Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/XX2lPV5k0UF5kfU_UhvywdKjHYs.roa
File: XX2lPV5k0UF5kfU_UhvywdKjHYs.roa (raw, json)
Hash identifier: b+p3gj6qXp3PpqYrYa2OqDJkOLaWTuB/AX9DkXwD1Xs=
Subject key identifier: 5D:7D:A5:3D:5E:64:D1:41:79:91:F5:3F:52:1B:F2:C1:D2:A3:1D:8B
Certificate issuer: /CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Certificate serial: 018CC801471DBDFC1DDC0178578C53437D7F
Authority key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/XX2lPV5k0UF5kfU_UhvywdKjHYs.roa
Signing time: Tue 02 Jan 2024 02:29:36 +0000
ROA not before: Tue 02 Jan 2024 02:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50321
IP address blocks: 194.150.220.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Sep 2024 07:57:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:47:1d:bd:fc:1d:dc:01:78:57:8c:53:43:7d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Validity
Not Before: Jan 2 02:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d7da53d5e64d1417991f53f521bf2c1d2a31d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:50:59:85:fe:4b:80:4d:57:82:b9:97:87:a9:
f8:69:5d:d3:bf:f7:db:55:eb:14:b7:85:79:18:6a:
73:df:98:af:73:fa:52:b5:90:72:ca:c3:24:cc:cb:
a5:cc:23:6b:dc:fd:3e:dd:63:55:ea:b5:b3:a4:62:
8e:24:f2:f1:66:7c:ea:10:3c:a4:98:e0:fe:33:50:
a8:25:38:bc:40:be:bf:85:66:df:d1:96:ed:5b:91:
0d:6c:58:b1:dd:ed:67:ea:bc:87:23:5f:c5:37:d8:
79:6a:2b:cc:c5:71:a4:c7:b6:46:6e:1c:b3:13:cd:
80:a3:2b:87:3e:57:e8:91:3d:d7:9e:54:94:f2:77:
07:62:20:04:61:a2:94:da:12:ef:9c:f0:b8:3e:d9:
4f:67:c8:83:57:b9:31:0a:44:6e:4f:26:5b:6e:4e:
5d:5c:67:b2:45:63:ae:92:80:ef:e0:98:40:da:73:
c0:84:e0:8f:66:6f:93:ed:76:c2:d1:58:84:7c:65:
e5:23:9e:31:01:87:58:c1:b4:c6:8c:62:23:e7:85:
12:5b:96:c3:bc:e9:c5:6d:b1:53:8e:ac:9a:9c:8b:
66:a5:44:a6:62:1f:33:68:52:7d:94:4b:b2:6c:fb:
ee:8c:60:83:15:cf:fa:64:a9:1a:71:0e:30:c4:f9:
f8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7D:A5:3D:5E:64:D1:41:79:91:F5:3F:52:1B:F2:C1:D2:A3:1D:8B
X509v3 Authority Key Identifier:
keyid:13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/XX2lPV5k0UF5kfU_UhvywdKjHYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.220.0/23
Signature Algorithm: sha256WithRSAEncryption
85:50:92:b3:78:0b:e0:e3:d9:eb:ef:a8:1f:9f:85:14:65:94:
dd:8c:e2:34:dc:04:c6:99:20:25:f8:e7:be:0e:47:5b:7f:f0:
d1:57:f8:5f:b1:28:2c:12:17:fc:fd:03:b9:32:f8:2d:7b:b2:
03:30:a4:fb:00:dd:4d:b5:2c:60:8d:90:f7:6d:58:57:11:ca:
4a:c2:16:64:33:77:8e:48:7a:72:67:f9:d8:b6:88:3b:65:8b:
19:b6:fb:d0:60:6c:e1:0a:91:83:f1:f9:5a:6e:16:9e:ee:56:
9d:05:bd:3e:de:8c:fe:75:a7:c8:12:67:8f:c0:fc:c3:11:38:
83:5f:20:fa:00:82:6e:18:b7:d9:fc:b8:03:91:47:1e:57:a8:
c8:99:6e:99:d7:08:1d:93:80:21:1a:33:f2:17:c1:e0:11:02:
92:11:ac:fe:ed:cc:47:28:ff:41:da:d8:9a:4e:00:ff:ba:75:
09:52:ab:ae:fa:9a:29:bc:62:85:da:2f:d9:8a:a2:52:6e:d1:
f4:37:5b:57:ca:0b:a5:a5:62:3f:99:af:37:23:98:fd:ac:92:
10:ba:99:1f:19:0e:8b:fb:b4:e6:a3:39:a0:d3:0d:16:5d:33:
bd:90:92:67:6a:ba:54:93:46:0b:f8:a5:c5:fa:d9:aa:8d:1f:
02:5b:a6:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAUcdvfwd3AF4V4xTQ31/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjZiOTYwYTZmMWYwNDQzOWYwOTE4NmY5ZWNmNTMxYTlj
ZTI2NDgwHhcNMjQwMTAyMDIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDdkYTUzZDVlNjRkMTQxNzk5MWY1M2Y1MjFiZjJjMWQyYTMxZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVBZhf5LgE1XgrmXh6n4aV3Tv/fb
VesUt4V5GGpz35ivc/pStZByysMkzMulzCNr3P0+3WNV6rWzpGKOJPLxZnzqEDyk
mOD+M1CoJTi8QL6/hWbf0ZbtW5ENbFix3e1n6ryHI1/FN9h5aivMxXGkx7ZGbhyz
E82AoyuHPlfokT3XnlSU8ncHYiAEYaKU2hLvnPC4PtlPZ8iDV7kxCkRuTyZbbk5d
XGeyRWOukoDv4JhA2nPAhOCPZm+T7XbC0ViEfGXlI54xAYdYwbTGjGIj54USW5bD
vOnFbbFTjqyanItmpUSmYh8zaFJ9lEuybPvujGCDFc/6ZKkacQ4wxPn4uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF19pT1eZNFBeZH1P1Ib8sHSox2LMB8GA1UdIwQY
MBaAFBNmuWCm8fBEOfCRhvns9TGpziZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjIt
YTk2NzE1OWY4ODdkLzEvWFgybFBWNWswVUY1a2ZVX1Vodnl3ZEtqSFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjItYTk2NzE1OWY4ODdk
LzEvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpbcMA0G
CSqGSIb3DQEBCwUAA4IBAQCFUJKzeAvg49nr76gfn4UUZZTdjOI03ATGmSAl+Oe+
Dkdbf/DRV/hfsSgsEhf8/QO5Mvgte7IDMKT7AN1NtSxgjZD3bVhXEcpKwhZkM3eO
SHpyZ/nYtog7ZYsZtvvQYGzhCpGD8flabhae7ladBb0+3oz+dafIEmePwPzDETiD
XyD6AIJuGLfZ/LgDkUceV6jImW6Z1wgdk4AhGjPyF8HgEQKSEaz+7cxHKP9B2tia
TgD/unUJUquu+popvGKF2i/ZiqJSbtH0N1tXygulpWI/ma83I5j9rJIQupkfGQ6L
+7Tmozmg0w0WXTO9kJJnarpUk0YL+KXF+tmqjR8CW6Yy
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:36:05 2025 by rpki-client