Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/8efa45-92a8-4513-9f9a-ad2b61380be1/1/7EyoikE9ylHBWMZpX-XbIpNN840.roa
File: 7EyoikE9ylHBWMZpX-XbIpNN840.roa (raw, json)
Hash identifier: dqo/zGTgitZsdN0bFk61HgJmrTONjJIlxwbk+8kaKK0=
Subject key identifier: EC:4C:A8:8A:41:3D:CA:51:C1:58:C6:69:5F:E5:DB:22:93:4D:F3:8D
Certificate issuer: /CN=54ace15e45efb5a0060c065e274ea8e3afb025eb
Certificate serial: 018CC8DED615122FAFA487ED57E200290435
Authority key identifier: 54:AC:E1:5E:45:EF:B5:A0:06:0C:06:5E:27:4E:A8:E3:AF:B0:25:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VKzhXkXvtaAGDAZeJ06o46-wJes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/8efa45-92a8-4513-9f9a-ad2b61380be1/1/7EyoikE9ylHBWMZpX-XbIpNN840.roa
Signing time: Tue 02 Jan 2024 06:31:36 +0000
ROA not before: Tue 02 Jan 2024 06:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12625
IP address blocks: 193.29.64.0/19 maxlen: 24
2a00:7440::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:d6:15:12:2f:af:a4:87:ed:57:e2:00:29:04:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54ace15e45efb5a0060c065e274ea8e3afb025eb
Validity
Not Before: Jan 2 06:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec4ca88a413dca51c158c6695fe5db22934df38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e4:11:5c:45:96:2a:ef:76:13:fd:27:c3:e1:
5c:40:31:f9:29:7a:95:c8:1b:07:7a:75:c6:a8:5d:
d7:71:42:51:52:6a:0d:a8:1f:81:b0:f6:45:cb:86:
33:ff:bb:09:12:b7:7b:c1:fd:dc:a9:49:c9:ac:7d:
e8:eb:35:c4:8f:21:4f:d3:26:4e:36:81:ff:56:d4:
45:ce:03:be:fd:d0:27:9c:1c:67:e3:25:30:9f:0b:
1f:f4:6e:e2:57:02:f7:29:27:16:2c:5b:3d:22:aa:
ce:a0:dd:80:62:76:20:75:d6:bc:76:83:6d:ac:8b:
11:59:e6:49:f6:a2:2f:fb:42:07:b8:f9:16:95:6c:
3f:f5:61:be:d6:cc:29:6f:df:2f:35:88:94:4c:1d:
12:59:3a:2d:84:94:9a:c1:c4:23:74:98:fe:a9:3b:
8c:76:92:c9:0f:94:97:cf:3b:31:b4:f6:43:a1:55:
a5:f6:d8:fd:36:fb:4c:b9:fc:9e:3e:6c:c7:22:a6:
3c:21:62:c9:76:b2:06:c5:44:f1:69:20:68:6c:88:
51:4b:c6:9c:af:b8:e3:58:0e:3e:e8:68:fb:e1:5e:
51:9c:7e:2e:19:e3:40:29:e3:9a:98:41:62:38:f6:
00:b6:12:0d:5c:e3:79:7a:df:c0:0d:7d:97:17:07:
95:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4C:A8:8A:41:3D:CA:51:C1:58:C6:69:5F:E5:DB:22:93:4D:F3:8D
X509v3 Authority Key Identifier:
keyid:54:AC:E1:5E:45:EF:B5:A0:06:0C:06:5E:27:4E:A8:E3:AF:B0:25:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VKzhXkXvtaAGDAZeJ06o46-wJes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/8efa45-92a8-4513-9f9a-ad2b61380be1/1/7EyoikE9ylHBWMZpX-XbIpNN840.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/8efa45-92a8-4513-9f9a-ad2b61380be1/1/VKzhXkXvtaAGDAZeJ06o46-wJes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.64.0/19
IPv6:
2a00:7440::/32
Signature Algorithm: sha256WithRSAEncryption
01:ab:f4:f2:be:1b:28:86:c7:ca:30:6e:19:12:36:44:8f:33:
63:46:b0:c1:90:62:74:f6:cc:9d:40:ea:a7:d0:7e:4b:73:f4:
dc:72:0f:f2:c5:12:f0:2f:43:be:56:5f:c0:aa:9a:0b:0a:95:
5b:91:da:62:77:71:46:8f:1b:3f:ad:c6:71:7d:42:f6:9d:7c:
72:b1:3d:31:c0:cd:9a:da:dc:70:ec:75:e6:f5:fd:df:ae:88:
24:99:a0:0a:73:dc:1f:a6:8e:07:af:05:bd:44:55:96:85:ef:
c0:10:b3:b5:f7:17:a3:23:85:31:5d:0c:fd:1c:74:6d:4b:ab:
9a:4b:b4:0c:1d:c3:d9:2f:fa:f8:83:5d:98:54:24:f7:b5:21:
5a:f4:57:73:07:26:95:60:df:6c:f9:1a:27:1d:ea:1a:e5:80:
b2:db:aa:fc:65:a8:3b:32:70:2b:e0:16:65:00:47:e6:06:5f:
10:1d:e8:fc:ee:6c:1d:ef:d7:ba:2f:1b:43:75:b3:98:b9:d9:
a3:fc:68:f1:48:1b:09:39:ff:87:1e:e5:f4:22:03:2f:6f:60:
83:84:a4:32:65:5a:47:01:de:87:67:7e:5d:24:98:79:0a:84:
66:e0:66:0e:1e:fc:e8:8b:18:32:be:81:ce:90:e0:51:1e:c6:
fd:cb:69:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3tYVEi+vpIftV+IAKQQ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YWNlMTVlNDVlZmI1YTAwNjBjMDY1ZTI3NGVhOGUzYWZi
MDI1ZWIwHhcNMjQwMTAyMDYzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzRjYTg4YTQxM2RjYTUxYzE1OGM2Njk1ZmU1ZGIyMjkzNGRmMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+QRXEWWKu92E/0nw+FcQDH5KXqV
yBsHenXGqF3XcUJRUmoNqB+BsPZFy4Yz/7sJErd7wf3cqUnJrH3o6zXEjyFP0yZO
NoH/VtRFzgO+/dAnnBxn4yUwnwsf9G7iVwL3KScWLFs9IqrOoN2AYnYgdda8doNt
rIsRWeZJ9qIv+0IHuPkWlWw/9WG+1swpb98vNYiUTB0SWTothJSawcQjdJj+qTuM
dpLJD5SXzzsxtPZDoVWl9tj9NvtMufyePmzHIqY8IWLJdrIGxUTxaSBobIhRS8ac
r7jjWA4+6Gj74V5RnH4uGeNAKeOamEFiOPYAthINXON5et/ADX2XFweVfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOxMqIpBPcpRwVjGaV/l2yKTTfONMB8GA1UdIwQY
MBaAFFSs4V5F77WgBgwGXidOqOOvsCXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkt6aFhrWHZ0YUFHREFaZUowNm80Ni13SmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny84ZWZhNDUtOTJhOC00NTEzLTlmOWEt
YWQyYjYxMzgwYmUxLzEvN0V5b2lrRTl5bEhCV01acFgtWGJJcE5OODQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny84ZWZhNDUtOTJhOC00NTEzLTlmOWEtYWQyYjYxMzgwYmUx
LzEvVkt6aFhrWHZ0YUFHREFaZUowNm80Ni13SmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwR1AMA0E
AgACMAcDBQAqAHRAMA0GCSqGSIb3DQEBCwUAA4IBAQABq/TyvhsohsfKMG4ZEjZE
jzNjRrDBkGJ09sydQOqn0H5Lc/Tccg/yxRLwL0O+Vl/AqpoLCpVbkdpid3FGjxs/
rcZxfUL2nXxysT0xwM2a2txw7HXm9f3frogkmaAKc9wfpo4HrwW9RFWWhe/AELO1
9xejI4UxXQz9HHRtS6uaS7QMHcPZL/r4g12YVCT3tSFa9FdzByaVYN9s+RonHeoa
5YCy26r8Zag7MnAr4BZlAEfmBl8QHej87mwd79e6LxtDdbOYudmj/GjxSBsJOf+H
HuX0IgMvb2CDhKQyZVpHAd6HZ35dJJh5CoRm4GYOHvzoixgyvoHOkOBRHsb9y2mM
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:01:21 2025 by rpki-client