:b6:57:db:29:b6:f4:26:71:1d:77:
6c:4d:52:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOE2KQb0wur/xwCX547tVFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMjAyMDA1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDkwOWI1MmRhYWFkZDI1NjU4MmVkYTJmNjVkM2E1NzU5YTk2OTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrYvTsjpZ435l6M78o0+fjYeEIFq
sOcVY50lfuC4BoAT5X/1XTv1gPjwYiZ/PBsJbxs5eRay+13ov6oYuW7FPJOTm3Uc
IoZLYzGp5yX1aDl1Ep493Lf9rXrm2ofbc+/ZqOIMMS2r5TwD+d5EbHk1Mqn/jw2v
wKAxkbr/lRTCO+yNrwM2ultcrwqLG3NR9LuOmV/G/2RODcKOpuu0oOnfu2YsJS+8
edy1w0d8K65pycmpz19V/pWTA6bVbSutoUfnH++7n+d7DiENbg8OKHscpH5bbnvi
6Jzf5LoO+Axab9jhz6S2SzDbV8IVeOD0X1aZAbM69cMsIaKj7jgY9I4SdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLCQm1Laqt0lZYLtovZdOldZqWl/MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvc0pDYlV0cXEzU1ZsZ3UyaTlsMDZWMW1wYVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsq3oAwQA
sq3rMA0GCSqGSIb3DQEBCwUAA4IBAQB6basZU8mYgkV1MbP0Rb+LnQNBX+hIph3n
TD+K5pdFNsiwXuYlHCtdAcUf/x2KDTlgRf5xR8sryE2IvgDiH5Q6N6UI10n5FiSG
aVPSEr7i/N3L01BvPWuXJH6bv0RV3JdYKr/dfOV8bEGReUDeee7rhy0BmlcXd1eb
ZdoVZDQESd4e/zj2WnVbaVQJJ00RFPSfw1dQT0ocSae7CJQ5k0p+jHsdMewTVq89
Uq+Pmnx1DH8mLWeGutLvdvmKiG7VbNyWBczmSsj7IO0csqgXk/QPZQYRtRpS0hXK
9i0T+32t/2DuPwuCKIE7VEwWeEq0846W6bZX2ym29CZxHXdsTVKp
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:52:30 2025 by rpki-client