Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/6c5eaf-9c44-4a5a-baa1-325aadd733c3/1/rx62KRY36BrhjcfGfUFZHrf_BDg.roa
File: rx62KRY36BrhjcfGfUFZHrf_BDg.roa (raw, json)
Hash identifier: w2zXupACFoH/86u9FXKtdsdeczBJCsr0o4sCAkol2qM=
Subject key identifier: AF:1E:B6:29:16:37:E8:1A:E1:8D:C7:C6:7D:41:59:1E:B7:FF:04:38
Certificate issuer: /CN=e86b4ed3317c92a34b76c8fad29ae97080f91f3b
Certificate serial: 018CC64B395F932A0D39F60284B33BA67D39
Authority key identifier: E8:6B:4E:D3:31:7C:92:A3:4B:76:C8:FA:D2:9A:E9:70:80:F9:1F:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6GtO0zF8kqNLdsj60prpcID5Hzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/6c5eaf-9c44-4a5a-baa1-325aadd733c3/1/rx62KRY36BrhjcfGfUFZHrf_BDg.roa
Signing time: Mon 01 Jan 2024 18:31:07 +0000
ROA not before: Mon 01 Jan 2024 18:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42510
IP address blocks: 193.106.58.0/23 maxlen: 23
193.106.57.0/24 maxlen: 24
193.106.56.0/22 maxlen: 22
193.106.56.0/24 maxlen: 24
193.106.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:39:5f:93:2a:0d:39:f6:02:84:b3:3b:a6:7d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e86b4ed3317c92a34b76c8fad29ae97080f91f3b
Validity
Not Before: Jan 1 18:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af1eb6291637e81ae18dc7c67d41591eb7ff0438
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:20:c5:df:d5:ea:7f:d8:af:26:f8:38:77:ee:
04:13:38:6c:4f:5c:44:c4:61:03:7a:7e:66:df:57:
8e:a9:02:87:60:e4:d0:70:e0:07:3b:1d:a0:eb:1a:
dd:b5:db:0e:68:5f:32:ae:23:cd:cd:57:91:16:30:
2a:83:b0:16:1d:9e:11:91:40:cf:c6:88:d6:6c:1a:
13:bb:77:e6:f9:15:45:6d:38:f6:5d:a7:39:5d:ce:
64:17:80:a9:42:07:76:e1:2c:f0:5d:e4:ea:be:40:
87:75:04:f1:fa:49:d7:e8:81:e9:45:52:9b:5d:82:
eb:dd:ed:13:b2:4e:09:70:e7:b0:d8:de:0b:fa:40:
0b:a0:64:36:02:dd:9a:81:d2:21:e0:e0:53:51:da:
31:69:c9:cb:44:8a:8b:75:97:fc:ed:77:11:9c:12:
10:0f:31:38:ff:64:c2:66:20:af:69:30:d9:72:a1:
f9:5f:38:35:c4:98:a1:f6:e2:8c:ee:0f:39:48:03:
01:86:b8:74:d3:5e:ab:ab:ca:26:ff:6c:2b:f4:2c:
e0:14:93:74:ad:a9:af:0f:88:a1:2c:60:f8:08:d1:
18:9e:ac:6a:6b:6c:a8:33:77:a9:1c:41:df:4e:15:
80:d7:3e:9f:92:34:2a:6a:42:f9:69:51:28:98:16:
dc:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:1E:B6:29:16:37:E8:1A:E1:8D:C7:C6:7D:41:59:1E:B7:FF:04:38
X509v3 Authority Key Identifier:
keyid:E8:6B:4E:D3:31:7C:92:A3:4B:76:C8:FA:D2:9A:E9:70:80:F9:1F:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6GtO0zF8kqNLdsj60prpcID5Hzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6c5eaf-9c44-4a5a-baa1-325aadd733c3/1/rx62KRY36BrhjcfGfUFZHrf_BDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/6c5eaf-9c44-4a5a-baa1-325aadd733c3/1/6GtO0zF8kqNLdsj60prpcID5Hzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.56.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:e1:48:ab:c4:33:c3:6b:49:45:e4:1e:ac:b2:3e:40:4d:c4:
86:65:7f:93:02:ab:e8:c9:33:cc:74:1a:0c:5a:d1:78:66:78:
7d:a7:c8:a5:24:26:31:55:14:86:e1:70:ed:ce:37:f6:21:7a:
9e:17:44:de:8f:cf:84:20:8e:26:0b:cd:f1:85:02:16:63:95:
ee:2a:bf:a1:0e:37:2b:c7:01:50:a1:cf:83:b0:b0:ce:80:2a:
36:ac:eb:24:58:3f:c7:5d:29:22:b3:62:cd:31:e5:bc:0d:08:
52:21:25:75:8a:b0:e9:f4:cf:24:57:5c:d1:19:7b:7e:a0:33:
bf:13:63:c5:70:59:d4:15:79:bf:6b:46:99:3b:3f:7b:79:71:
ac:7e:bf:06:1d:39:82:fc:69:a9:6c:a5:f8:f6:41:79:f0:d3:
5a:51:46:89:05:cb:67:be:7f:6f:a3:d5:6c:d1:e9:3e:24:11:
05:a1:6a:fb:df:df:32:d4:df:24:05:5f:8c:be:83:12:29:90:
8e:b7:29:ff:68:78:24:ec:0d:3b:6e:a0:47:56:6c:d4:0b:94:
c3:e1:8c:8b:61:8d:70:86:60:90:fc:06:1d:77:8c:28:17:51:
5a:70:df:69:1f:14:99:be:53:b7:7a:c2:5f:22:4c:1b:4b:ce:
04:fc:ff:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSzlfkyoNOfYChLM7pn05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NmI0ZWQzMzE3YzkyYTM0Yjc2YzhmYWQyOWFlOTcwODBm
OTFmM2IwHhcNMjQwMTAxMTgzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjFlYjYyOTE2MzdlODFhZTE4ZGM3YzY3ZDQxNTkxZWI3ZmYwNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSDF39Xqf9ivJvg4d+4EEzhsT1xE
xGEDen5m31eOqQKHYOTQcOAHOx2g6xrdtdsOaF8yriPNzVeRFjAqg7AWHZ4RkUDP
xojWbBoTu3fm+RVFbTj2Xac5Xc5kF4CpQgd24SzwXeTqvkCHdQTx+knX6IHpRVKb
XYLr3e0Tsk4JcOew2N4L+kALoGQ2At2agdIh4OBTUdoxacnLRIqLdZf87XcRnBIQ
DzE4/2TCZiCvaTDZcqH5Xzg1xJih9uKM7g85SAMBhrh0016rq8om/2wr9CzgFJN0
ramvD4ihLGD4CNEYnqxqa2yoM3epHEHfThWA1z6fkjQqakL5aVEomBbcjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8etikWN+ga4Y3Hxn1BWR63/wQ4MB8GA1UdIwQY
MBaAFOhrTtMxfJKjS3bI+tKa6XCA+R87MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkd0TzB6RjhrcU5MZHNqNjBwcnBjSUQ1SHpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy82YzVlYWYtOWM0NC00YTVhLWJhYTEt
MzI1YWFkZDczM2MzLzEvcng2MktSWTM2QnJoamNmR2ZVRlpIcmZfQkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy82YzVlYWYtOWM0NC00YTVhLWJhYTEtMzI1YWFkZDczM2Mz
LzEvNkd0TzB6RjhrcU5MZHNqNjBwcnBjSUQ1SHpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWo4MA0G
CSqGSIb3DQEBCwUAA4IBAQCy4UirxDPDa0lF5B6ssj5ATcSGZX+TAqvoyTPMdBoM
WtF4Znh9p8ilJCYxVRSG4XDtzjf2IXqeF0Tej8+EII4mC83xhQIWY5XuKr+hDjcr
xwFQoc+DsLDOgCo2rOskWD/HXSkis2LNMeW8DQhSISV1irDp9M8kV1zRGXt+oDO/
E2PFcFnUFXm/a0aZOz97eXGsfr8GHTmC/GmpbKX49kF58NNaUUaJBctnvn9vo9Vs
0ek+JBEFoWr7398y1N8kBV+MvoMSKZCOtyn/aHgk7A07bqBHVmzUC5TD4YyLYY1w
hmCQ/AYdd4woF1FacN9pHxSZvlO3esJfIkwbS84E/P/4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:53 2025 by rpki-client