Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/b688da-765c-4481-8eb3-730383211f25/1/KvZ5C7GGXpsnDIXFK9w1aA1xkeQ.roa
File: KvZ5C7GGXpsnDIXFK9w1aA1xkeQ.roa (raw, json)
Hash identifier: 2xkPC934TFyqLBsVBMeVEQzNzEo6Q8YWu+gSYwwm5GU=
Subject key identifier: 2A:F6:79:0B:B1:86:5E:9B:27:0C:85:C5:2B:DC:35:68:0D:71:91:E4
Certificate issuer: /CN=e3a898ba1250c8989cc76d9f8b53d1dbc62b2890
Certificate serial: 018CC56DF2DBB200A60A10EA489CF67770EB
Authority key identifier: E3:A8:98:BA:12:50:C8:98:9C:C7:6D:9F:8B:53:D1:DB:C6:2B:28:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/46iYuhJQyJicx22fi1PR28YrKJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/b688da-765c-4481-8eb3-730383211f25/1/KvZ5C7GGXpsnDIXFK9w1aA1xkeQ.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25321
IP address blocks: 193.201.78.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f2:db:b2:00:a6:0a:10:ea:48:9c:f6:77:70:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3a898ba1250c8989cc76d9f8b53d1dbc62b2890
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2af6790bb1865e9b270c85c52bdc35680d7191e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e1:21:b6:c6:13:3f:cd:91:a9:ab:5c:36:08:
6f:3e:51:54:03:82:2b:df:a7:e5:37:97:54:03:0e:
42:f0:ec:d1:76:2b:3f:50:09:07:0e:28:40:83:67:
f2:f6:20:c8:3d:f9:62:de:d8:8b:62:f6:94:bf:e7:
23:2a:aa:93:38:9d:39:0b:35:68:b3:cf:07:3a:0d:
b2:b5:ca:57:0d:30:29:53:19:5b:09:1c:43:6f:a1:
53:cd:15:8e:98:e9:8f:43:e6:af:41:c7:7d:dc:08:
54:2a:a1:22:2f:aa:d5:3c:b8:22:56:05:71:9c:dc:
a6:94:51:13:e9:b7:95:5b:2d:b2:e0:36:e3:6a:69:
09:a8:1e:84:75:68:0f:74:1a:1e:fd:11:8e:ea:1e:
f8:8f:a0:2c:17:9f:e0:24:d3:a4:74:8c:6b:08:7a:
9b:55:b7:56:32:29:8b:b3:9b:6b:94:e2:38:a4:25:
1f:54:de:4f:c0:ca:2f:01:cc:dd:a5:7c:d5:a6:af:
97:51:78:94:34:7d:74:8e:a2:58:74:ab:08:b8:d5:
63:ea:0d:32:f9:50:44:21:84:68:9e:a6:6c:f8:31:
00:66:24:fe:58:42:2e:67:78:16:4c:75:64:33:d5:
43:4c:80:0f:4a:9f:9a:5d:8a:bf:87:f6:b5:db:9c:
1c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F6:79:0B:B1:86:5E:9B:27:0C:85:C5:2B:DC:35:68:0D:71:91:E4
X509v3 Authority Key Identifier:
keyid:E3:A8:98:BA:12:50:C8:98:9C:C7:6D:9F:8B:53:D1:DB:C6:2B:28:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/46iYuhJQyJicx22fi1PR28YrKJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b688da-765c-4481-8eb3-730383211f25/1/KvZ5C7GGXpsnDIXFK9w1aA1xkeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/b688da-765c-4481-8eb3-730383211f25/1/46iYuhJQyJicx22fi1PR28YrKJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.78.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:71:2b:0f:a1:cd:51:0b:a9:30:8e:e6:37:8d:bb:92:79:6e:
2e:79:a9:f0:59:52:84:17:3c:ba:6d:63:e9:f1:50:0c:46:92:
f2:36:db:59:c7:24:68:88:06:75:b8:31:e7:22:ad:d6:36:40:
b4:81:d6:93:62:37:f7:ad:de:d7:e9:d7:e2:91:22:3e:92:c3:
2f:8b:75:a4:4b:a2:63:f1:f5:d4:cb:c9:35:ff:27:b8:96:09:
1f:7f:74:3c:45:82:d9:86:ef:81:2c:10:1e:18:e6:59:33:ea:
ad:2e:e5:bf:64:09:41:2a:31:e8:43:3f:d9:fa:b3:ef:3c:19:
64:ee:72:e4:c8:4c:f7:ef:0e:c6:32:61:62:25:1f:64:5b:c8:
dc:ac:19:ea:cd:62:c8:e2:a3:1a:e9:b2:26:b3:74:1e:d7:ea:
e6:79:a3:29:53:64:92:26:d7:47:f0:0f:51:96:9e:de:22:fd:
12:f8:8e:e7:67:95:25:f9:31:75:69:38:20:6b:2c:93:81:e1:
4a:86:43:4b:29:81:dd:04:00:6e:43:a2:bd:71:5a:73:1c:6f:
c5:ae:78:2d:89:89:8e:6f:87:29:e9:f0:27:ac:12:ea:83:39:
fe:f7:f5:33:f7:74:f9:a0:2e:20:64:75:0e:60:8f:23:69:5b:
44:14:bb:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfLbsgCmChDqSJz2d3DrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYTg5OGJhMTI1MGM4OTg5Y2M3NmQ5ZjhiNTNkMWRiYzYy
YjI4OTAwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWY2NzkwYmIxODY1ZTliMjcwYzg1YzUyYmRjMzU2ODBkNzE5MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+EhtsYTP82RqatcNghvPlFUA4Ir
36flN5dUAw5C8OzRdis/UAkHDihAg2fy9iDIPfli3tiLYvaUv+cjKqqTOJ05CzVo
s88HOg2ytcpXDTApUxlbCRxDb6FTzRWOmOmPQ+avQcd93AhUKqEiL6rVPLgiVgVx
nNymlFET6beVWy2y4DbjamkJqB6EdWgPdBoe/RGO6h74j6AsF5/gJNOkdIxrCHqb
VbdWMimLs5trlOI4pCUfVN5PwMovAczdpXzVpq+XUXiUNH10jqJYdKsIuNVj6g0y
+VBEIYRonqZs+DEAZiT+WEIuZ3gWTHVkM9VDTIAPSp+aXYq/h/a125wcUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCr2eQuxhl6bJwyFxSvcNWgNcZHkMB8GA1UdIwQY
MBaAFOOomLoSUMiYnMdtn4tT0dvGKyiQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDZpWXVoSlF5SmljeDIyZmkxUFIyOFlyS0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9iNjg4ZGEtNzY1Yy00NDgxLThlYjMt
NzMwMzgzMjExZjI1LzEvS3ZaNUM3R0dYcHNuRElYRks5dzFhQTF4a2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9iNjg4ZGEtNzY1Yy00NDgxLThlYjMtNzMwMzgzMjExZjI1
LzEvNDZpWXVoSlF5SmljeDIyZmkxUFIyOFlyS0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwclOMA0G
CSqGSIb3DQEBCwUAA4IBAQCtcSsPoc1RC6kwjuY3jbuSeW4ueanwWVKEFzy6bWPp
8VAMRpLyNttZxyRoiAZ1uDHnIq3WNkC0gdaTYjf3rd7X6dfikSI+ksMvi3WkS6Jj
8fXUy8k1/ye4lgkff3Q8RYLZhu+BLBAeGOZZM+qtLuW/ZAlBKjHoQz/Z+rPvPBlk
7nLkyEz37w7GMmFiJR9kW8jcrBnqzWLI4qMa6bIms3Qe1+rmeaMpU2SSJtdH8A9R
lp7eIv0S+I7nZ5Ul+TF1aTggayyTgeFKhkNLKYHdBABuQ6K9cVpzHG/FrngtiYmO
b4cp6fAnrBLqgzn+9/Uz93T5oC4gZHUOYI8jaVtEFLv5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:30 2025 by rpki-client