Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/ABxcMy4ZlglTJYdvWdNp2lc4f0A.roa
File: ABxcMy4ZlglTJYdvWdNp2lc4f0A.roa (raw, json)
Hash identifier: YNOaZ2ZQWWRATS91YaJ8h3jq1Zety5FmamFLfvg0odo=
Subject key identifier: 00:1C:5C:33:2E:19:96:09:53:25:87:6F:59:D3:69:DA:57:38:7F:40
Certificate issuer: /CN=63495a4cecbeafb3eadf6ed0349bb0b96da464ee
Certificate serial: 0193F32FA1F83C7DEEEDF5A25B69DA770F6E
Authority key identifier: 63:49:5A:4C:EC:BE:AF:B3:EA:DF:6E:D0:34:9B:B0:B9:6D:A4:64:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y0laTOy-r7Pq327QNJuwuW2kZO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/ABxcMy4ZlglTJYdvWdNp2lc4f0A.roa
Signing time: Mon 23 Dec 2024 11:03:25 +0000
ROA not before: Mon 23 Dec 2024 11:03:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8468
IP address blocks: 178.16.224.0/22 maxlen: 22
178.16.228.0/24 maxlen: 24
178.16.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Dec 2024 13:41:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:2f:a1:f8:3c:7d:ee:ed:f5:a2:5b:69:da:77:0f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63495a4cecbeafb3eadf6ed0349bb0b96da464ee
Validity
Not Before: Dec 23 11:03:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=001c5c332e1996095325876f59d369da57387f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ed:b4:bb:63:ae:ae:ee:74:4f:28:8d:0b:29:
8d:53:83:0e:73:21:a1:84:c0:8c:ca:11:48:8d:50:
8b:71:37:50:e0:c1:3c:c6:b3:8b:ee:70:c9:c7:c4:
15:5a:92:42:24:34:9a:77:ff:b4:29:60:19:42:aa:
28:21:7b:18:81:a5:47:b5:c8:28:b4:01:0a:89:60:
d7:4a:ac:3f:07:7e:70:30:ec:5c:92:af:27:ba:68:
1a:1f:38:43:0c:54:63:3f:92:5f:84:6d:bb:d1:8d:
1d:6a:c0:47:86:8f:46:31:38:21:de:10:9c:d7:eb:
32:0f:96:be:53:d0:cd:b2:19:20:7e:b5:49:64:c0:
ca:1f:2e:31:a8:2d:46:06:45:a2:7a:73:b3:a3:bd:
9a:52:cd:94:5f:01:e6:31:62:77:a1:db:85:4a:84:
78:4a:66:86:ff:fe:97:ce:2f:ff:fb:f3:d2:1b:b1:
33:c6:47:fa:f3:e8:f4:c5:8f:8c:e5:17:af:a1:7d:
55:db:4a:5c:28:f0:af:ab:69:c3:ae:dd:49:aa:74:
57:a3:9e:85:43:c6:f0:b4:e9:28:07:97:62:8c:b5:
f5:02:ee:59:be:dc:61:38:43:0e:1e:69:a7:06:be:
6f:ed:77:bf:60:c2:16:4a:2a:46:88:b5:f9:90:0a:
03:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:1C:5C:33:2E:19:96:09:53:25:87:6F:59:D3:69:DA:57:38:7F:40
X509v3 Authority Key Identifier:
keyid:63:49:5A:4C:EC:BE:AF:B3:EA:DF:6E:D0:34:9B:B0:B9:6D:A4:64:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y0laTOy-r7Pq327QNJuwuW2kZO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/ABxcMy4ZlglTJYdvWdNp2lc4f0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1fde18-2873-4fe0-869c-3820f7ee2cb8/1/Y0laTOy-r7Pq327QNJuwuW2kZO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.224.0-178.16.228.255
178.16.237.0/24
Signature Algorithm: sha256WithRSAEncryption
84:62:23:5e:ae:70:9a:de:4d:bc:db:11:20:a7:c5:b6:5c:4f:
28:07:a2:ac:29:10:0c:f5:70:0a:52:b4:f1:de:f4:b8:2f:31:
aa:eb:0e:85:b1:16:80:b0:77:88:60:64:2d:d7:7e:b7:e5:26:
3c:e7:ee:eb:fe:a2:38:f6:93:75:04:76:73:f7:61:0c:c2:62:
6e:d3:d3:87:6f:09:6f:9a:09:be:61:99:d5:cb:ce:81:d7:e7:
de:42:f5:7e:ce:ce:1f:48:4e:ae:24:03:02:7c:1e:21:e6:7b:
da:e4:2c:84:12:d2:4e:49:f8:77:32:4c:bd:0b:eb:c8:9b:98:
7d:67:3e:59:df:bc:8d:71:56:40:d5:1b:13:ad:61:e5:a5:b5:
7e:66:6b:d6:2a:2e:41:32:e7:55:7e:01:ca:a2:1f:f5:c4:a0:
88:14:7f:eb:11:a3:54:2a:e3:6b:b0:0b:65:79:17:75:54:73:
d6:19:7e:aa:be:f5:52:f6:f3:5d:b3:03:58:bd:65:a9:5a:15:
fa:8d:62:a3:4b:d2:92:39:d4:a3:d4:f2:44:7d:23:fb:59:db:
af:c3:77:a7:2b:25:06:3b:e7:44:81:51:57:ae:d3:8d:89:15:
2a:d0:1d:52:50:a3:8b:f8:b7:ad:af:ba:94:68:36:5d:ae:fe:
49:c0:9a:2c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZPzL6H4PH3u7fWiW2nadw9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNDk1YTRjZWNiZWFmYjNlYWRmNmVkMDM0OWJiMGI5NmRh
NDY0ZWUwHhcNMjQxMjIzMTEwMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDFjNWMzMzJlMTk5NjA5NTMyNTg3NmY1OWQzNjlkYTU3Mzg3ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO20u2Ouru50TyiNCymNU4MOcyGh
hMCMyhFIjVCLcTdQ4ME8xrOL7nDJx8QVWpJCJDSad/+0KWAZQqooIXsYgaVHtcgo
tAEKiWDXSqw/B35wMOxckq8numgaHzhDDFRjP5JfhG270Y0dasBHho9GMTgh3hCc
1+syD5a+U9DNshkgfrVJZMDKHy4xqC1GBkWienOzo72aUs2UXwHmMWJ3oduFSoR4
SmaG//6Xzi//+/PSG7Ezxkf68+j0xY+M5RevoX1V20pcKPCvq2nDrt1JqnRXo56F
Q8bwtOkoB5dijLX1Au5ZvtxhOEMOHmmnBr5v7Xe/YMIWSipGiLX5kAoDoQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAAcXDMuGZYJUyWHb1nTadpXOH9AMB8GA1UdIwQY
MBaAFGNJWkzsvq+z6t9u0DSbsLltpGTuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTBsYVRPeS1yN1BxMzI3UU5KdXd1VzJrWk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xZmRlMTgtMjg3My00ZmUwLTg2OWMt
MzgyMGY3ZWUyY2I4LzEvQUJ4Y015NFpsZ2xUSllkdldkTnAybGM0ZjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xZmRlMTgtMjg3My00ZmUwLTg2OWMtMzgyMGY3ZWUyY2I4
LzEvWTBsYVRPeS1yN1BxMzI3UU5KdXd1VzJrWk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAWyEOAD
BACyEOQDBACyEO0wDQYJKoZIhvcNAQELBQADggEBAIRiI16ucJreTbzbESCnxbZc
TygHoqwpEAz1cApStPHe9LgvMarrDoWxFoCwd4hgZC3XfrflJjzn7uv+ojj2k3UE
dnP3YQzCYm7T04dvCW+aCb5hmdXLzoHX595C9X7Ozh9ITq4kAwJ8HiHme9rkLIQS
0k5J+HcyTL0L68ibmH1nPlnfvI1xVkDVGxOtYeWltX5ma9YqLkEy51V+AcqiH/XE
oIgUf+sRo1Qq42uwC2V5F3VUc9YZfqq+9VL2812zA1i9ZalaFfqNYqNL0pI51KPU
8kR9I/tZ26/Dd6crJQY750SBUVeu042JFSrQHVJQo4v4t62vupRoNl2u/knAmiw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:43:41 2025 by rpki-client