Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/Yh0kWFx9jSXrI3ED1SfPBMLVsrw.roa
File: Yh0kWFx9jSXrI3ED1SfPBMLVsrw.roa (raw, json)
Hash identifier: KfUixerpn5x2ppbEWdZCPGVRU/dthmvJdWfvjEY/jWw=
Subject key identifier: 62:1D:24:58:5C:7D:8D:25:EB:23:71:03:D5:27:CF:04:C2:D5:B2:BC
Certificate issuer: /CN=2e3487da65e85e87bdac4f5f6758dc6c20ef9763
Certificate serial: 019422201203EE512BEEF4A626B88ED99761
Authority key identifier: 2E:34:87:DA:65:E8:5E:87:BD:AC:4F:5F:67:58:DC:6C:20:EF:97:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/Yh0kWFx9jSXrI3ED1SfPBMLVsrw.roa
Signing time: Wed 01 Jan 2025 13:48:34 +0000
ROA not before: Wed 01 Jan 2025 13:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60223
IP address blocks: 193.178.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 08:13:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:12:03:ee:51:2b:ee:f4:a6:26:b8:8e:d9:97:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e3487da65e85e87bdac4f5f6758dc6c20ef9763
Validity
Not Before: Jan 1 13:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=621d24585c7d8d25eb237103d527cf04c2d5b2bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:74:54:4a:01:de:8b:1a:63:f4:c0:f1:43:00:
27:7a:7e:23:de:c7:63:ff:b0:5b:a4:0f:97:55:0e:
84:f0:98:46:79:c8:14:0e:2a:c7:d0:da:ab:4d:68:
eb:2d:79:96:3a:70:d7:00:2d:7f:6a:c0:24:d0:25:
2a:69:7f:43:22:f3:89:97:f1:c5:aa:30:b8:29:2a:
89:01:7f:a9:db:9a:58:9c:1f:8f:27:aa:cb:97:13:
7c:5f:67:04:69:40:c9:6d:ae:c4:b2:ec:1d:6a:dd:
26:57:b6:7b:6d:c9:5c:ef:7b:de:73:94:1c:e5:0b:
a7:8f:1b:47:35:fe:df:fa:0b:03:87:ea:d3:79:a7:
ce:34:7c:79:8f:00:dd:96:1f:fc:e1:b8:c6:18:0a:
44:5d:84:ec:24:6d:4d:a6:7e:9c:da:2c:3e:d3:d2:
50:11:15:33:a6:9f:4e:ad:90:ea:75:5b:83:36:04:
86:71:9e:ab:7b:c4:55:b2:ad:72:8c:48:83:e0:91:
ca:46:1a:73:50:21:da:86:d5:e7:44:4d:94:43:10:
1f:15:0e:d6:38:47:fd:d9:ee:90:7d:bf:b2:4c:0a:
35:fb:68:7e:40:96:5b:c4:7f:7b:31:f4:de:0e:89:
ab:0c:61:34:84:e6:fc:a9:e7:b0:e7:d4:53:73:c8:
44:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:1D:24:58:5C:7D:8D:25:EB:23:71:03:D5:27:CF:04:C2:D5:B2:BC
X509v3 Authority Key Identifier:
keyid:2E:34:87:DA:65:E8:5E:87:BD:AC:4F:5F:67:58:DC:6C:20:EF:97:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/Yh0kWFx9jSXrI3ED1SfPBMLVsrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/2fe094-373c-44f6-93e0-d0aecd5d7042/1/LjSH2mXoXoe9rE9fZ1jcbCDvl2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.226.0/24
Signature Algorithm: sha256WithRSAEncryption
77:3d:bd:23:16:a2:54:fd:e9:55:fe:49:7f:a9:92:6e:1f:09:
8a:f9:2e:da:35:a0:d9:cb:c6:28:cd:4e:58:cf:ba:97:70:06:
f9:4e:a1:0c:4b:ec:21:11:c1:8a:74:87:c6:a7:68:ef:ff:2e:
8f:2c:0c:4a:8e:7f:d4:84:44:f5:10:f8:f4:a0:1c:84:e1:f2:
c2:28:f2:f3:87:9c:ab:55:fd:bb:df:0c:b0:57:16:3c:c5:51:
26:85:2c:18:41:4b:e9:e8:89:0e:cd:3e:1f:38:75:69:de:d9:
12:b6:a9:5e:c6:7e:53:8c:40:e5:bd:2c:cf:8d:e4:b5:8a:1b:
40:fe:77:da:5c:fc:76:42:c9:1d:a5:b9:5d:6b:83:59:f8:45:
7c:b9:e5:96:ee:56:ca:c7:95:12:84:b9:68:8a:44:6f:3f:d4:
fe:27:94:e0:28:e7:06:aa:7d:74:a8:c4:ff:35:70:bd:eb:b8:
37:c0:36:8f:ad:cf:3b:a6:64:bf:d1:2d:46:94:d2:91:22:a0:
36:a3:4c:f6:4d:c3:e2:b2:0b:45:02:f7:71:46:d8:57:79:80:
d6:29:09:a7:6f:57:c6:7b:13:ce:65:46:42:51:d8:d7:c7:82:
61:18:50:51:ed:14:7e:a6:1a:9d:bd:eb:d6:84:73:8c:45:34:
95:2b:5a:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBID7lEr7vSmJriO2ZdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzQ4N2RhNjVlODVlODdiZGFjNGY1ZjY3NThkYzZjMjBl
Zjk3NjMwHhcNMjUwMTAxMTM0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjFkMjQ1ODVjN2Q4ZDI1ZWIyMzcxMDNkNTI3Y2YwNGMyZDViMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHRUSgHeixpj9MDxQwAnen4j3sdj
/7BbpA+XVQ6E8JhGecgUDirH0NqrTWjrLXmWOnDXAC1/asAk0CUqaX9DIvOJl/HF
qjC4KSqJAX+p25pYnB+PJ6rLlxN8X2cEaUDJba7Esuwdat0mV7Z7bclc73vec5Qc
5QunjxtHNf7f+gsDh+rTeafONHx5jwDdlh/84bjGGApEXYTsJG1Npn6c2iw+09JQ
ERUzpp9OrZDqdVuDNgSGcZ6re8RVsq1yjEiD4JHKRhpzUCHahtXnRE2UQxAfFQ7W
OEf92e6Qfb+yTAo1+2h+QJZbxH97MfTeDomrDGE0hOb8qeew59RTc8hE4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIdJFhcfY0l6yNxA9UnzwTC1bK8MB8GA1UdIwQY
MBaAFC40h9pl6F6HvaxPX2dY3Gwg75djMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGpTSDJtWG9Yb2U5ckU5ZloxamNiQ0R2bDJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8yZmUwOTQtMzczYy00NGY2LTkzZTAt
ZDBhZWNkNWQ3MDQyLzEvWWgwa1dGeDlqU1hySTNFRDFTZlBCTUxWc3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8yZmUwOTQtMzczYy00NGY2LTkzZTAtZDBhZWNkNWQ3MDQy
LzEvTGpTSDJtWG9Yb2U5ckU5ZloxamNiQ0R2bDJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbLiMA0G
CSqGSIb3DQEBCwUAA4IBAQB3Pb0jFqJU/elV/kl/qZJuHwmK+S7aNaDZy8YozU5Y
z7qXcAb5TqEMS+whEcGKdIfGp2jv/y6PLAxKjn/UhET1EPj0oByE4fLCKPLzh5yr
Vf273wywVxY8xVEmhSwYQUvp6IkOzT4fOHVp3tkStqlexn5TjEDlvSzPjeS1ihtA
/nfaXPx2Qskdpblda4NZ+EV8ueWW7lbKx5UShLloikRvP9T+J5TgKOcGqn10qMT/
NXC967g3wDaPrc87pmS/0S1GlNKRIqA2o0z2TcPisgtFAvdxRthXeYDWKQmnb1fG
exPOZUZCUdjXx4JhGFBR7RR+phqdvevWhHOMRTSVK1oa
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:58 2025 by rpki-client