Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/stvqQUDIWwy8gwn-VASnX8Au3ys.roa
File: stvqQUDIWwy8gwn-VASnX8Au3ys.roa (raw, json)
Hash identifier: iuFvtKc+dZVr7UwZE4PS+Cn3ywUFoD20mo3ZtrjoK+c=
Subject key identifier: B2:DB:EA:41:40:C8:5B:0C:BC:83:09:FE:54:04:A7:5F:C0:2E:DF:2B
Certificate issuer: /CN=1662cfd26eccf289757399cc99c17d1cb4357535
Certificate serial: 018CC34929E140FE0C48DFC20E08155B3863
Authority key identifier: 16:62:CF:D2:6E:CC:F2:89:75:73:99:CC:99:C1:7D:1C:B4:35:75:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/stvqQUDIWwy8gwn-VASnX8Au3ys.roa
Signing time: Mon 01 Jan 2024 04:30:01 +0000
ROA not before: Mon 01 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198818
IP address blocks: 178.132.64.0/22 maxlen: 22
178.132.70.0/23 maxlen: 23
178.132.71.0/24 maxlen: 24
2a03:2380::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:29:e1:40:fe:0c:48:df:c2:0e:08:15:5b:38:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1662cfd26eccf289757399cc99c17d1cb4357535
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2dbea4140c85b0cbc8309fe5404a75fc02edf2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:65:01:e1:fa:a1:00:a0:8e:c4:43:b7:17:7b:
ea:b3:a5:27:a5:c4:54:96:c3:af:01:3a:bd:69:b1:
bd:25:07:e1:f4:9b:f3:d0:3b:6a:07:f0:e2:cb:b1:
01:67:7d:42:f8:b9:7f:6b:1b:67:de:ae:56:7e:bb:
c4:17:4a:53:e4:95:cc:6e:4d:aa:ed:ee:d9:64:93:
fe:03:15:a8:f5:b0:33:5d:47:87:21:15:3c:0b:6b:
c5:94:da:4e:b9:97:d7:cb:ca:19:97:7a:5f:78:9e:
a9:d1:6f:58:cc:b0:28:32:26:cf:00:d1:7a:18:fb:
b6:98:44:70:0d:4b:89:52:c8:93:2f:c0:8a:0d:b6:
e5:9e:47:31:73:4a:e7:8f:20:fd:6d:60:93:aa:94:
95:31:7d:36:53:b6:9f:03:08:be:e3:3f:c5:31:7c:
c3:31:7f:88:23:46:99:05:0f:f0:a0:05:a3:d4:c6:
93:dd:0a:f1:4a:62:82:dc:ed:1b:f6:87:bf:2c:fd:
cb:fb:db:53:8b:85:fa:d3:c4:76:e7:77:4b:6d:d5:
69:ab:d1:38:6d:55:07:47:1b:9c:f2:26:7c:ff:bd:
f4:55:62:0e:5a:92:3f:8d:0d:b4:de:74:5b:ac:0b:
fa:8c:d0:65:56:cc:c6:22:57:40:5f:f9:fb:bc:5f:
df:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DB:EA:41:40:C8:5B:0C:BC:83:09:FE:54:04:A7:5F:C0:2E:DF:2B
X509v3 Authority Key Identifier:
keyid:16:62:CF:D2:6E:CC:F2:89:75:73:99:CC:99:C1:7D:1C:B4:35:75:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/stvqQUDIWwy8gwn-VASnX8Au3ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/5b9878-2080-4354-9592-b7231941fc3a/1/FmLP0m7M8ol1c5nMmcF9HLQ1dTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.64.0/22
178.132.70.0/23
IPv6:
2a03:2380::/32
Signature Algorithm: sha256WithRSAEncryption
8d:c1:72:db:86:d4:65:f6:3c:83:a2:fa:29:ca:7e:70:ed:97:
7d:54:e0:52:09:06:a9:67:f5:15:93:38:b3:a5:f3:e9:f9:66:
af:8c:97:56:7e:60:de:5e:42:0a:0f:c4:7c:0b:42:9e:2e:ca:
20:04:7f:ff:f6:ef:08:a2:4e:48:23:f9:3b:ec:59:65:58:6e:
45:03:c3:47:25:fe:1a:b4:90:a3:38:2e:b5:3f:dd:73:38:1a:
d6:37:02:81:c6:d6:28:52:9d:fa:15:87:18:ba:aa:06:e6:4f:
ab:d6:24:74:f8:e1:38:05:c0:b9:32:ad:34:4f:25:5d:64:4c:
e7:d3:c4:dd:86:b0:9f:98:b5:32:81:e8:2d:28:48:99:82:06:
97:82:69:11:2f:55:14:bf:fc:0a:06:34:d6:69:df:77:dc:9d:
8e:97:d5:99:4f:fc:3f:04:26:a5:45:6f:0a:92:5c:fc:a1:64:
ed:36:89:d2:ed:3c:c4:0b:0c:4a:6f:b6:4c:80:55:cf:a2:79:
83:f1:85:78:92:06:cc:d6:d0:18:36:f4:b5:28:29:13:99:0a:
d3:8b:97:f2:d1:03:1e:fe:f4:72:d9:c9:cb:27:73:19:08:f2:
01:4e:e2:48:e3:9a:2f:e6:53:d1:c9:d6:ee:1e:37:ad:94:cb:
c6:34:c7:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSSnhQP4MSN/CDggVWzhjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NjJjZmQyNmVjY2YyODk3NTczOTljYzk5YzE3ZDFjYjQz
NTc1MzUwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRiZWE0MTQwYzg1YjBjYmM4MzA5ZmU1NDA0YTc1ZmMwMmVkZjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGUB4fqhAKCOxEO3F3vqs6UnpcRU
lsOvATq9abG9JQfh9Jvz0DtqB/Diy7EBZ31C+Ll/axtn3q5WfrvEF0pT5JXMbk2q
7e7ZZJP+AxWo9bAzXUeHIRU8C2vFlNpOuZfXy8oZl3pfeJ6p0W9YzLAoMibPANF6
GPu2mERwDUuJUsiTL8CKDbblnkcxc0rnjyD9bWCTqpSVMX02U7afAwi+4z/FMXzD
MX+II0aZBQ/woAWj1MaT3QrxSmKC3O0b9oe/LP3L+9tTi4X608R253dLbdVpq9E4
bVUHRxuc8iZ8/730VWIOWpI/jQ203nRbrAv6jNBlVszGIldAX/n7vF/fEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLLb6kFAyFsMvIMJ/lQEp1/ALt8rMB8GA1UdIwQY
MBaAFBZiz9JuzPKJdXOZzJnBfRy0NXU1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1MUDBtN004b2wxYzVuTW1jRjlITFExZFRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My81Yjk4NzgtMjA4MC00MzU0LTk1OTIt
YjcyMzE5NDFmYzNhLzEvc3R2cVFVRElXd3k4Z3duLVZBU25YOEF1M3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My81Yjk4NzgtMjA4MC00MzU0LTk1OTItYjcyMzE5NDFmYzNh
LzEvRm1MUDBtN004b2wxYzVuTW1jRjlITFExZFRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCsoRAAwQB
soRGMA0EAgACMAcDBQAqAyOAMA0GCSqGSIb3DQEBCwUAA4IBAQCNwXLbhtRl9jyD
ovopyn5w7Zd9VOBSCQapZ/UVkzizpfPp+WavjJdWfmDeXkIKD8R8C0KeLsogBH//
9u8Iok5II/k77FllWG5FA8NHJf4atJCjOC61P91zOBrWNwKBxtYoUp36FYcYuqoG
5k+r1iR0+OE4BcC5Mq00TyVdZEzn08TdhrCfmLUygegtKEiZggaXgmkRL1UUv/wK
BjTWad933J2Ol9WZT/w/BCalRW8Kklz8oWTtNonS7TzECwxKb7ZMgFXPonmD8YV4
kgbM1tAYNvS1KCkTmQrTi5fy0QMe/vRy2cnLJ3MZCPIBTuJI45ov5lPRydbuHjet
lMvGNMdM
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:35 2025 by rpki-client