Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/xEZeniWQi8765YoAGEVq93k1288.roa
File: xEZeniWQi8765YoAGEVq93k1288.roa (raw, json)
Hash identifier: Q8stxpKSBWO62FUiSUP1RDJB+gxx6clqMNWdAJc1cNk=
Subject key identifier: C4:46:5E:9E:25:90:8B:CE:FA:E5:8A:00:18:45:6A:F7:79:35:DB:CF
Certificate issuer: /CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Certificate serial: 018BD77F79E72AC989C71D66EEB71C30D689
Authority key identifier: 0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/xEZeniWQi8765YoAGEVq93k1288.roa
Signing time: Thu 16 Nov 2023 09:38:57 +0000
ROA not before: Thu 16 Nov 2023 09:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5391
IP address blocks: 195.29.0.0/16 maxlen: 18
78.0.0.0/16 maxlen: 16
78.1.0.0/16 maxlen: 16
93.137.0.0/16 maxlen: 18
Validation: Failed, certificate revoked on Mon 20 Nov 2023 12:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:7f:79:e7:2a:c9:89:c7:1d:66:ee:b7:1c:30:d6:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Validity
Not Before: Nov 16 09:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4465e9e25908bcefae58a0018456af77935dbcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:86:61:aa:83:f5:87:4b:46:c8:75:92:d3:ff:
1c:c6:3e:bb:78:c9:12:5d:03:3d:9f:42:d8:13:d1:
dc:4e:1b:55:6f:10:fa:e1:0a:c7:99:d8:b6:c1:6c:
9f:46:8d:03:34:2f:02:07:be:b6:9d:b5:69:d4:df:
81:69:77:4f:5b:8e:8c:d2:64:29:c9:1f:ad:be:76:
17:df:44:f5:71:73:59:10:9c:51:39:ee:c4:05:e5:
84:17:1a:50:b3:a2:bd:9d:c2:f2:35:ab:9e:7a:c4:
d3:9a:70:7d:e8:d3:42:2e:de:1f:83:7c:41:c2:d6:
ba:3b:34:62:44:3f:6d:82:c3:d4:df:34:47:98:df:
52:a2:b2:6a:f5:5b:d3:0b:56:b5:a8:ae:6a:c0:fa:
4d:00:a9:f3:71:7c:af:a9:26:c0:36:ad:cd:0f:ae:
66:7b:25:08:ff:8b:a7:c1:c9:27:0d:aa:6f:b6:24:
a1:86:7e:02:6a:25:a0:5e:aa:e4:a4:a4:70:6d:04:
2a:cb:fa:b0:f9:6a:80:53:38:c9:33:a1:c6:d0:d9:
23:28:22:ae:51:18:69:a7:4f:ce:fd:55:4f:dc:87:
a4:8b:08:69:20:dd:1b:21:4f:fa:d0:63:16:70:24:
7a:3d:58:9d:ab:a3:ad:97:6f:6a:e5:ad:d8:f7:bc:
69:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:46:5E:9E:25:90:8B:CE:FA:E5:8A:00:18:45:6A:F7:79:35:DB:CF
X509v3 Authority Key Identifier:
keyid:0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/xEZeniWQi8765YoAGEVq93k1288.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.0.0.0/15
93.137.0.0/16
195.29.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:71:ec:64:e1:7e:80:bb:96:89:77:4e:97:1b:e5:55:c5:94:
2f:96:ce:3f:f3:f0:89:b9:2f:60:1e:21:1e:51:8e:a0:b7:14:
5f:f0:f0:7b:96:f3:9d:92:61:da:4f:6b:a8:ae:9a:9b:94:97:
25:e5:f6:11:72:ef:7c:e0:a1:55:ef:10:cd:b2:a3:aa:a6:42:
40:9f:d0:6f:a5:ec:eb:0f:99:16:19:56:ac:6f:4e:7c:78:16:
aa:58:ac:c9:12:13:1d:47:d4:c8:1c:ba:9b:31:fd:cb:e1:e1:
5c:36:14:29:70:89:2a:4e:d5:53:e8:0e:16:e2:a6:dc:bc:c5:
39:37:13:1a:16:7b:d2:5e:c3:62:76:ba:5a:b1:3c:37:27:2f:
69:f3:45:cf:15:a2:8d:28:fe:b2:1f:27:65:40:32:af:8d:58:
b2:cf:14:47:b1:35:70:98:80:fa:36:79:96:2f:65:56:24:2a:
b3:40:fe:12:db:5f:c4:98:82:db:44:9c:a3:0f:9d:88:1a:09:
ae:ec:47:dc:21:4b:49:9e:da:cb:82:9e:b8:c4:6b:4d:2e:de:
09:b9:f0:f9:3d:94:ac:89:4a:40:c4:12:a3:0e:76:60:bc:bd:
27:0b:27:31:aa:be:81:1e:8d:36:14:40:fc:8a:97:e8:db:b0:
69:6b:49:10
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYvXf3nnKsmJxx1m7rccMNaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGY0ODcyYWQxYzFmNGZjYjIxM2I2YjJlZGIzODhhMmQ5
YzlhMjMwHhcNMjMxMTE2MDkzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ2NWU5ZTI1OTA4YmNlZmFlNThhMDAxODQ1NmFmNzc5MzVkYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIZhqoP1h0tGyHWS0/8cxj67eMkS
XQM9n0LYE9HcThtVbxD64QrHmdi2wWyfRo0DNC8CB762nbVp1N+BaXdPW46M0mQp
yR+tvnYX30T1cXNZEJxROe7EBeWEFxpQs6K9ncLyNaueesTTmnB96NNCLt4fg3xB
wta6OzRiRD9tgsPU3zRHmN9SorJq9VvTC1a1qK5qwPpNAKnzcXyvqSbANq3ND65m
eyUI/4unwcknDapvtiShhn4CaiWgXqrkpKRwbQQqy/qw+WqAUzjJM6HG0NkjKCKu
URhpp0/O/VVP3IekiwhpIN0bIU/60GMWcCR6PVidq6Otl29q5a3Y97xp2QIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFMRGXp4lkIvO+uWKABhFavd5NdvPMB8GA1UdIwQY
MBaAFA4PSHKtHB9PyyE7ay7bOIotnJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQt
YzAxZjgwYTFjODA1LzEveEVaZW5pV1FpODc2NVlvQUdFVnE5M2sxMjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQtYzAxZjgwYTFjODA1
LzEvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAATAPAwMBTgADAwBd
iQMDAMMdMA0GCSqGSIb3DQEBCwUAA4IBAQBQcexk4X6Au5aJd06XG+VVxZQvls4/
8/CJuS9gHiEeUY6gtxRf8PB7lvOdkmHaT2uorpqblJcl5fYRcu984KFV7xDNsqOq
pkJAn9BvpezrD5kWGVasb058eBaqWKzJEhMdR9TIHLqbMf3L4eFcNhQpcIkqTtVT
6A4W4qbcvMU5NxMaFnvSXsNidrpasTw3Jy9p80XPFaKNKP6yHydlQDKvjViyzxRH
sTVwmID6NnmWL2VWJCqzQP4S21/EmILbRJyjD52IGgmu7EfcIUtJntrLgp64xGtN
Lt4JufD5PZSsiUpAxBKjDnZgvL0nCycxqr6BHo02FED8ipfo27Bpa0kQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:39 2024 by rpki-client on console-ams.rpki-client.org