Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/E7xku3mxea4E7tDiPaH8IhNND4U.roa
File: E7xku3mxea4E7tDiPaH8IhNND4U.roa (raw, json)
Hash identifier: fCt795Ad8rD79d8StSBgkACtHH3FxJ0eL/mqLg3Ov2Y=
Subject key identifier: 13:BC:64:BB:79:B1:79:AE:04:EE:D0:E2:3D:A1:FC:22:13:4D:0F:85
Certificate issuer: /CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Certificate serial: 018CC8DEBB05D5C0CE2E0EF21EF7F32191BB
Authority key identifier: D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/E7xku3mxea4E7tDiPaH8IhNND4U.roa
Signing time: Tue 02 Jan 2024 06:31:29 +0000
ROA not before: Tue 02 Jan 2024 06:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5608
IP address blocks: 193.16.32.0/22 maxlen: 22
2a00:9b40:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:bb:05:d5:c0:ce:2e:0e:f2:1e:f7:f3:21:91:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a56e2d63ac5da9bed35da01cbfad225f04beb0
Validity
Not Before: Jan 2 06:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13bc64bb79b179ae04eed0e23da1fc22134d0f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:fc:5d:f5:40:07:ec:f3:d3:4a:12:3d:5a:
fb:b7:a3:5a:c3:e3:28:a7:fe:aa:5b:c6:35:67:b7:
bf:cc:8a:0a:f5:36:fe:85:9f:6c:f3:52:24:ca:c2:
38:d6:b4:a0:d1:23:58:af:a3:b3:e7:ce:7e:3b:0f:
e2:8c:1e:6b:cc:60:0a:61:03:d3:9a:7c:61:c4:16:
5c:a2:c2:8c:55:4b:ec:3c:fc:90:b6:fb:c8:9c:17:
97:05:d8:00:ad:95:ca:4f:27:a6:9c:ff:fb:c3:ce:
68:e4:c2:5c:40:04:a8:b0:b9:be:30:dc:84:83:04:
c8:1b:7f:b2:1c:4a:a6:cc:a9:8e:97:ea:df:3f:61:
02:81:17:99:db:c3:ab:8f:e6:fd:d1:68:7d:65:0f:
db:21:36:0f:78:3a:22:af:54:ac:86:4c:d2:0f:b1:
61:70:46:d4:9a:49:34:5a:4b:d4:5f:63:dd:8c:bb:
35:a7:8b:99:02:c1:6d:07:1b:dc:92:06:92:72:12:
25:68:a6:44:27:09:36:cc:62:79:7f:76:b5:64:da:
4e:e7:c8:c0:91:bd:23:ee:4d:20:d3:6a:21:64:af:
95:6b:55:28:27:31:c1:51:d5:e5:32:1c:06:88:e6:
67:c8:25:9f:ac:40:ba:39:a9:47:f0:8f:f0:f7:d1:
ea:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:BC:64:BB:79:B1:79:AE:04:EE:D0:E2:3D:A1:FC:22:13:4D:0F:85
X509v3 Authority Key Identifier:
keyid:D8:A5:6E:2D:63:AC:5D:A9:BE:D3:5D:A0:1C:BF:AD:22:5F:04:BE:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KVuLWOsXam-012gHL-tIl8EvrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/E7xku3mxea4E7tDiPaH8IhNND4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/74177c-5e3b-4836-8867-e8d47bba25bf/1/2KVuLWOsXam-012gHL-tIl8EvrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.32.0/22
IPv6:
2a00:9b40:200::/40
Signature Algorithm: sha256WithRSAEncryption
89:e1:e3:d5:cd:c3:58:af:e7:08:9e:ba:f0:c4:b4:49:9a:18:
cf:32:00:bf:c8:cc:8d:af:6e:c9:2c:4f:70:4a:00:80:ef:52:
ce:2c:69:0f:57:cc:4f:bb:4a:9e:9d:c5:66:54:21:af:8c:e2:
66:a4:95:b9:d0:9e:e9:e9:54:49:7f:cb:65:12:41:d9:58:27:
61:cc:f4:69:dc:08:89:8f:af:33:60:5d:0c:2a:bf:92:bc:d5:
93:1d:17:3b:d4:b7:ea:6a:13:62:72:9f:3b:bf:18:ff:8d:24:
86:fa:37:a7:5a:aa:4e:83:76:b2:be:f9:06:97:80:27:80:26:
8a:fa:5f:47:42:43:6b:2e:6a:64:be:b0:18:14:64:38:7f:7b:
bf:49:d3:d8:aa:77:08:ae:ba:28:bc:a9:04:c9:01:22:f9:9f:
14:92:23:3a:4a:2e:3b:ae:86:d8:c0:61:88:d2:a0:d9:0c:0b:
e0:72:2d:b4:7e:92:a1:5b:5a:72:77:c7:60:12:70:ef:0c:30:
7c:c7:55:43:b0:7e:06:3c:ca:a9:c1:98:0a:2c:ca:81:11:d0:
1f:11:15:97:14:83:5f:7a:b7:55:f3:87:d2:24:4e:17:99:a7:
ef:0f:96:d6:f3:8d:10:c0:60:d1:fe:70:c1:0d:61:e1:b0:52:
63:1e:1d:e1
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzI3rsF1cDOLg7yHvfzIZG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTU2ZTJkNjNhYzVkYTliZWQzNWRhMDFjYmZhZDIyNWYw
NGJlYjAwHhcNMjQwMTAyMDYzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2JjNjRiYjc5YjE3OWFlMDRlZWQwZTIzZGExZmMyMjEzNGQwZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFv8XfVAB+zz00oSPVr7t6Naw+Mo
p/6qW8Y1Z7e/zIoK9Tb+hZ9s81IkysI41rSg0SNYr6Oz585+Ow/ijB5rzGAKYQPT
mnxhxBZcosKMVUvsPPyQtvvInBeXBdgArZXKTyemnP/7w85o5MJcQASosLm+MNyE
gwTIG3+yHEqmzKmOl+rfP2ECgReZ28Orj+b90Wh9ZQ/bITYPeDoir1SshkzSD7Fh
cEbUmkk0WkvUX2PdjLs1p4uZAsFtBxvckgaSchIlaKZEJwk2zGJ5f3a1ZNpO58jA
kb0j7k0g02ohZK+Va1UoJzHBUdXlMhwGiOZnyCWfrEC6OalH8I/w99HqkwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBO8ZLt5sXmuBO7Q4j2h/CITTQ+FMB8GA1UdIwQY
MBaAFNilbi1jrF2pvtNdoBy/rSJfBL6wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4Njct
ZThkNDdiYmEyNWJmLzEvRTd4a3UzbXhlYTRFN3REaVBhSDhJaE5ORDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83NDE3N2MtNWUzYi00ODM2LTg4NjctZThkNDdiYmEyNWJm
LzEvMktWdUxXT3NYYW0tMDEyZ0hMLXRJbDhFdnJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCwRAgMA4E
AgACMAgDBgAqAJtAAjANBgkqhkiG9w0BAQsFAAOCAQEAieHj1c3DWK/nCJ668MS0
SZoYzzIAv8jMja9uySxPcEoAgO9SzixpD1fMT7tKnp3FZlQhr4ziZqSVudCe6elU
SX/LZRJB2VgnYcz0adwIiY+vM2BdDCq/krzVkx0XO9S36moTYnKfO78Y/40khvo3
p1qqToN2sr75BpeAJ4AmivpfR0JDay5qZL6wGBRkOH97v0nT2Kp3CK66KLypBMkB
IvmfFJIjOkouO66G2MBhiNKg2QwL4HIttH6SoVtacnfHYBJw7wwwfMdVQ7B+BjzK
qcGYCizKgRHQHxEVlxSDX3q3VfOH0iROF5mn7w+W1vONEMBg0f5wwQ1h4bBSYx4d
4Q==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:10 2025 by rpki-client