Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/XAqDuGuOTA7tU9s3iY9J1nGsoho.roa
File: XAqDuGuOTA7tU9s3iY9J1nGsoho.roa (raw, json)
Hash identifier: ESnk8Rmas5CZRN2qziYkGoIbuOn4XKeQ5yq5um7AjvA=
Subject key identifier: 5C:0A:83:B8:6B:8E:4C:0E:ED:53:DB:37:89:8F:49:D6:71:AC:A2:1A
Certificate issuer: /CN=43c16595966afb0bacf1d7937f245d6a052221a3
Certificate serial: 0191F66B3D344E222564A55C0E1609DC8010
Authority key identifier: 43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/XAqDuGuOTA7tU9s3iY9J1nGsoho.roa
Signing time: Sun 15 Sep 2024 16:01:48 +0000
ROA not before: Sun 15 Sep 2024 16:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210164
IP address blocks: 194.50.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f6:6b:3d:34:4e:22:25:64:a5:5c:0e:16:09:dc:80:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43c16595966afb0bacf1d7937f245d6a052221a3
Validity
Not Before: Sep 15 16:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c0a83b86b8e4c0eed53db37898f49d671aca21a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:20:ab:93:3a:48:bb:6c:a3:62:6d:59:0e:
fe:7f:db:1f:1c:e1:c4:e0:8c:cc:db:ef:7b:91:f3:
b3:e6:ec:b8:b0:d5:f5:0f:37:9a:52:08:08:b3:96:
82:bb:96:31:83:7a:a9:40:86:bb:c1:93:01:62:17:
cd:3c:3c:05:a0:86:8a:c3:8a:b2:ad:0e:19:1a:c1:
28:32:8b:13:a1:bb:9c:2f:40:d0:cf:ae:a4:26:be:
2a:6e:1e:1f:36:52:cd:b3:96:97:f9:36:fb:6a:57:
5d:8e:c2:b8:67:bf:93:d1:65:97:e9:ce:fc:3f:4e:
0c:c5:cf:c4:d8:e9:e4:99:3a:09:07:82:70:03:b9:
42:ac:fe:b2:74:0f:a1:9e:b6:70:63:e9:d7:f3:1e:
ef:59:02:08:19:2e:27:10:d1:a3:5e:bc:d4:2e:41:
b0:1a:d6:44:08:fb:c1:0e:9a:fb:1e:e8:2a:9f:2d:
71:65:14:09:b2:72:33:d6:75:92:9a:20:ec:0e:3c:
36:ab:78:ff:1d:db:bb:c7:c2:b4:a8:de:06:59:c8:
f6:b3:5a:c4:c0:ef:fd:2c:b5:32:43:17:55:a4:78:
1e:8b:8e:f8:2e:40:b3:e7:1e:4c:32:98:c4:d4:1b:
d1:44:91:82:0f:ab:ef:ad:ae:bd:fe:a9:23:21:e2:
07:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0A:83:B8:6B:8E:4C:0E:ED:53:DB:37:89:8F:49:D6:71:AC:A2:1A
X509v3 Authority Key Identifier:
keyid:43:C1:65:95:96:6A:FB:0B:AC:F1:D7:93:7F:24:5D:6A:05:22:21:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q8FllZZq-wus8deTfyRdagUiIaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/XAqDuGuOTA7tU9s3iY9J1nGsoho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d92919-962b-448d-98db-5990ea58e030/1/Q8FllZZq-wus8deTfyRdagUiIaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.197.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:88:cd:ae:11:5f:1c:44:49:68:cd:af:91:4f:33:5b:1e:d0:
42:d6:57:8a:3b:2b:d0:3a:64:22:48:a5:73:01:56:95:2a:1d:
ca:89:be:94:2b:bb:59:30:68:b0:fd:4f:eb:98:3c:08:20:d6:
df:d6:37:3b:78:38:4c:75:20:0f:73:35:e1:b9:56:d5:9e:bc:
53:bd:c5:d8:c8:e8:ed:b6:7e:2c:8c:ae:4a:c7:50:63:d9:18:
ac:c4:a9:63:f9:c5:1f:54:b8:f8:4e:73:45:3e:81:5e:56:63:
c9:9a:97:ea:dd:5e:7b:2e:8e:ed:d7:ee:07:43:60:22:61:57:
08:0a:f8:5c:49:dd:92:e4:a4:a0:8a:d1:53:10:66:c0:b3:e7:
f9:6d:95:9b:72:d1:d6:0b:4b:9e:00:6c:27:12:21:cd:c1:01:
a9:a9:18:91:e3:bc:a6:68:7d:7a:a5:58:ba:10:6f:69:8a:77:
6f:51:c4:e3:e8:32:0d:ce:cd:5c:59:c4:29:2c:a5:bb:b7:4b:
3c:13:2e:46:41:9f:84:60:1b:21:90:4b:f5:18:51:60:4f:cc:
31:58:bc:79:fc:41:7b:3d:0d:8c:de:9e:38:0a:ec:bf:45:86:
82:a0:01:b3:9a:72:4c:0c:9f:6e:a1:4f:af:5f:ae:f9:16:a2:
f4:10:ab:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZH2az00TiIlZKVcDhYJ3IAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzYzE2NTk1OTY2YWZiMGJhY2YxZDc5MzdmMjQ1ZDZhMDUy
MjIxYTMwHhcNMjQwOTE1MTYwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBhODNiODZiOGU0YzBlZWQ1M2RiMzc4OThmNDlkNjcxYWNhMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkggq5M6SLtso2JtWQ7+f9sfHOHE
4IzM2+97kfOz5uy4sNX1DzeaUggIs5aCu5Yxg3qpQIa7wZMBYhfNPDwFoIaKw4qy
rQ4ZGsEoMosTobucL0DQz66kJr4qbh4fNlLNs5aX+Tb7alddjsK4Z7+T0WWX6c78
P04Mxc/E2OnkmToJB4JwA7lCrP6ydA+hnrZwY+nX8x7vWQIIGS4nENGjXrzULkGw
GtZECPvBDpr7Hugqny1xZRQJsnIz1nWSmiDsDjw2q3j/Hdu7x8K0qN4GWcj2s1rE
wO/9LLUyQxdVpHgei474LkCz5x5MMpjE1BvRRJGCD6vvra69/qkjIeIHEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwKg7hrjkwO7VPbN4mPSdZxrKIaMB8GA1UdIwQY
MBaAFEPBZZWWavsLrPHXk38kXWoFIiGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGIt
NTk5MGVhNThlMDMwLzEvWEFxRHVHdU9UQTd0VTlzM2lZOUoxbkdzb2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kOTI5MTktOTYyYi00NDhkLTk4ZGItNTk5MGVhNThlMDMw
LzEvUThGbGxaWnEtd3VzOGRlVGZ5UmRhZ1VpSWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjLFMA0G
CSqGSIb3DQEBCwUAA4IBAQAuiM2uEV8cREloza+RTzNbHtBC1leKOyvQOmQiSKVz
AVaVKh3Kib6UK7tZMGiw/U/rmDwIINbf1jc7eDhMdSAPczXhuVbVnrxTvcXYyOjt
tn4sjK5Kx1Bj2RisxKlj+cUfVLj4TnNFPoFeVmPJmpfq3V57Lo7t1+4HQ2AiYVcI
CvhcSd2S5KSgitFTEGbAs+f5bZWbctHWC0ueAGwnEiHNwQGpqRiR47ymaH16pVi6
EG9pindvUcTj6DINzs1cWcQpLKW7t0s8Ey5GQZ+EYBshkEv1GFFgT8wxWLx5/EF7
PQ2M3p44Cuy/RYaCoAGzmnJMDJ9uoU+vX675FqL0EKvv
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:01:54 2025 by rpki-client