Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/xJgQKsjT0eSNmVoWbEkw8OXTM2w.roa
File: xJgQKsjT0eSNmVoWbEkw8OXTM2w.roa (raw, json)
Hash identifier: FMAdiGwPtBD+diDy/hOUFbFdbWx2xp6yZItgguyKRCg=
Subject key identifier: C4:98:10:2A:C8:D3:D1:E4:8D:99:5A:16:6C:49:30:F0:E5:D3:33:6C
Certificate issuer: /CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Certificate serial: 019388A143FF2DA92F6DECA6480186CF2B56
Authority key identifier: 13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/xJgQKsjT0eSNmVoWbEkw8OXTM2w.roa
Signing time: Mon 02 Dec 2024 18:28:10 +0000
ROA not before: Mon 02 Dec 2024 18:28:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 194.150.220.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Dec 2024 14:55:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:88:a1:43:ff:2d:a9:2f:6d:ec:a6:48:01:86:cf:2b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1366b960a6f1f04439f09186f9ecf531a9ce2648
Validity
Not Before: Dec 2 18:28:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c498102ac8d3d1e48d995a166c4930f0e5d3336c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dc:22:d2:b6:40:3a:91:e5:43:51:1c:c0:2a:
6d:8a:85:7f:2d:62:c6:54:08:a4:44:65:df:a1:d3:
94:a4:f4:0a:a3:73:a4:d2:8c:be:a4:35:09:ee:27:
f0:fb:d2:38:bc:02:e4:db:dd:bc:db:bb:aa:89:3d:
80:29:bd:57:f7:f5:1d:62:66:3e:8b:6d:29:64:93:
e5:2a:aa:86:0c:ed:0a:0d:f3:8c:02:3c:b7:74:6a:
3e:80:d7:2a:ff:97:07:01:c2:df:a5:ba:41:eb:dd:
47:f3:20:02:12:80:3c:c1:86:8a:9e:cf:4f:fa:42:
f0:37:23:a9:27:66:44:83:60:45:e5:bd:c3:64:7d:
36:6b:76:0a:e9:a1:9f:d7:53:af:ac:7e:07:6a:05:
a4:aa:6e:35:79:30:4f:f6:6a:c2:81:71:73:20:74:
b0:1a:6d:f8:28:da:bb:12:60:64:98:4f:39:88:af:
dc:73:dd:03:05:cc:dd:03:29:61:e4:61:fa:d4:f0:
66:16:53:58:29:14:21:36:bf:86:13:31:93:a5:3c:
40:0c:06:b9:0b:72:76:57:be:f2:cd:4c:85:40:97:
4f:91:8c:f4:1a:91:9d:ef:9c:3f:6b:08:e4:2a:f4:
af:62:9c:73:8c:44:46:c6:a8:5c:69:46:b4:43:81:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:98:10:2A:C8:D3:D1:E4:8D:99:5A:16:6C:49:30:F0:E5:D3:33:6C
X509v3 Authority Key Identifier:
keyid:13:66:B9:60:A6:F1:F0:44:39:F0:91:86:F9:EC:F5:31:A9:CE:26:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2a5YKbx8EQ58JGG-ez1ManOJkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/xJgQKsjT0eSNmVoWbEkw8OXTM2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4402b0-2eca-4836-bf22-a967159f887d/1/E2a5YKbx8EQ58JGG-ez1ManOJkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.220.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:f7:ef:cb:b6:91:59:29:22:e1:16:30:57:4f:e8:59:7e:80:
58:b7:16:c7:8f:a8:16:71:1f:b4:97:ca:42:6f:3c:11:f7:df:
9e:90:73:5d:08:b3:e7:35:1f:0d:45:69:2c:80:bd:59:a2:32:
fc:f4:f7:56:eb:66:5e:73:d6:72:74:5a:0f:d3:fa:d1:29:69:
c5:36:10:a1:7b:49:d2:79:62:f9:5f:bf:53:d1:2d:81:3b:43:
40:ca:c3:9d:32:25:5d:41:ab:95:62:42:58:81:30:c0:5c:e6:
ed:db:e3:78:e4:1d:2d:92:95:70:1c:19:75:f4:dc:c0:5f:f4:
e7:04:51:0d:ad:85:8b:96:89:49:af:8f:6b:83:0c:7a:26:3f:
a0:65:97:9a:42:9d:98:7a:25:d5:35:21:b0:11:a7:41:10:ba:
74:3c:c5:0f:5b:b1:5c:39:07:4c:4c:c6:e4:ea:7b:76:c6:a9:
c7:cb:a1:27:37:e4:a4:b4:c8:e0:77:e2:1d:b6:7a:04:2e:2a:
53:85:bb:ef:73:f7:4b:7d:fc:c2:02:5e:8e:af:4d:93:b2:b4:
44:53:17:b9:50:f0:aa:a3:c4:45:40:bb:cf:6e:99:e7:89:4d:
05:66:4d:b5:99:ab:a7:a5:83:c1:81:ee:7e:78:8d:9f:64:97:
0e:88:84:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOIoUP/LakvbeymSAGGzytWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjZiOTYwYTZmMWYwNDQzOWYwOTE4NmY5ZWNmNTMxYTlj
ZTI2NDgwHhcNMjQxMjAyMTgyODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk4MTAyYWM4ZDNkMWU0OGQ5OTVhMTY2YzQ5MzBmMGU1ZDMzMzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdwi0rZAOpHlQ1EcwCptioV/LWLG
VAikRGXfodOUpPQKo3Ok0oy+pDUJ7ifw+9I4vALk292827uqiT2AKb1X9/UdYmY+
i20pZJPlKqqGDO0KDfOMAjy3dGo+gNcq/5cHAcLfpbpB691H8yACEoA8wYaKns9P
+kLwNyOpJ2ZEg2BF5b3DZH02a3YK6aGf11OvrH4HagWkqm41eTBP9mrCgXFzIHSw
Gm34KNq7EmBkmE85iK/cc90DBczdAylh5GH61PBmFlNYKRQhNr+GEzGTpTxADAa5
C3J2V77yzUyFQJdPkYz0GpGd75w/awjkKvSvYpxzjERGxqhcaUa0Q4F0mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSYECrI09HkjZlaFmxJMPDl0zNsMB8GA1UdIwQY
MBaAFBNmuWCm8fBEOfCRhvns9TGpziZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjIt
YTk2NzE1OWY4ODdkLzEveEpnUUtzalQwZVNObVZvV2JFa3c4T1hUTTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni80NDAyYjAtMmVjYS00ODM2LWJmMjItYTk2NzE1OWY4ODdk
LzEvRTJhNVlLYng4RVE1OEpHRy1lejFNYW5PSmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpbcMA0G
CSqGSIb3DQEBCwUAA4IBAQDI9+/LtpFZKSLhFjBXT+hZfoBYtxbHj6gWcR+0l8pC
bzwR99+ekHNdCLPnNR8NRWksgL1ZojL89PdW62Zec9ZydFoP0/rRKWnFNhChe0nS
eWL5X79T0S2BO0NAysOdMiVdQauVYkJYgTDAXObt2+N45B0tkpVwHBl19NzAX/Tn
BFENrYWLlolJr49rgwx6Jj+gZZeaQp2YeiXVNSGwEadBELp0PMUPW7FcOQdMTMbk
6nt2xqnHy6EnN+SktMjgd+IdtnoELipThbvvc/dLffzCAl6Or02TsrREUxe5UPCq
o8RFQLvPbpnniU0FZk21maunpYPBge5+eI2fZJcOiITt
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:00:06 2025 by rpki-client