Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/poxmtDYR7ti9a7u3bYB-59Fu5iQ.roa
File: poxmtDYR7ti9a7u3bYB-59Fu5iQ.roa (raw, json)
Hash identifier: Bh9luk93Ef4KzKcg62KO2kZl5y/QGvjfYdFOc3DluFg=
Subject key identifier: A6:8C:66:B4:36:11:EE:D8:BD:6B:BB:B7:6D:80:7E:E7:D1:6E:E6:24
Certificate issuer: /CN=c469fe3d882c93e38e8b6a286a3177dc17e99ac7
Certificate serial: 018CC94D8CDCE988FB5714E84054C72164D2
Authority key identifier: C4:69:FE:3D:88:2C:93:E3:8E:8B:6A:28:6A:31:77:DC:17:E9:9A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGn-PYgsk-OOi2ooajF33Bfpmsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/poxmtDYR7ti9a7u3bYB-59Fu5iQ.roa
Signing time: Tue 02 Jan 2024 08:32:31 +0000
ROA not before: Tue 02 Jan 2024 08:32:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208165
IP address blocks: 178.57.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:8c:dc:e9:88:fb:57:14:e8:40:54:c7:21:64:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c469fe3d882c93e38e8b6a286a3177dc17e99ac7
Validity
Not Before: Jan 2 08:32:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a68c66b43611eed8bd6bbbb76d807ee7d16ee624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ec:85:d8:e4:07:6e:79:bb:8e:4c:10:9d:ea:
cf:c8:f4:57:6d:59:a8:f3:08:0c:cc:59:1f:77:8e:
cc:1a:c3:19:4b:20:94:d5:61:fe:67:e3:85:9c:c8:
d6:e3:1e:13:c9:a5:86:e9:8b:25:7a:bb:57:90:29:
76:24:00:c8:41:15:4e:fa:7e:1a:8d:82:68:41:b5:
50:13:de:b1:99:a9:56:0b:b4:bd:ad:b4:66:4c:c0:
9b:ec:22:a6:77:eb:07:49:25:2d:6f:c9:5f:e6:f6:
b2:65:df:37:31:a7:26:47:57:40:ce:43:38:ec:3f:
b2:af:06:a1:9f:a1:4d:5d:cb:87:b5:ff:9e:d6:01:
7f:92:52:01:7c:d8:b6:40:20:55:1e:e7:c8:c1:c8:
5a:9a:b5:73:9e:98:b9:bb:ca:3b:a4:04:49:35:31:
8e:ea:e6:a8:65:b5:d5:99:da:ef:ca:56:fe:70:e3:
f5:36:95:40:1f:1f:f7:4b:d1:4f:a2:65:37:93:50:
7d:66:c7:ef:c7:df:af:4c:6b:ae:7b:0d:e5:97:31:
4a:d3:28:f8:eb:53:89:aa:9f:ba:de:8c:bb:8c:8b:
9b:f7:28:9a:ee:ac:67:e9:82:0d:21:6b:d6:ae:d5:
a1:54:11:9a:c7:22:9a:fa:c7:91:a8:50:ba:52:a4:
25:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8C:66:B4:36:11:EE:D8:BD:6B:BB:B7:6D:80:7E:E7:D1:6E:E6:24
X509v3 Authority Key Identifier:
keyid:C4:69:FE:3D:88:2C:93:E3:8E:8B:6A:28:6A:31:77:DC:17:E9:9A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGn-PYgsk-OOi2ooajF33Bfpmsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/poxmtDYR7ti9a7u3bYB-59Fu5iQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/c475ab-fdd5-492f-813a-61d9a23f3411/1/xGn-PYgsk-OOi2ooajF33Bfpmsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.57.95.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:38:79:b6:c5:cf:e4:a6:44:c4:b7:d6:df:7a:96:c5:3d:3e:
87:40:c7:5f:8d:c2:fe:d0:63:a1:44:d4:4c:73:68:84:79:d4:
d6:7c:d2:44:47:4c:a6:fb:5e:d4:83:63:0c:20:84:f2:c8:eb:
02:58:bb:14:df:f4:99:ad:c8:50:cd:27:44:b1:35:37:14:6d:
67:9a:f8:01:9c:6b:19:ed:a7:f2:6d:95:a8:31:4e:4d:ea:78:
28:a7:b4:b6:19:47:f1:6a:ac:04:37:61:8f:7e:60:b9:e2:da:
23:8d:00:9e:32:2d:45:70:bb:8d:b9:0d:b9:0a:71:b7:83:35:
3e:63:d9:d5:3f:71:5e:02:a6:e3:be:de:da:ea:0a:a2:a8:88:
f3:7c:53:81:1e:55:da:28:4d:ba:e8:16:e8:a5:bf:ac:23:c4:
7c:56:74:ea:c9:9a:cb:da:51:c7:e6:6f:2d:8b:a9:14:2e:58:
4b:52:1a:3d:e8:8c:03:c0:97:9b:85:a8:f3:0c:5d:93:7d:12:
e9:c6:14:ce:f7:a1:86:2a:cd:12:14:c3:4c:c6:39:f8:a9:7a:
e2:76:ce:ba:0e:3f:21:53:db:22:88:4c:fd:e2:de:79:6d:a0:
cb:1b:33:2d:71:f7:79:05:6b:67:49:61:b9:95:2e:a6:64:eb:
99:4d:ed:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTYzc6Yj7VxToQFTHIWTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NjlmZTNkODgyYzkzZTM4ZThiNmEyODZhMzE3N2RjMTdl
OTlhYzcwHhcNMjQwMTAyMDgzMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhjNjZiNDM2MTFlZWQ4YmQ2YmJiYjc2ZDgwN2VlN2QxNmVlNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweyF2OQHbnm7jkwQnerPyPRXbVmo
8wgMzFkfd47MGsMZSyCU1WH+Z+OFnMjW4x4TyaWG6YslertXkCl2JADIQRVO+n4a
jYJoQbVQE96xmalWC7S9rbRmTMCb7CKmd+sHSSUtb8lf5vayZd83MacmR1dAzkM4
7D+yrwahn6FNXcuHtf+e1gF/klIBfNi2QCBVHufIwchamrVznpi5u8o7pARJNTGO
6uaoZbXVmdrvylb+cOP1NpVAHx/3S9FPomU3k1B9Zsfvx9+vTGuuew3llzFK0yj4
61OJqp+63oy7jIub9yia7qxn6YINIWvWrtWhVBGaxyKa+seRqFC6UqQlKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaMZrQ2Ee7YvWu7t22AfufRbuYkMB8GA1UdIwQY
MBaAFMRp/j2ILJPjjotqKGoxd9wX6ZrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEduLVBZZ3NrLU9PaTJvb2FqRjMzQmZwbXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9jNDc1YWItZmRkNS00OTJmLTgxM2Et
NjFkOWEyM2YzNDExLzEvcG94bXREWVI3dGk5YTd1M2JZQi01OUZ1NWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9jNDc1YWItZmRkNS00OTJmLTgxM2EtNjFkOWEyM2YzNDEx
LzEveEduLVBZZ3NrLU9PaTJvb2FqRjMzQmZwbXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsjlfMA0G
CSqGSIb3DQEBCwUAA4IBAQBfOHm2xc/kpkTEt9bfepbFPT6HQMdfjcL+0GOhRNRM
c2iEedTWfNJER0ym+17Ug2MMIITyyOsCWLsU3/SZrchQzSdEsTU3FG1nmvgBnGsZ
7afybZWoMU5N6ngop7S2GUfxaqwEN2GPfmC54tojjQCeMi1FcLuNuQ25CnG3gzU+
Y9nVP3FeAqbjvt7a6gqiqIjzfFOBHlXaKE266Bbopb+sI8R8VnTqyZrL2lHH5m8t
i6kULlhLUho96IwDwJebhajzDF2TfRLpxhTO96GGKs0SFMNMxjn4qXrids66Dj8h
U9siiEz94t55baDLGzMtcfd5BWtnSWG5lS6mZOuZTe35
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:36 2025 by rpki-client