Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/3ad453-4dff-443a-bf61-881c10c4f704/1/XvIPZdBKTkEdV-IxLerYXYcGVbg.roa
File: XvIPZdBKTkEdV-IxLerYXYcGVbg.roa (raw, json)
Hash identifier: SXXOC/vYkCdMHZ0Gv8kyKy/Lm/rgriQu4+QP19w2bd0=
Subject key identifier: 5E:F2:0F:65:D0:4A:4E:41:1D:57:E2:31:2D:EA:D8:5D:87:06:55:B8
Certificate issuer: /CN=6b76c9314faccda8490110b34e79946dd8ebad3a
Certificate serial: 018CC64B5A0463DC70D1758F1C6D537F03D6
Authority key identifier: 6B:76:C9:31:4F:AC:CD:A8:49:01:10:B3:4E:79:94:6D:D8:EB:AD:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a3bJMU-szahJARCzTnmUbdjrrTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/3ad453-4dff-443a-bf61-881c10c4f704/1/XvIPZdBKTkEdV-IxLerYXYcGVbg.roa
Signing time: Mon 01 Jan 2024 18:31:16 +0000
ROA not before: Mon 01 Jan 2024 18:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50110
IP address blocks: 193.104.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5a:04:63:dc:70:d1:75:8f:1c:6d:53:7f:03:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b76c9314faccda8490110b34e79946dd8ebad3a
Validity
Not Before: Jan 1 18:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ef20f65d04a4e411d57e2312dead85d870655b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5f:89:95:76:1d:a8:12:dc:16:78:13:1e:62:
c1:71:67:34:22:52:d9:a5:05:af:3f:a7:e6:4e:84:
ef:d5:30:40:b3:c1:94:66:fb:a0:63:f9:d1:61:fa:
6c:0e:de:32:cc:9b:b0:02:c1:dc:32:f5:d6:b1:d3:
d5:55:71:02:20:9d:e4:47:3f:c2:9c:e4:f6:1b:fa:
6d:21:19:62:d0:b3:55:64:6c:95:6f:5d:e2:6d:33:
28:07:a1:a2:1e:62:52:1c:5e:f5:77:d1:9c:20:91:
a1:b2:05:30:47:7a:04:26:4c:24:89:8b:20:74:20:
9c:79:31:a1:b0:30:48:ee:20:f2:08:03:35:39:ba:
10:8e:37:2c:82:69:ff:7c:c7:66:5c:2b:28:85:2c:
64:d1:96:27:b8:ee:da:c4:6f:d3:3e:d8:bb:00:f8:
9c:c6:7d:6f:67:f9:8d:6a:bc:25:38:ac:f2:40:ee:
61:02:68:65:cf:a3:21:2d:ce:3c:6a:c6:e9:59:3e:
cb:63:ea:8b:93:6f:bb:a2:6a:11:0b:31:39:c3:11:
1a:7d:15:22:76:14:13:5a:b9:b6:2b:ee:b7:2e:85:
4e:ef:37:eb:34:43:26:ca:8f:9e:7f:85:07:c0:d1:
e5:63:25:95:b9:ac:98:00:3d:5a:bb:5a:20:fa:5e:
77:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F2:0F:65:D0:4A:4E:41:1D:57:E2:31:2D:EA:D8:5D:87:06:55:B8
X509v3 Authority Key Identifier:
keyid:6B:76:C9:31:4F:AC:CD:A8:49:01:10:B3:4E:79:94:6D:D8:EB:AD:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3bJMU-szahJARCzTnmUbdjrrTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3ad453-4dff-443a-bf61-881c10c4f704/1/XvIPZdBKTkEdV-IxLerYXYcGVbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3ad453-4dff-443a-bf61-881c10c4f704/1/a3bJMU-szahJARCzTnmUbdjrrTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.132.0/24
Signature Algorithm: sha256WithRSAEncryption
00:03:64:dd:7c:e8:df:65:a3:b0:dc:fa:95:9d:e5:cf:a7:9a:
03:d3:39:93:cd:28:5a:a7:91:6b:a2:26:11:9f:ba:4e:91:83:
02:62:8c:c3:60:02:03:8f:52:66:62:6b:17:b5:cb:d0:45:3f:
d5:16:60:83:68:fe:6d:34:94:15:7f:67:42:7f:7c:1e:de:45:
3f:90:79:de:4b:4c:12:36:82:4c:db:17:10:f8:ab:06:95:3c:
8a:5f:28:dd:b0:31:39:87:d6:98:d9:59:05:97:22:ca:9a:cc:
e9:da:eb:5b:63:3e:b8:98:6f:d8:ad:eb:21:0c:c4:1c:07:44:
66:82:ef:3d:de:86:a8:d2:0c:96:7a:7a:23:1c:c8:60:5a:fe:
b3:67:e2:42:b0:2d:9d:36:eb:dc:6d:d9:cf:46:39:ba:6b:ee:
86:65:c4:e2:c5:62:fc:e3:21:4f:d3:b9:23:d8:86:07:71:bb:
85:aa:cb:11:3e:b4:0e:bf:ea:20:87:8d:d4:37:c1:9d:c3:1c:
b4:fd:8c:91:a8:ae:ab:08:51:e1:0d:f8:38:7a:c3:1e:b9:51:
35:6d:b9:5b:8b:f9:9f:30:6a:82:c9:f7:c5:59:09:1c:82:be:
e8:ec:d2:93:04:48:d2:ee:36:c0:87:dd:8d:b0:ed:6d:44:ec:
ab:af:7e:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS1oEY9xw0XWPHG1TfwPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNzZjOTMxNGZhY2NkYTg0OTAxMTBiMzRlNzk5NDZkZDhl
YmFkM2EwHhcNMjQwMTAxMTgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWYyMGY2NWQwNGE0ZTQxMWQ1N2UyMzEyZGVhZDg1ZDg3MDY1NWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll+JlXYdqBLcFngTHmLBcWc0IlLZ
pQWvP6fmToTv1TBAs8GUZvugY/nRYfpsDt4yzJuwAsHcMvXWsdPVVXECIJ3kRz/C
nOT2G/ptIRli0LNVZGyVb13ibTMoB6GiHmJSHF71d9GcIJGhsgUwR3oEJkwkiYsg
dCCceTGhsDBI7iDyCAM1OboQjjcsgmn/fMdmXCsohSxk0ZYnuO7axG/TPti7APic
xn1vZ/mNarwlOKzyQO5hAmhlz6MhLc48asbpWT7LY+qLk2+7omoRCzE5wxEafRUi
dhQTWrm2K+63LoVO7zfrNEMmyo+ef4UHwNHlYyWVuayYAD1au1og+l53kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7yD2XQSk5BHVfiMS3q2F2HBlW4MB8GA1UdIwQY
MBaAFGt2yTFPrM2oSQEQs055lG3Y6606MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTNiSk1VLXN6YWhKQVJDelRubVViZGpyclRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8zYWQ0NTMtNGRmZi00NDNhLWJmNjEt
ODgxYzEwYzRmNzA0LzEvWHZJUFpkQktUa0VkVi1JeExlcllYWWNHVmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8zYWQ0NTMtNGRmZi00NDNhLWJmNjEtODgxYzEwYzRmNzA0
LzEvYTNiSk1VLXN6YWhKQVJDelRubVViZGpyclRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWiEMA0G
CSqGSIb3DQEBCwUAA4IBAQAAA2TdfOjfZaOw3PqVneXPp5oD0zmTzShap5FroiYR
n7pOkYMCYozDYAIDj1JmYmsXtcvQRT/VFmCDaP5tNJQVf2dCf3we3kU/kHneS0wS
NoJM2xcQ+KsGlTyKXyjdsDE5h9aY2VkFlyLKmszp2utbYz64mG/YreshDMQcB0Rm
gu893oao0gyWenojHMhgWv6zZ+JCsC2dNuvcbdnPRjm6a+6GZcTixWL84yFP07kj
2IYHcbuFqssRPrQOv+ogh43UN8Gdwxy0/YyRqK6rCFHhDfg4esMeuVE1bblbi/mf
MGqCyffFWQkcgr7o7NKTBEjS7jbAh92NsO1tROyrr34G
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:04:43 2025 by rpki-client