Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/Xmgi0hz7aycfcGuos9MtaZD2fAY.roa
File: Xmgi0hz7aycfcGuos9MtaZD2fAY.roa (raw, json)
Hash identifier: 27AhZBXGL8/6D8A40WWc2GxpkIxeIL5C851gF1GkfOQ=
Subject key identifier: 5E:68:22:D2:1C:FB:6B:27:1F:70:6B:A8:B3:D3:2D:69:90:F6:7C:06
Certificate issuer: /CN=26425863c309f2655b884c1600394c4338e7fb41
Certificate serial: 019426D9F73B337C8E34235B01A173F10F79
Authority key identifier: 26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/Xmgi0hz7aycfcGuos9MtaZD2fAY.roa
Signing time: Thu 02 Jan 2025 11:50:06 +0000
ROA not before: Thu 02 Jan 2025 11:50:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50300
IP address blocks: 195.60.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 13:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:f7:3b:33:7c:8e:34:23:5b:01:a1:73:f1:0f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26425863c309f2655b884c1600394c4338e7fb41
Validity
Not Before: Jan 2 11:50:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e6822d21cfb6b271f706ba8b3d32d6990f67c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2f:aa:a3:ec:60:50:43:3f:15:01:4f:31:17:
1f:e9:3b:38:af:bc:00:08:b5:04:b7:7c:d5:35:f0:
a1:67:31:9c:89:d7:e4:b0:4d:8e:3e:0f:59:de:b0:
8a:cc:5b:b8:c7:5f:48:24:89:ce:0a:2c:16:0d:b1:
e7:a0:61:23:a2:bb:f8:6c:a4:5c:7c:87:68:4d:58:
6b:9c:52:c6:ae:63:58:ed:b7:7c:4a:c4:46:12:25:
55:94:c9:24:cf:9c:5f:8b:ce:8d:06:51:6e:b3:7f:
de:0c:09:7d:1c:9f:a5:72:da:dc:0f:e1:3a:d0:34:
b4:95:e7:12:d5:30:d0:d3:54:ba:32:f0:92:e5:26:
c7:1b:f0:39:8a:a1:56:69:2b:82:49:fb:a9:d5:23:
be:1a:d0:de:b1:24:3c:4c:d3:3f:db:fc:fb:c7:9c:
24:b6:54:4b:0d:3c:02:a5:fc:75:8a:0b:69:e0:99:
ba:27:55:d9:5c:8e:97:ea:17:10:eb:30:bd:44:30:
3e:32:69:47:27:57:3b:52:0f:be:e3:54:e0:c2:0e:
06:fb:b4:fb:55:4d:cc:d1:98:70:ac:b6:51:ca:1f:
35:bc:d7:5d:1a:bb:c6:8d:f9:4d:e1:d0:a2:02:9a:
7a:cd:58:b6:ba:96:ab:37:1a:79:21:9c:32:9f:29:
60:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:68:22:D2:1C:FB:6B:27:1F:70:6B:A8:B3:D3:2D:69:90:F6:7C:06
X509v3 Authority Key Identifier:
keyid:26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/Xmgi0hz7aycfcGuos9MtaZD2fAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/JkJYY8MJ8mVbiEwWADlMQzjn-0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.173.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:c0:94:48:44:9a:67:e4:84:d9:4e:97:7c:b1:d7:33:7d:cf:
43:3f:ab:15:b5:bc:89:8d:aa:46:8a:c4:70:8b:ee:9f:be:ce:
09:d1:62:78:d1:f2:01:1f:f6:73:e0:36:83:27:86:99:65:25:
0f:e7:66:8b:d5:84:e5:1d:07:86:fa:99:de:95:4b:82:29:f2:
f2:6b:9c:cb:5b:3a:52:dc:1d:05:02:52:ef:c0:2c:b8:68:8c:
1d:b4:e0:96:a2:5d:2a:36:c2:33:6d:de:28:92:30:6e:56:f4:
6c:1b:d1:da:25:9a:0f:af:af:9f:2d:d0:1c:78:be:67:78:26:
d2:ac:e9:cc:95:23:28:e6:57:44:6f:03:7c:bb:2c:14:db:1f:
50:73:aa:46:f0:75:8d:97:2b:ae:47:0f:03:f5:69:54:b4:92:
45:7b:75:2e:13:41:63:56:57:18:e2:86:db:46:1d:4f:77:86:
d7:2b:d4:2b:f0:db:a9:42:d3:62:65:1c:78:43:63:17:5b:cd:
3b:b9:bc:73:22:18:8c:ca:08:05:43:4e:4b:2a:35:ee:e6:ca:
d9:8c:9b:c9:99:f7:ef:99:e5:cf:1d:96:a4:ab:42:ef:4f:af:
dc:1d:7a:31:3c:b1:13:5a:29:0a:72:20:b7:4c:89:41:f8:43:
05:88:2f:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2fc7M3yONCNbAaFz8Q95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDI1ODYzYzMwOWYyNjU1Yjg4NGMxNjAwMzk0YzQzMzhl
N2ZiNDEwHhcNMjUwMTAyMTE1MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY4MjJkMjFjZmI2YjI3MWY3MDZiYThiM2QzMmQ2OTkwZjY3YzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti+qo+xgUEM/FQFPMRcf6Ts4r7wA
CLUEt3zVNfChZzGcidfksE2OPg9Z3rCKzFu4x19IJInOCiwWDbHnoGEjorv4bKRc
fIdoTVhrnFLGrmNY7bd8SsRGEiVVlMkkz5xfi86NBlFus3/eDAl9HJ+lctrcD+E6
0DS0lecS1TDQ01S6MvCS5SbHG/A5iqFWaSuCSfup1SO+GtDesSQ8TNM/2/z7x5wk
tlRLDTwCpfx1igtp4Jm6J1XZXI6X6hcQ6zC9RDA+MmlHJ1c7Ug++41Tgwg4G+7T7
VU3M0ZhwrLZRyh81vNddGrvGjflN4dCiApp6zVi2uparNxp5IZwynylgswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5oItIc+2snH3BrqLPTLWmQ9nwGMB8GA1UdIwQY
MBaAFCZCWGPDCfJlW4hMFgA5TEM45/tBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMt
YzE0ZjZiYTI1Y2IwLzEvWG1naTBoejdheWNmY0d1b3M5TXRhWkQyZkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMtYzE0ZjZiYTI1Y2Iw
LzEvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzytMA0G
CSqGSIb3DQEBCwUAA4IBAQCbwJRIRJpn5ITZTpd8sdczfc9DP6sVtbyJjapGisRw
i+6fvs4J0WJ40fIBH/Zz4DaDJ4aZZSUP52aL1YTlHQeG+pnelUuCKfLya5zLWzpS
3B0FAlLvwCy4aIwdtOCWol0qNsIzbd4okjBuVvRsG9HaJZoPr6+fLdAceL5neCbS
rOnMlSMo5ldEbwN8uywU2x9Qc6pG8HWNlyuuRw8D9WlUtJJFe3UuE0FjVlcY4obb
Rh1Pd4bXK9Qr8NupQtNiZRx4Q2MXW807ubxzIhiMyggFQ05LKjXu5srZjJvJmffv
meXPHZakq0LvT6/cHXoxPLETWikKciC3TIlB+EMFiC9e
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:43:29 2025 by rpki-client