Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/P2rUwuzOBZIahMaxfSU189p5rKs.roa
File: P2rUwuzOBZIahMaxfSU189p5rKs.roa (raw, json)
Hash identifier: bxFrMESlJHzSb28J0Rg4E7Hy++iGWtauXP7IYf/k+gA=
Subject key identifier: 3F:6A:D4:C2:EC:CE:05:92:1A:84:C6:B1:7D:25:35:F3:DA:79:AC:AB
Certificate issuer: /CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Certificate serial: 019373CB65A3EF75A7C9F72752AC7814FCEF
Authority key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/P2rUwuzOBZIahMaxfSU189p5rKs.roa
Signing time: Thu 28 Nov 2024 17:22:09 +0000
ROA not before: Thu 28 Nov 2024 17:22:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16859
IP address blocks: 194.150.220.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Dec 2024 18:28:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:cb:65:a3:ef:75:a7:c9:f7:27:52:ac:78:14:fc:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Validity
Not Before: Nov 28 17:22:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f6ad4c2ecce05921a84c6b17d2535f3da79acab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:04:b9:a4:70:45:12:70:8d:f1:ee:37:21:37:
9b:ed:3b:7e:6f:eb:23:93:13:98:6a:b1:42:6a:0e:
09:27:9c:a1:ba:6f:ef:95:4f:76:c9:50:14:4b:85:
06:0b:7e:84:12:34:05:dd:f6:48:02:55:f0:1e:8e:
70:85:7c:98:25:66:4b:18:8c:84:e6:b8:71:39:59:
27:96:61:51:f2:bd:77:b5:97:cc:18:f3:a6:d2:1c:
f9:78:02:81:2f:df:57:25:c8:36:ca:47:e0:10:28:
1d:08:af:46:6c:4e:3f:1e:97:64:56:93:1e:36:39:
05:97:ae:d5:c3:a0:e0:33:04:b0:8d:f2:ca:d4:64:
1d:a6:a8:12:58:3c:34:52:22:a6:23:1e:49:42:13:
e3:f2:09:fb:55:b4:76:95:99:30:dc:b4:07:f4:f0:
5c:21:81:04:1e:d2:c8:b4:18:db:61:55:8e:8e:d3:
93:47:fe:4e:d3:b9:7b:af:fd:a0:fc:44:6c:18:24:
eb:33:88:86:c5:8a:6f:a5:72:97:ed:2c:1f:22:29:
c9:0d:a1:7c:54:40:a0:1f:5a:0c:0c:b1:8b:1f:20:
12:6d:80:24:88:42:72:88:8c:84:08:d0:64:70:66:
1d:ee:ea:3e:46:28:a8:9e:8f:7e:ec:78:0a:4d:28:
1b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6A:D4:C2:EC:CE:05:92:1A:84:C6:B1:7D:25:35:F3:DA:79:AC:AB
X509v3 Authority Key Identifier:
keyid:13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/P2rUwuzOBZIahMaxfSU189p5rKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.220.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:0f:04:93:c0:a4:40:45:b9:6e:c0:5d:ae:a3:23:a3:10:45:
f6:70:b3:f6:21:af:f3:08:2c:31:0d:ea:59:8a:e6:68:49:cb:
e9:75:c2:89:f9:76:1f:c1:9b:8b:64:fe:9b:84:b5:46:dc:90:
fd:08:f8:ca:53:15:02:02:a2:6d:a4:bc:b3:e7:cb:8c:99:4a:
a8:c5:01:ce:00:24:ff:41:06:f5:82:ee:72:c9:75:15:8b:d8:
4a:9a:6e:1d:8e:e3:45:71:86:49:2c:16:6c:ac:34:e1:28:1b:
b0:db:44:db:b6:f0:d1:b2:43:85:47:21:77:c1:e3:42:1b:bb:
b3:53:93:9b:a5:cc:f3:f5:af:48:ce:19:a4:ba:b6:17:f3:71:
dd:1e:c4:b1:79:5f:61:d0:a8:58:44:38:c0:a5:1a:5a:bb:8b:
20:94:95:e2:55:59:65:8f:ec:0f:a2:21:86:91:12:a6:ed:90:
06:a3:fb:7b:3e:c8:fc:79:51:ea:0c:1b:5f:a5:5f:c3:28:5c:
17:5d:5b:9d:d8:6f:cf:e0:ea:ab:2d:6c:17:25:ab:cf:42:41:
50:9c:2c:b0:51:28:80:61:9c:6a:f4:58:91:5b:33:73:cd:52:
01:a8:40:2b:0e:f5:29:a7:8e:4d:d7:dd:ee:5d:9e:38:6c:07:
c2:83:e1:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNzy2Wj73WnyfcnUqx4FPzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjZiOTYwYTZmMWYwNDQzOWYwOTE4NmY5ZWNmNTMxYTlj
ZTI2NDgwHhcNMjQxMTI4MTcyMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZhZDRjMmVjY2UwNTkyMWE4NGM2YjE3ZDI1MzVmM2RhNzlhY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QS5pHBFEnCN8e43ITeb7Tt+b+sj
kxOYarFCag4JJ5yhum/vlU92yVAUS4UGC36EEjQF3fZIAlXwHo5whXyYJWZLGIyE
5rhxOVknlmFR8r13tZfMGPOm0hz5eAKBL99XJcg2ykfgECgdCK9GbE4/HpdkVpMe
NjkFl67Vw6DgMwSwjfLK1GQdpqgSWDw0UiKmIx5JQhPj8gn7VbR2lZkw3LQH9PBc
IYEEHtLItBjbYVWOjtOTR/5O07l7r/2g/ERsGCTrM4iGxYpvpXKX7SwfIinJDaF8
VECgH1oMDLGLHyASbYAkiEJyiIyECNBkcGYd7uo+Riiono9+7HgKTSgbmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9q1MLszgWSGoTGsX0lNfPaeayrMB8GA1UdIwQY
MBaAFBNmuWCm8fBEOfCRhvns9TGpziZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjIt
YTk2NzE1OWY4ODdkLzEvUDJyVXd1ek9CWklhaE1heGZTVTE4OXA1cktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjItYTk2NzE1OWY4ODdk
LzEvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpbcMA0G
CSqGSIb3DQEBCwUAA4IBAQCxDwSTwKRARbluwF2uoyOjEEX2cLP2Ia/zCCwxDepZ
iuZoScvpdcKJ+XYfwZuLZP6bhLVG3JD9CPjKUxUCAqJtpLyz58uMmUqoxQHOACT/
QQb1gu5yyXUVi9hKmm4djuNFcYZJLBZsrDThKBuw20TbtvDRskOFRyF3weNCG7uz
U5Obpczz9a9IzhmkurYX83HdHsSxeV9h0KhYRDjApRpau4sglJXiVVllj+wPoiGG
kRKm7ZAGo/t7Psj8eVHqDBtfpV/DKFwXXVud2G/P4OqrLWwXJavPQkFQnCywUSiA
YZxq9FiRWzNzzVIBqEArDvUpp45N193uXZ44bAfCg+EM
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:20:20 2025 by rpki-client