Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ae0a93-f690-4e36-befa-91a349e77478/1/xd5UiBAEF-RNF8XM9at2DB1P-6g.roa
File: xd5UiBAEF-RNF8XM9at2DB1P-6g.roa (raw, json)
Hash identifier: dLyMu/8LUc0zij28mCnVhIogK/R0vPfFXCptGmFLXkY=
Subject key identifier: C5:DE:54:88:10:04:17:E4:4D:17:C5:CC:F5:AB:76:0C:1D:4F:FB:A8
Certificate issuer: /CN=0d2efe3b63fa9b2a7932c5b5ec854b70c3f18839
Certificate serial: 018F29B2E9F621B8FFC71A2C7C0934096CE7
Authority key identifier: 0D:2E:FE:3B:63:FA:9B:2A:79:32:C5:B5:EC:85:4B:70:C3:F1:88:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DS7-O2P6myp5MsW17IVLcMPxiDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/ae0a93-f690-4e36-befa-91a349e77478/1/xd5UiBAEF-RNF8XM9at2DB1P-6g.roa
Signing time: Mon 29 Apr 2024 11:52:22 +0000
ROA not before: Mon 29 Apr 2024 11:52:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215120
IP address blocks: 193.178.186.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 09:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:b2:e9:f6:21:b8:ff:c7:1a:2c:7c:09:34:09:6c:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2efe3b63fa9b2a7932c5b5ec854b70c3f18839
Validity
Not Before: Apr 29 11:52:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5de5488100417e44d17c5ccf5ab760c1d4ffba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5d:b2:a9:26:e2:97:e1:96:89:8f:5f:83:e7:
de:04:c7:a5:96:74:1e:75:85:98:c5:c6:bb:f0:1b:
0f:f1:52:d5:60:9b:c3:64:3b:49:20:40:64:3e:1c:
67:44:50:7e:ab:6b:6d:07:c7:18:40:ba:41:49:8f:
72:c2:e3:f9:9b:1c:c4:2e:f8:45:54:bc:59:91:53:
6b:c9:0c:1a:05:75:40:c5:41:be:ae:50:79:93:7d:
e2:8e:58:f3:84:ad:d4:1e:2b:0d:38:8e:66:08:cb:
18:5b:87:99:6a:f7:62:31:a3:55:23:ea:fc:e4:de:
e3:6b:9a:91:56:cb:3d:ce:d2:cf:c4:f9:ad:6d:55:
af:3e:b0:b0:0c:0b:82:a7:63:15:cb:fd:16:d0:fb:
1d:8a:74:6c:5e:62:a1:c0:b5:f7:78:72:74:de:de:
24:dd:eb:5d:12:25:a8:7d:85:f3:39:dc:a7:27:94:
40:d0:86:04:49:9a:02:a3:1e:81:0a:6c:36:65:3f:
dd:44:c9:d2:53:ec:45:00:10:6a:25:ec:75:87:64:
2b:e8:71:11:3b:bb:c9:da:70:d7:3a:28:49:d6:0b:
51:e3:fb:49:a3:e4:67:2b:05:60:07:d9:52:f9:48:
f2:32:f8:80:f7:72:32:d1:35:9a:28:e4:a3:29:9f:
04:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DE:54:88:10:04:17:E4:4D:17:C5:CC:F5:AB:76:0C:1D:4F:FB:A8
X509v3 Authority Key Identifier:
keyid:0D:2E:FE:3B:63:FA:9B:2A:79:32:C5:B5:EC:85:4B:70:C3:F1:88:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DS7-O2P6myp5MsW17IVLcMPxiDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ae0a93-f690-4e36-befa-91a349e77478/1/xd5UiBAEF-RNF8XM9at2DB1P-6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ae0a93-f690-4e36-befa-91a349e77478/1/DS7-O2P6myp5MsW17IVLcMPxiDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.186.0/24
Signature Algorithm: sha256WithRSAEncryption
21:c0:c2:cc:80:ac:89:20:f0:2c:d4:6b:82:2c:44:0a:3e:57:
e7:7b:81:37:96:d9:8a:7b:81:f8:2b:4b:70:c4:7c:fe:a4:59:
fa:b6:17:42:68:d4:aa:f8:1b:22:39:e4:7d:b0:ab:93:80:c9:
9d:53:95:a5:d7:fb:ed:ff:6e:1f:b7:85:16:78:60:2e:ad:e1:
1a:0a:cb:90:6b:29:d3:0c:7d:cf:a9:1b:bf:e6:e1:6e:ac:78:
8d:1c:1f:a0:37:eb:61:3c:95:42:3f:19:37:f0:44:1e:8a:79:
a3:3a:bc:e7:a0:cc:cc:dc:ad:43:1a:ba:54:33:eb:fd:05:b2:
87:e7:f6:33:5a:5c:a3:3a:d0:86:84:c5:b2:0b:41:f4:b6:0d:
c4:ac:e2:1c:3f:c7:51:a1:ab:09:6c:cd:39:94:69:8e:85:c4:
14:66:cd:43:e0:89:9c:83:9c:e7:90:dd:f9:5b:b6:e1:a4:fb:
98:15:5d:5d:6c:cf:88:aa:8b:b6:67:6d:62:2b:6b:41:44:3b:
83:a5:b1:af:95:48:8a:d3:24:69:a6:92:f0:83:c6:59:b3:ac:
c4:80:a4:01:09:52:ff:d0:34:85:3c:a7:17:e7:4f:1e:de:6e:
54:c3:52:b8:57:b1:99:3d:82:33:c8:d9:15:cd:45:b2:df:54:
76:fe:58:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8psun2Ibj/xxosfAk0CWznMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMmVmZTNiNjNmYTliMmE3OTMyYzViNWVjODU0YjcwYzNm
MTg4MzkwHhcNMjQwNDI5MTE1MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRlNTQ4ODEwMDQxN2U0NGQxN2M1Y2NmNWFiNzYwYzFkNGZmYmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF2yqSbil+GWiY9fg+feBMellnQe
dYWYxca78BsP8VLVYJvDZDtJIEBkPhxnRFB+q2ttB8cYQLpBSY9ywuP5mxzELvhF
VLxZkVNryQwaBXVAxUG+rlB5k33ijljzhK3UHisNOI5mCMsYW4eZavdiMaNVI+r8
5N7ja5qRVss9ztLPxPmtbVWvPrCwDAuCp2MVy/0W0PsdinRsXmKhwLX3eHJ03t4k
3etdEiWofYXzOdynJ5RA0IYESZoCox6BCmw2ZT/dRMnSU+xFABBqJex1h2Qr6HER
O7vJ2nDXOihJ1gtR4/tJo+RnKwVgB9lS+UjyMviA93Iy0TWaKOSjKZ8EdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXeVIgQBBfkTRfFzPWrdgwdT/uoMB8GA1UdIwQY
MBaAFA0u/jtj+psqeTLFteyFS3DD8Yg5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFM3LU8yUDZteXA1TXNXMTdJVkxjTVB4aURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hZTBhOTMtZjY5MC00ZTM2LWJlZmEt
OTFhMzQ5ZTc3NDc4LzEveGQ1VWlCQUVGLVJORjhYTTlhdDJEQjFQLTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hZTBhOTMtZjY5MC00ZTM2LWJlZmEtOTFhMzQ5ZTc3NDc4
LzEvRFM3LU8yUDZteXA1TXNXMTdJVkxjTVB4aURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbK6MA0G
CSqGSIb3DQEBCwUAA4IBAQAhwMLMgKyJIPAs1GuCLEQKPlfne4E3ltmKe4H4K0tw
xHz+pFn6thdCaNSq+BsiOeR9sKuTgMmdU5Wl1/vt/24ft4UWeGAureEaCsuQaynT
DH3PqRu/5uFurHiNHB+gN+thPJVCPxk38EQeinmjOrznoMzM3K1DGrpUM+v9BbKH
5/YzWlyjOtCGhMWyC0H0tg3ErOIcP8dRoasJbM05lGmOhcQUZs1D4Imcg5znkN35
W7bhpPuYFV1dbM+Iqou2Z21iK2tBRDuDpbGvlUiK0yRpppLwg8ZZs6zEgKQBCVL/
0DSFPKcX508e3m5Uw1K4V7GZPYIzyNkVzUWy31R2/lg7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:36 2025 by rpki-client