Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/ECqMs6VIPHUv8R9W46V90uzXyO0.roa
File: ECqMs6VIPHUv8R9W46V90uzXyO0.roa (raw, json)
Hash identifier: ei0hr+LEmmO16gf+boVgIH5V2Wh28bMvS9lNBGVj4gA=
Subject key identifier: 10:2A:8C:B3:A5:48:3C:75:2F:F1:1F:56:E3:A5:7D:D2:EC:D7:C8:ED
Certificate issuer: /CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd
Certificate serial: 018CC79427CC75C89FE6CEA01EC9A297FB1D
Authority key identifier: B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/ECqMs6VIPHUv8R9W46V90uzXyO0.roa
Signing time: Tue 02 Jan 2024 00:30:24 +0000
ROA not before: Tue 02 Jan 2024 00:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29316
IP address blocks: 195.137.198.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:27:cc:75:c8:9f:e6:ce:a0:1e:c9:a2:97:fb:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd
Validity
Not Before: Jan 2 00:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=102a8cb3a5483c752ff11f56e3a57dd2ecd7c8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d0:33:76:32:7f:74:50:a4:9a:8e:db:d3:f7:
cd:da:b4:38:3b:03:c2:5d:0a:f5:ca:11:ff:c8:3a:
b0:f9:8d:e2:b1:be:16:97:16:b9:e5:31:f1:df:17:
53:74:35:b5:9b:f8:ae:89:12:e5:1f:f0:f3:57:6a:
a5:8a:1f:39:a6:71:52:00:be:e5:44:98:d5:c2:60:
0a:1e:bd:e5:fc:cf:ea:fb:e8:c7:2b:12:52:cf:65:
81:72:fa:70:76:c6:f2:87:08:88:c4:e7:f4:ee:87:
9b:8d:15:49:c5:e1:52:7c:a8:d5:f8:89:d5:09:fd:
e1:8d:8a:ab:13:09:ae:6a:0e:3c:3a:a9:9b:0a:65:
20:3b:e8:03:13:7e:35:b2:fd:9c:39:17:ba:6b:6f:
d6:4c:1e:1c:29:69:f5:25:8b:1f:21:1b:18:82:35:
18:50:5c:3a:70:e2:d3:9a:66:65:75:1c:35:b9:8e:
0c:dd:93:cf:29:c8:bb:5c:b1:33:69:80:b5:e3:d6:
12:4b:cc:c7:02:98:dd:fe:bb:7c:ee:b1:14:d9:56:
25:05:5b:45:58:8c:2e:c4:7f:ad:cf:2c:a1:19:8a:
4b:65:93:cd:98:67:a8:2a:aa:11:b2:1c:18:ba:86:
fa:91:5c:cb:04:0c:de:40:75:b7:e4:5c:02:ba:68:
fc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:2A:8C:B3:A5:48:3C:75:2F:F1:1F:56:E3:A5:7D:D2:EC:D7:C8:ED
X509v3 Authority Key Identifier:
keyid:B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/ECqMs6VIPHUv8R9W46V90uzXyO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.198.0/23
Signature Algorithm: sha256WithRSAEncryption
74:73:32:40:46:c6:dd:70:32:90:04:4e:c5:3c:af:f6:ea:e0:
96:a6:06:cb:ec:e8:35:87:b9:3d:f8:3c:21:72:85:9e:d3:70:
23:4a:10:5b:68:63:3c:7e:0e:c3:94:81:b6:eb:5b:5b:11:89:
a3:e6:0c:e4:6a:55:bc:36:d8:b4:a1:5f:01:df:0e:fb:24:2a:
50:4b:fb:54:25:82:a0:51:fc:bd:10:86:bd:d8:49:42:bb:7b:
df:4e:29:74:9c:60:0f:f9:8a:41:1d:fe:ab:3f:d8:16:86:dd:
5b:97:de:7a:42:ae:f2:f2:c8:f4:0c:9a:3e:d3:a9:90:00:ad:
0d:5d:74:d4:4b:59:87:53:c8:8b:d5:4a:f7:c6:7e:1b:06:f8:
68:6c:b1:2f:85:4b:f4:f9:53:02:f4:e3:d2:57:d0:e9:b8:6c:
6a:1e:b8:2b:a9:36:bc:33:0b:b7:b2:86:48:65:b0:9a:73:8e:
ca:a4:63:df:d0:05:bf:55:54:a8:d5:78:17:6d:71:6f:7f:1f:
5d:b7:6a:1b:17:2f:58:51:bf:68:dc:c6:3f:56:3d:ca:cc:d6:
a4:89:ba:12:dd:e8:82:c4:25:2d:3d:d5:5f:7b:2e:f0:e9:a5:
99:df:b0:b8:33:c2:6a:33:fc:b0:d5:6e:61:6f:df:cc:55:44:
68:7d:22:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlCfMdcif5s6gHsmil/sdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ODE3NzYyZDlmYzhmMTFiMDFjZjUyMzRiNmU0MzFjZmJl
YzFiY2QwHhcNMjQwMTAyMDAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDJhOGNiM2E1NDgzYzc1MmZmMTFmNTZlM2E1N2RkMmVjZDdjOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndAzdjJ/dFCkmo7b0/fN2rQ4OwPC
XQr1yhH/yDqw+Y3isb4Wlxa55THx3xdTdDW1m/iuiRLlH/DzV2qlih85pnFSAL7l
RJjVwmAKHr3l/M/q++jHKxJSz2WBcvpwdsbyhwiIxOf07oebjRVJxeFSfKjV+InV
Cf3hjYqrEwmuag48OqmbCmUgO+gDE341sv2cORe6a2/WTB4cKWn1JYsfIRsYgjUY
UFw6cOLTmmZldRw1uY4M3ZPPKci7XLEzaYC149YSS8zHApjd/rt87rEU2VYlBVtF
WIwuxH+tzyyhGYpLZZPNmGeoKqoRshwYuob6kVzLBAzeQHW35FwCumj8uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBAqjLOlSDx1L/EfVuOlfdLs18jtMB8GA1UdIwQY
MBaAFLaBd2LZ/I8RsBz1I0tuQxz77BvNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQt
ZDNmMjY1YWQ1MTRmLzEvRUNxTXM2VklQSFV2OFI5VzQ2VjkwdXpYeU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQtZDNmMjY1YWQ1MTRm
LzEvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4nGMA0G
CSqGSIb3DQEBCwUAA4IBAQB0czJARsbdcDKQBE7FPK/26uCWpgbL7Og1h7k9+Dwh
coWe03AjShBbaGM8fg7DlIG261tbEYmj5gzkalW8Nti0oV8B3w77JCpQS/tUJYKg
Ufy9EIa92ElCu3vfTil0nGAP+YpBHf6rP9gWht1bl956Qq7y8sj0DJo+06mQAK0N
XXTUS1mHU8iL1Ur3xn4bBvhobLEvhUv0+VMC9OPSV9DpuGxqHrgrqTa8Mwu3soZI
ZbCac47KpGPf0AW/VVSo1XgXbXFvfx9dt2obFy9YUb9o3MY/Vj3KzNakiboS3eiC
xCUtPdVfey7w6aWZ37C4M8JqM/yw1W5hb9/MVURofSJ/
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:39 2025 by rpki-client