Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/XZ_HhyjaGTHGngarNyoTvDsi9yY.roa
File: XZ_HhyjaGTHGngarNyoTvDsi9yY.roa (raw, json)
Hash identifier: wYlvrztLmECWGeMTYh3Hs2Gz6wAAM/GTW7MWWDnqO+w=
Subject key identifier: 5D:9F:C7:87:28:DA:19:31:C6:9E:06:AB:37:2A:13:BC:3B:22:F7:26
Certificate issuer: /CN=68c0f2d0776f7e1d349075881c35e9d387463405
Certificate serial: 018FE68244062BE2B6C8F0ED3FB5D63C645C
Authority key identifier: 68:C0:F2:D0:77:6F:7E:1D:34:90:75:88:1C:35:E9:D3:87:46:34:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/XZ_HhyjaGTHGngarNyoTvDsi9yY.roa
Signing time: Wed 05 Jun 2024 03:47:27 +0000
ROA not before: Wed 05 Jun 2024 03:47:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 194.0.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 15:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e6:82:44:06:2b:e2:b6:c8:f0:ed:3f:b5:d6:3c:64:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c0f2d0776f7e1d349075881c35e9d387463405
Validity
Not Before: Jun 5 03:47:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d9fc78728da1931c69e06ab372a13bc3b22f726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:44:e5:90:76:a5:ef:04:4b:8a:2a:1a:4d:3f:
0a:59:a5:ec:8c:9f:9c:23:9d:11:42:ed:2f:b2:ac:
4c:ad:f6:ac:c1:67:33:59:ed:37:2b:b9:c4:aa:10:
46:4e:eb:c6:bf:93:34:08:ca:98:f9:66:ed:87:c2:
9b:7e:36:3f:33:d1:b8:ac:cb:21:48:75:82:03:61:
1a:79:3b:73:ac:31:34:ab:9f:e4:5b:27:b1:7d:66:
21:f6:7a:18:a4:4b:86:e9:aa:0e:8e:7f:a3:98:52:
1e:c0:61:0a:cb:1f:a2:83:fc:05:56:f6:70:a2:b3:
ac:3f:38:af:56:6f:b0:96:cc:cc:e1:78:6b:f9:4f:
30:f6:8f:69:44:72:a1:06:b3:8b:d8:0d:e8:d1:9f:
fd:bf:fa:1d:ea:ba:82:84:59:6f:87:d3:ea:42:39:
78:57:ff:a8:b0:7b:34:3b:aa:ed:95:6c:cf:1f:2c:
e8:b9:35:77:18:a5:b1:6d:0f:23:59:ff:7f:70:47:
c6:2e:81:dc:d6:1e:10:2e:18:df:6b:1a:a4:14:ae:
45:2d:40:e9:82:16:5a:d1:8a:d7:58:42:a1:93:e4:
e3:49:f4:08:52:7e:be:85:1b:72:50:7f:6f:4e:40:
05:e5:40:c9:f3:f8:4b:0e:17:fc:c0:6c:27:87:39:
28:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9F:C7:87:28:DA:19:31:C6:9E:06:AB:37:2A:13:BC:3B:22:F7:26
X509v3 Authority Key Identifier:
keyid:68:C0:F2:D0:77:6F:7E:1D:34:90:75:88:1C:35:E9:D3:87:46:34:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMDy0Hdvfh00kHWIHDXp04dGNAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/XZ_HhyjaGTHGngarNyoTvDsi9yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/84eedc-a2f6-4a39-a918-f9d9c03d4b4c/1/aMDy0Hdvfh00kHWIHDXp04dGNAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.234.0/24
Signature Algorithm: sha256WithRSAEncryption
83:2d:87:08:60:5b:83:ad:87:05:9b:cc:38:82:52:4a:07:59:
bb:2e:07:30:44:d0:99:14:74:74:85:17:8c:b1:fb:79:5b:88:
98:b0:1c:bc:78:b9:9a:8a:24:21:24:84:08:21:ec:4b:f6:d8:
70:c8:38:40:5d:93:a6:e6:91:93:8d:8f:bb:a9:2c:29:6f:03:
ad:00:4e:1a:9d:2b:28:aa:c4:38:35:3a:d6:cb:51:b3:f1:96:
25:e4:91:a1:ab:5c:ef:46:f6:3b:59:ed:be:9d:30:36:eb:77:
c1:5e:05:a1:1a:53:a9:48:dc:4e:35:11:2e:6a:37:ff:db:f1:
6e:03:00:70:01:2e:b5:a5:8b:45:bc:2a:af:8c:42:69:f0:e2:
13:bf:ac:ad:a4:f3:c0:fa:71:25:2d:0e:da:8e:1e:45:89:39:
e9:73:c3:2a:cd:00:2b:0d:e6:0f:86:5b:44:62:fb:90:9f:25:
06:0b:31:91:cb:9d:ae:cf:ac:3e:c1:20:3a:6d:72:8c:dc:49:
8a:72:73:29:d5:ef:4f:bd:31:5f:ca:0f:0d:95:cb:15:71:0a:
1a:37:67:97:21:35:fc:64:52:f8:90:8d:7b:0e:e9:28:c8:25:
69:82:91:65:ce:e8:b0:f1:ff:53:a5:e0:7e:40:f6:fb:34:89:
8f:04:27:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/mgkQGK+K2yPDtP7XWPGRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzBmMmQwNzc2ZjdlMWQzNDkwNzU4ODFjMzVlOWQzODc0
NjM0MDUwHhcNMjQwNjA1MDM0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDlmYzc4NzI4ZGExOTMxYzY5ZTA2YWIzNzJhMTNiYzNiMjJmNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsETlkHal7wRLiioaTT8KWaXsjJ+c
I50RQu0vsqxMrfaswWczWe03K7nEqhBGTuvGv5M0CMqY+Wbth8KbfjY/M9G4rMsh
SHWCA2EaeTtzrDE0q5/kWyexfWYh9noYpEuG6aoOjn+jmFIewGEKyx+ig/wFVvZw
orOsPzivVm+wlszM4Xhr+U8w9o9pRHKhBrOL2A3o0Z/9v/od6rqChFlvh9PqQjl4
V/+osHs0O6rtlWzPHyzouTV3GKWxbQ8jWf9/cEfGLoHc1h4QLhjfaxqkFK5FLUDp
ghZa0YrXWEKhk+TjSfQIUn6+hRtyUH9vTkAF5UDJ8/hLDhf8wGwnhzko1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2fx4co2hkxxp4GqzcqE7w7IvcmMB8GA1UdIwQY
MBaAFGjA8tB3b34dNJB1iBw16dOHRjQFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1EeTBIZHZmaDAwa0hXSUhEWHAwNGRHTkFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS84NGVlZGMtYTJmNi00YTM5LWE5MTgt
ZjlkOWMwM2Q0YjRjLzEvWFpfSGh5amFHVEhHbmdhck55b1R2RHNpOXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS84NGVlZGMtYTJmNi00YTM5LWE5MTgtZjlkOWMwM2Q0YjRj
LzEvYU1EeTBIZHZmaDAwa0hXSUhEWHAwNGRHTkFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDqMA0G
CSqGSIb3DQEBCwUAA4IBAQCDLYcIYFuDrYcFm8w4glJKB1m7LgcwRNCZFHR0hReM
sft5W4iYsBy8eLmaiiQhJIQIIexL9thwyDhAXZOm5pGTjY+7qSwpbwOtAE4anSso
qsQ4NTrWy1Gz8ZYl5JGhq1zvRvY7We2+nTA263fBXgWhGlOpSNxONREuajf/2/Fu
AwBwAS61pYtFvCqvjEJp8OITv6ytpPPA+nElLQ7ajh5FiTnpc8MqzQArDeYPhltE
YvuQnyUGCzGRy52uz6w+wSA6bXKM3EmKcnMp1e9PvTFfyg8NlcsVcQoaN2eXITX8
ZFL4kI17DukoyCVpgpFlzuiw8f9TpeB+QPb7NImPBCeD
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:12 2025 by rpki-client