Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/AG7CXwfbBeeyN3sG54ieP_SvJ0k.roa
File: AG7CXwfbBeeyN3sG54ieP_SvJ0k.roa (raw, json)
Hash identifier: N1SjCKH8b/qaTFBWcExacqHVAYXeq/ezra/Q8zDsPCI=
Subject key identifier: 00:6E:C2:5F:07:DB:05:E7:B2:37:7B:06:E7:88:9E:3F:F4:AF:27:49
Certificate issuer: /CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Certificate serial: 018CC94D4CA27921AD4586DEEAAFD6FD425E
Authority key identifier: 0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/AG7CXwfbBeeyN3sG54ieP_SvJ0k.roa
Signing time: Tue 02 Jan 2024 08:32:15 +0000
ROA not before: Tue 02 Jan 2024 08:32:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50247
IP address blocks: 194.1.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:4c:a2:79:21:ad:45:86:de:ea:af:d6:fd:42:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a81fe9059f6820bc18ad5802f2f1fca77d254b7
Validity
Not Before: Jan 2 08:32:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=006ec25f07db05e7b2377b06e7889e3ff4af2749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a7:97:05:3a:a8:7a:db:83:4c:6c:d1:10:5b:
00:5f:0c:f7:b4:6d:d4:76:79:bf:ff:1a:cd:54:bc:
47:a8:5e:04:ee:de:b5:88:6e:59:f6:a2:53:38:2c:
a5:02:72:b4:7a:97:87:e4:89:08:02:92:05:57:45:
a7:6c:cd:a0:69:e2:68:69:81:e6:b6:58:39:7a:0b:
ef:91:38:62:88:58:87:c7:5a:76:a6:18:a1:64:41:
14:1d:94:7c:04:83:33:fb:ea:25:8c:68:19:60:72:
90:4b:09:4c:31:c0:cd:f0:e5:4f:3f:f8:7d:32:15:
1e:4f:f3:58:0c:23:59:8d:4b:f0:f7:02:48:c9:8f:
8b:1e:96:79:a3:48:a4:27:70:a6:0b:f8:07:6e:86:
51:25:ec:8d:8f:e0:a0:1b:63:f7:fb:d4:68:99:df:
74:c3:ca:73:02:f3:d6:3c:f0:45:98:25:32:91:5f:
0b:73:24:6d:e9:ae:88:00:f8:85:48:17:37:31:dc:
6d:4d:8d:5a:39:54:45:0d:dc:81:9d:86:91:e0:48:
25:b0:d2:34:90:df:d6:38:8d:b9:a3:b0:ab:42:8e:
46:56:18:1a:98:34:a2:f7:36:5d:8a:21:3d:3e:c0:
6e:d7:22:7e:28:b2:de:10:59:d2:a7:95:49:fd:52:
73:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:6E:C2:5F:07:DB:05:E7:B2:37:7B:06:E7:88:9E:3F:F4:AF:27:49
X509v3 Authority Key Identifier:
keyid:0A:81:FE:90:59:F6:82:0B:C1:8A:D5:80:2F:2F:1F:CA:77:D2:54:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoH-kFn2ggvBitWALy8fynfSVLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/AG7CXwfbBeeyN3sG54ieP_SvJ0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/4984df-6db2-4e0a-91f8-bf05acc82bd1/1/CoH-kFn2ggvBitWALy8fynfSVLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.252.0/24
Signature Algorithm: sha256WithRSAEncryption
88:2a:30:b6:e0:be:2b:42:e7:98:98:9d:0d:2e:7a:31:54:44:
06:cd:11:0a:98:f7:75:6d:32:2b:af:a4:9c:e7:99:a7:e8:d3:
cc:82:69:77:ee:c5:7d:20:e8:46:8d:fd:cb:ce:f0:4a:ee:e5:
f9:46:13:7a:24:93:4a:11:b8:da:35:a8:77:94:ff:0a:bb:aa:
b8:2f:e4:60:e9:c3:57:01:5a:73:c0:b5:5d:19:3b:e4:ec:6f:
62:00:9f:ca:cc:fc:90:68:3a:f7:0b:32:09:85:36:c9:23:dc:
65:58:14:b1:2c:78:0c:6b:75:61:48:bd:63:7e:f2:47:98:10:
c9:5e:2c:b7:37:cd:e7:24:68:3c:3d:f0:39:e1:c8:a2:fc:8b:
59:e7:56:1f:e7:d9:f3:0b:66:bb:0c:b3:cc:43:a6:d2:3c:5d:
13:2a:df:ff:90:9b:fd:4a:48:04:7a:7b:25:e0:06:f1:0b:fb:
d3:81:9e:be:a0:eb:9f:45:21:28:68:49:1c:16:9e:e5:ce:b9:
f2:31:cd:bd:31:5d:38:de:68:16:dd:b4:2d:a6:20:33:e5:a0:
74:34:a5:32:b7:59:2e:43:8c:f9:10:d7:58:2d:1b:49:8b:54:
da:21:8d:c8:3b:fd:0f:58:d4:71:62:f0:77:ea:c3:dd:72:f2:
13:df:7a:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTUyieSGtRYbe6q/W/UJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODFmZTkwNTlmNjgyMGJjMThhZDU4MDJmMmYxZmNhNzdk
MjU0YjcwHhcNMjQwMTAyMDgzMjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDZlYzI1ZjA3ZGIwNWU3YjIzNzdiMDZlNzg4OWUzZmY0YWYyNzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6eXBTqoetuDTGzREFsAXwz3tG3U
dnm//xrNVLxHqF4E7t61iG5Z9qJTOCylAnK0epeH5IkIApIFV0WnbM2gaeJoaYHm
tlg5egvvkThiiFiHx1p2phihZEEUHZR8BIMz++oljGgZYHKQSwlMMcDN8OVPP/h9
MhUeT/NYDCNZjUvw9wJIyY+LHpZ5o0ikJ3CmC/gHboZRJeyNj+CgG2P3+9Romd90
w8pzAvPWPPBFmCUykV8LcyRt6a6IAPiFSBc3MdxtTY1aOVRFDdyBnYaR4EglsNI0
kN/WOI25o7CrQo5GVhgamDSi9zZdiiE9PsBu1yJ+KLLeEFnSp5VJ/VJzfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABuwl8H2wXnsjd7BueInj/0rydJMB8GA1UdIwQY
MBaAFAqB/pBZ9oILwYrVgC8vH8p30lS3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgt
YmYwNWFjYzgyYmQxLzEvQUc3Q1h3ZmJCZWV5TjNzRzU0aWVQX1N2SjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC80OTg0ZGYtNmRiMi00ZTBhLTkxZjgtYmYwNWFjYzgyYmQx
LzEvQ29ILWtGbjJnZ3ZCaXRXQUx5OGZ5bmZTVkxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgH8MA0G
CSqGSIb3DQEBCwUAA4IBAQCIKjC24L4rQueYmJ0NLnoxVEQGzREKmPd1bTIrr6Sc
55mn6NPMgml37sV9IOhGjf3LzvBK7uX5RhN6JJNKEbjaNah3lP8Ku6q4L+Rg6cNX
AVpzwLVdGTvk7G9iAJ/KzPyQaDr3CzIJhTbJI9xlWBSxLHgMa3VhSL1jfvJHmBDJ
Xiy3N83nJGg8PfA54cii/ItZ51Yf59nzC2a7DLPMQ6bSPF0TKt//kJv9SkgEensl
4AbxC/vTgZ6+oOufRSEoaEkcFp7lzrnyMc29MV043mgW3bQtpiAz5aB0NKUyt1ku
Q4z5ENdYLRtJi1TaIY3IO/0PWNRxYvB36sPdcvIT33ri
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:45:58 2025 by rpki-client