Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/xoGEXiNcW1oEKnAWPwY3432hTOI.roa
File: xoGEXiNcW1oEKnAWPwY3432hTOI.roa (raw, json)
Hash identifier: l12MwLDCDCpMVPqwNjJ2VwPT8WXjVIHdnReN2w7gvtE=
Subject key identifier: C6:81:84:5E:23:5C:5B:5A:04:2A:70:16:3F:06:37:E3:7D:A1:4C:E2
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0194A743CECA4A336C9ABFF481FE1E5B9B15
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/xoGEXiNcW1oEKnAWPwY3432hTOI.roa
Signing time: Mon 27 Jan 2025 10:17:06 +0000
ROA not before: Mon 27 Jan 2025 10:17:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 217.177.0.0/21 maxlen: 24
217.181.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 07:52:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a7:43:ce:ca:4a:33:6c:9a:bf:f4:81:fe:1e:5b:9b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jan 27 10:17:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c681845e235c5b5a042a70163f0637e37da14ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:19:20:59:92:ab:8f:cf:4c:c0:d2:22:b0:51:
d0:96:93:6b:b3:63:82:49:ce:04:01:ae:7f:a3:43:
89:2c:88:73:ca:29:be:92:b9:26:72:9d:c6:f3:5e:
ef:5a:83:3b:e2:4f:4e:68:08:5b:b4:4a:19:d5:28:
fe:26:ad:ad:f7:28:98:ff:95:e6:03:00:be:82:bd:
2d:dc:5a:d0:5c:4e:dd:e6:3b:ce:28:ef:30:c6:86:
07:35:84:88:e0:50:41:f3:70:e7:10:60:cd:9b:25:
aa:6d:ca:fa:67:bb:34:f2:a1:93:18:b8:89:0b:bd:
5b:96:53:4b:8f:9b:d5:f0:fc:79:e4:cc:1b:d4:ce:
65:70:26:36:de:2c:d4:6a:88:cf:09:d2:d6:c1:87:
da:ef:a5:e4:a9:02:15:ad:bb:4e:74:50:5c:fa:29:
4e:f2:62:59:f6:0f:d9:e7:4c:7b:a8:04:e8:40:a2:
cb:7c:0b:8e:de:6b:9b:2d:5d:96:3b:ce:77:84:8c:
c1:2e:58:8d:41:4c:47:5f:50:06:05:7c:c8:f6:aa:
a2:50:b9:cc:10:02:51:32:6e:ce:6c:49:ae:89:4d:
1b:30:03:76:77:4e:6b:e0:58:d7:3f:ae:29:99:a9:
09:16:79:82:68:c1:0b:9a:34:04:ee:13:93:05:d1:
23:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:81:84:5E:23:5C:5B:5A:04:2A:70:16:3F:06:37:E3:7D:A1:4C:E2
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/xoGEXiNcW1oEKnAWPwY3432hTOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.0.0/21
217.181.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:32:f5:b1:dd:a7:d5:80:1e:fc:ac:cc:f4:12:65:6a:30:8d:
0e:52:8d:1a:b9:d4:40:34:ee:7a:90:f3:ad:b0:22:c2:38:b4:
92:ba:7b:60:f3:5b:2e:7c:04:5b:0c:63:8c:40:28:3a:41:2a:
9f:10:4e:1c:bd:d5:c6:fd:b8:66:35:e5:38:f4:9d:43:dd:18:
14:b0:6d:fa:1a:d2:bb:fa:d5:db:8c:6e:17:56:4c:b8:35:e6:
fd:63:f8:bf:46:3d:10:2e:a0:71:b0:a0:58:50:a8:68:33:87:
0e:8d:67:7e:ff:b0:85:62:cc:cc:e0:4a:31:69:49:d8:d7:6a:
2e:84:7f:d7:dc:fe:ec:09:ba:3e:fd:5e:f9:e5:cb:87:3c:c8:
44:c8:5a:54:12:7e:16:9d:3f:ac:ec:24:2b:60:3c:82:49:a8:
6d:e3:09:7f:f7:ee:b5:80:89:db:a3:45:fd:90:52:84:8b:58:
44:f9:1c:e0:c7:12:f3:99:d5:4e:a9:11:f4:6e:d2:62:af:b8:
d1:06:95:f1:76:b7:b4:79:42:27:e8:17:37:de:92:26:3d:64:
41:73:fc:3d:bc:21:06:95:7d:42:24:b8:d7:e3:16:24:c1:a2:
67:7d:d3:4b:05:d3:c1:9c:bc:bd:4b:35:f2:46:64:69:7d:34:
5d:38:b9:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSnQ87KSjNsmr/0gf4eW5sVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMTI3MTAxNzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjgxODQ1ZTIzNWM1YjVhMDQyYTcwMTYzZjA2MzdlMzdkYTE0Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRkgWZKrj89MwNIisFHQlpNrs2OC
Sc4EAa5/o0OJLIhzyim+krkmcp3G817vWoM74k9OaAhbtEoZ1Sj+Jq2t9yiY/5Xm
AwC+gr0t3FrQXE7d5jvOKO8wxoYHNYSI4FBB83DnEGDNmyWqbcr6Z7s08qGTGLiJ
C71bllNLj5vV8Px55Mwb1M5lcCY23izUaojPCdLWwYfa76XkqQIVrbtOdFBc+ilO
8mJZ9g/Z50x7qAToQKLLfAuO3mubLV2WO853hIzBLliNQUxHX1AGBXzI9qqiULnM
EAJRMm7ObEmuiU0bMAN2d05r4FjXP64pmakJFnmCaMELmjQE7hOTBdEjRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMaBhF4jXFtaBCpwFj8GN+N9oUziMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEveG9HRVhpTmNXMW9FS25BV1B3WTM0MzJoVE9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQD2bEAAwQC
2bVAMA0GCSqGSIb3DQEBCwUAA4IBAQBPMvWx3afVgB78rMz0EmVqMI0OUo0audRA
NO56kPOtsCLCOLSSuntg81sufARbDGOMQCg6QSqfEE4cvdXG/bhmNeU49J1D3RgU
sG36GtK7+tXbjG4XVky4Neb9Y/i/Rj0QLqBxsKBYUKhoM4cOjWd+/7CFYszM4Eox
aUnY12ouhH/X3P7sCbo+/V755cuHPMhEyFpUEn4WnT+s7CQrYDyCSaht4wl/9+61
gInbo0X9kFKEi1hE+RzgxxLzmdVOqRH0btJir7jRBpXxdre0eUIn6Bc33pImPWRB
c/w9vCEGlX1CJLjX4xYkwaJnfdNLBdPBnLy9SzXyRmRpfTRdOLmX
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:17:46 2025 by rpki-client