Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Xk9h07ZRibNpEhkT1JrEGVquK_Q.roa
File: Xk9h07ZRibNpEhkT1JrEGVquK_Q.roa (raw, json)
Hash identifier: SARlN+R7nFJWLulNg5XQlAp18gu4pb3rAtH+d+MmR+g=
Subject key identifier: 5E:4F:61:D3:B6:51:89:B3:69:12:19:13:D4:9A:C4:19:5A:AE:2B:F4
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC795479C26C6BE0CC282627C73787231
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Xk9h07ZRibNpEhkT1JrEGVquK_Q.roa
Signing time: Tue 02 Jan 2024 00:31:38 +0000
ROA not before: Tue 02 Jan 2024 00:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35397
IP address blocks: 86.107.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:47:9c:26:c6:be:0c:c2:82:62:7c:73:78:72:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e4f61d3b65189b369121913d49ac4195aae2bf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9d:7c:75:00:87:58:da:7a:02:c3:69:4c:a5:
3b:51:83:80:7c:f8:bf:11:7e:48:18:ca:7c:48:f8:
35:40:aa:32:09:80:8f:a9:ff:91:22:69:1b:e5:1b:
8b:90:43:25:de:54:49:04:d1:03:67:4d:e5:38:5a:
9c:c6:45:1b:5c:ce:26:fc:7b:b2:a6:2c:7d:84:e1:
a9:04:4c:8b:ae:86:53:c2:88:76:ef:0f:d4:62:fe:
c9:5f:9a:3a:f0:d1:bc:7d:7d:b3:3f:43:51:1e:9c:
cf:dc:c5:0d:23:43:a1:87:06:52:8e:2a:81:dd:69:
06:0c:85:be:e8:38:28:a0:27:31:b2:2b:a9:1a:28:
22:e4:83:4c:71:a3:36:53:11:0f:27:47:20:5c:cd:
48:5a:c8:a7:1a:11:78:d2:62:d6:19:40:c3:23:ac:
cf:3f:a7:3d:9a:f6:8e:15:86:c8:42:81:cc:ed:59:
f3:21:4d:c8:3c:20:5b:77:ab:64:49:d3:f7:43:5a:
46:de:5f:74:f1:cc:65:58:47:65:99:ea:47:36:09:
18:03:2f:25:2a:a0:0a:e4:19:a9:9e:bc:f1:1d:9f:
51:5f:74:6d:15:38:9d:8e:08:49:ee:2d:a6:fd:e2:
ee:2a:a8:38:03:dc:33:ba:e9:c7:69:42:5f:42:e0:
b7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4F:61:D3:B6:51:89:B3:69:12:19:13:D4:9A:C4:19:5A:AE:2B:F4
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/Xk9h07ZRibNpEhkT1JrEGVquK_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.240.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:7e:07:16:02:f8:77:b6:9a:17:83:78:89:b5:22:be:5c:c6:
a6:79:42:17:fe:9b:20:e7:4e:ee:af:ef:a3:9b:e0:55:90:a1:
b2:6c:14:a4:91:62:81:a4:56:07:f9:29:2a:2a:46:20:b8:f6:
7a:bc:65:eb:25:1b:38:0b:8a:f2:d7:e8:d2:a2:85:bb:b7:68:
8f:98:f2:58:1d:37:41:ee:03:68:71:1e:aa:93:37:0d:02:2a:
da:ed:22:4c:c5:0c:c2:39:2a:96:f0:9d:de:54:9f:ff:0d:2c:
d8:99:2d:b7:91:a1:f5:af:fb:75:a6:61:f4:d4:81:72:ec:24:
8d:04:05:c1:55:e5:96:4f:b5:18:7e:bc:86:ed:f8:1f:8a:80:
5f:ac:c7:6c:af:99:a7:5f:b5:72:5d:ef:f1:94:71:78:da:dd:
67:8a:a5:5c:ca:0a:ce:c1:08:aa:cd:76:a4:d3:2e:22:cd:7f:
dc:7e:b3:1a:49:af:47:7a:3e:9d:da:47:47:ec:23:f8:ec:37:
b5:c4:c1:33:bc:a7:ce:63:db:87:2d:f5:8a:e4:ac:e6:9c:12:
d9:23:56:cf:74:9d:63:de:de:b2:6a:55:36:ff:ee:48:52:0f:
a8:72:c1:89:46:bc:e8:f1:99:4e:73:85:fb:c3:98:95:c0:53:
20:7b:29:8e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlUecJsa+DMKCYnxzeHIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRmNjFkM2I2NTE4OWIzNjkxMjE5MTNkNDlhYzQxOTVhYWUyYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ18dQCHWNp6AsNpTKU7UYOAfPi/
EX5IGMp8SPg1QKoyCYCPqf+RImkb5RuLkEMl3lRJBNEDZ03lOFqcxkUbXM4m/Huy
pix9hOGpBEyLroZTwoh27w/UYv7JX5o68NG8fX2zP0NRHpzP3MUNI0OhhwZSjiqB
3WkGDIW+6DgooCcxsiupGigi5INMcaM2UxEPJ0cgXM1IWsinGhF40mLWGUDDI6zP
P6c9mvaOFYbIQoHM7VnzIU3IPCBbd6tkSdP3Q1pG3l908cxlWEdlmepHNgkYAy8l
KqAK5BmpnrzxHZ9RX3RtFTidjghJ7i2m/eLuKqg4A9wzuunHaUJfQuC3pQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF5PYdO2UYmzaRIZE9SaxBlariv0MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1hrOWgwN1pSaWJOcEVoa1QxSnJFR1ZxdUtfUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWa/Aw
DQYJKoZIhvcNAQELBQADggEBAAt+BxYC+He2mheDeIm1Ir5cxqZ5Qhf+myDnTu6v
76Ob4FWQobJsFKSRYoGkVgf5KSoqRiC49nq8ZeslGzgLivLX6NKihbu3aI+Y8lgd
N0HuA2hxHqqTNw0CKtrtIkzFDMI5Kpbwnd5Un/8NLNiZLbeRofWv+3WmYfTUgXLs
JI0EBcFV5ZZPtRh+vIbt+B+KgF+sx2yvmadftXJd7/GUcXja3WeKpVzKCs7BCKrN
dqTTLiLNf9x+sxpJr0d6Pp3aR0fsI/jsN7XEwTO8p85j24ct9YrkrOacEtkjVs90
nWPe3rJqVTb/7khSD6hywYlGvOjxmU5zhfvDmJXAUyB7KY4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:32 2025 by rpki-client