Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c6e00e-81cd-4c00-aff1-dc8e83e629f2/1/E4aHCt-Zwp--dDxWXQiAS3RRbcc.roa
File: E4aHCt-Zwp--dDxWXQiAS3RRbcc.roa (raw, json)
Hash identifier: x1mwHBIVuwT/bvtpK+lg9y6uMSa34lc+9rZ5uTiMeA8=
Subject key identifier: 13:86:87:0A:DF:99:C2:9F:BE:74:3C:56:5D:08:80:4B:74:51:6D:C7
Certificate issuer: /CN=668da92f99b5407f28a2f36613e849447a93f6b9
Certificate serial: 019423D73D17D03F9097A7470C5A2FBB9312
Authority key identifier: 66:8D:A9:2F:99:B5:40:7F:28:A2:F3:66:13:E8:49:44:7A:93:F6:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo2pL5m1QH8oovNmE-hJRHqT9rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c6e00e-81cd-4c00-aff1-dc8e83e629f2/1/E4aHCt-Zwp--dDxWXQiAS3RRbcc.roa
Signing time: Wed 01 Jan 2025 21:48:15 +0000
ROA not before: Wed 01 Jan 2025 21:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 131.174.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Fri 17 Jan 2025 09:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:3d:17:d0:3f:90:97:a7:47:0c:5a:2f:bb:93:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668da92f99b5407f28a2f36613e849447a93f6b9
Validity
Not Before: Jan 1 21:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1386870adf99c29fbe743c565d08804b74516dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:93:06:4e:d5:ec:39:b9:87:3b:3a:db:be:b2:
e6:6d:09:18:fc:24:dc:d9:4b:a6:11:ad:9b:2a:68:
21:1a:56:fe:8a:56:37:f1:cc:a2:6e:fd:94:a2:7b:
8b:c2:cf:fd:33:35:0b:6d:9e:56:c5:b1:33:9e:c0:
42:26:5c:3d:26:97:dd:59:5c:48:ba:e3:74:f6:37:
7a:fe:86:1f:8e:26:08:97:48:a8:7f:45:db:1d:59:
6b:89:ec:71:ea:5f:60:44:fa:63:ef:a0:f3:da:e5:
e8:79:b7:1e:e9:4a:01:57:2a:08:fb:7e:d6:c2:3b:
74:fc:d7:e9:b0:ae:f2:74:0f:18:d3:ee:05:48:fd:
4f:47:62:df:2a:ec:a1:0d:82:e8:5c:e6:1b:8a:46:
07:55:ff:95:b9:6c:98:0b:14:45:aa:bd:a8:f6:13:
a9:9d:2a:87:93:1c:46:6a:57:f0:68:2c:54:2e:9f:
64:99:bd:68:84:4b:6b:b4:cf:a2:ce:40:d9:b8:79:
5b:63:f5:c4:c7:fc:b9:87:a8:88:dd:3e:aa:96:cd:
4c:96:75:1e:de:a1:ae:55:d9:c5:d0:c7:ee:29:65:
7b:0d:71:b9:6c:ad:2a:aa:5a:5a:74:f7:b4:07:c7:
b1:be:2c:9a:94:7c:94:25:18:59:6d:e3:12:b2:52:
cc:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:86:87:0A:DF:99:C2:9F:BE:74:3C:56:5D:08:80:4B:74:51:6D:C7
X509v3 Authority Key Identifier:
keyid:66:8D:A9:2F:99:B5:40:7F:28:A2:F3:66:13:E8:49:44:7A:93:F6:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo2pL5m1QH8oovNmE-hJRHqT9rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c6e00e-81cd-4c00-aff1-dc8e83e629f2/1/E4aHCt-Zwp--dDxWXQiAS3RRbcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c6e00e-81cd-4c00-aff1-dc8e83e629f2/1/Zo2pL5m1QH8oovNmE-hJRHqT9rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.174.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:6a:8e:fd:32:90:8b:bf:3b:57:b8:45:36:b5:62:bf:c9:85:
92:20:06:33:18:b3:a5:75:db:77:aa:55:cd:29:e0:33:03:5d:
6a:fb:53:57:8e:67:9d:d7:2c:37:02:83:ed:56:f1:d4:72:39:
16:35:c5:cd:ae:0c:94:e8:50:6c:9a:ac:61:17:de:74:bd:59:
7e:cc:7d:1e:68:01:b2:4f:b5:e6:fa:c2:45:ce:f7:42:51:45:
0e:d2:08:34:27:af:03:13:bd:85:37:96:d1:a9:ad:1b:d2:15:
75:bf:8d:b9:95:66:6b:ed:60:d7:d0:fd:83:e6:3d:b4:d3:11:
74:3e:19:09:50:f8:56:44:d9:ba:f2:9b:0d:05:e1:2d:c1:9d:
69:ea:27:7c:17:26:ba:d8:ab:d0:eb:75:ee:f5:e7:78:d2:d8:
91:c1:81:fe:31:a5:ff:27:c0:fb:48:e7:f9:aa:ae:6b:88:2c:
30:4a:e1:7a:f5:fe:7d:0c:84:53:86:18:eb:ce:73:0d:48:08:
f1:eb:a8:cc:c4:dc:b9:1f:23:ef:b1:69:7c:f0:08:5c:d8:f7:
d7:db:16:ae:8f:0a:33:aa:c5:f4:7c:f6:98:30:84:4a:c4:75:
2e:32:75:d6:38:1f:d7:e6:52:cb:41:79:ea:55:36:1a:6c:ab:
fe:47:83:f8
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQj1z0X0D+Ql6dHDFovu5MSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGRhOTJmOTliNTQwN2YyOGEyZjM2NjEzZTg0OTQ0N2E5
M2Y2YjkwHhcNMjUwMTAxMjE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzg2ODcwYWRmOTljMjlmYmU3NDNjNTY1ZDA4ODA0Yjc0NTE2ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JMGTtXsObmHOzrbvrLmbQkY/CTc
2UumEa2bKmghGlb+ilY38cyibv2UonuLws/9MzULbZ5WxbEznsBCJlw9JpfdWVxI
uuN09jd6/oYfjiYIl0iof0XbHVlriexx6l9gRPpj76Dz2uXoebce6UoBVyoI+37W
wjt0/NfpsK7ydA8Y0+4FSP1PR2LfKuyhDYLoXOYbikYHVf+VuWyYCxRFqr2o9hOp
nSqHkxxGalfwaCxULp9kmb1ohEtrtM+izkDZuHlbY/XEx/y5h6iI3T6qls1MlnUe
3qGuVdnF0MfuKWV7DXG5bK0qqlpadPe0B8exviyalHyUJRhZbeMSslLMvQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBOGhwrfmcKfvnQ8Vl0IgEt0UW3HMB8GA1UdIwQY
MBaAFGaNqS+ZtUB/KKLzZhPoSUR6k/a5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8ycEw1bTFRSDhvb3ZObUUtaEpSSHFUOXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNmUwMGUtODFjZC00YzAwLWFmZjEt
ZGM4ZTgzZTYyOWYyLzEvRTRhSEN0LVp3cC0tZER4V1hRaUFTM1JSYmNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNmUwMGUtODFjZC00YzAwLWFmZjEtZGM4ZTgzZTYyOWYy
LzEvWm8ycEw1bTFRSDhvb3ZObUUtaEpSSHFUOXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAg64wDQYJ
KoZIhvcNAQELBQADggEBAChqjv0ykIu/O1e4RTa1Yr/JhZIgBjMYs6V123eqVc0p
4DMDXWr7U1eOZ53XLDcCg+1W8dRyORY1xc2uDJToUGyarGEX3nS9WX7MfR5oAbJP
teb6wkXO90JRRQ7SCDQnrwMTvYU3ltGprRvSFXW/jbmVZmvtYNfQ/YPmPbTTEXQ+
GQlQ+FZE2brymw0F4S3BnWnqJ3wXJrrYq9Drde7153jS2JHBgf4xpf8nwPtI5/mq
rmuILDBK4Xr1/n0MhFOGGOvOcw1ICPHrqMzE3LkfI++xaXzwCFzY99fbFq6PCjOq
xfR89pgwhErEdS4yddY4H9fmUstBeepVNhpsq/5Hg/g=
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:14:13 2025 by rpki-client