Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/XcwwkOTUAFIO2B-545lYqyl0I5M.roa
File: XcwwkOTUAFIO2B-545lYqyl0I5M.roa (raw, json)
Hash identifier: s7QtntRCW39o+tTwweZKchJArq3fBUcbkroVpCD4r+A=
Subject key identifier: 5D:CC:30:90:E4:D4:00:52:0E:D8:1F:B9:E3:99:58:AB:29:74:23:93
Certificate issuer: /CN=7e1167886da81524431bbf2efb0572914b686ebc
Certificate serial: 01917F7A3AD4B36E8672F12FBB601FA9BBD1
Authority key identifier: 7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/XcwwkOTUAFIO2B-545lYqyl0I5M.roa
Signing time: Fri 23 Aug 2024 13:43:22 +0000
ROA not before: Fri 23 Aug 2024 13:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 195.160.148.0/24 maxlen: 24
195.160.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 17:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7f:7a:3a:d4:b3:6e:86:72:f1:2f:bb:60:1f:a9:bb:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e1167886da81524431bbf2efb0572914b686ebc
Validity
Not Before: Aug 23 13:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dcc3090e4d400520ed81fb9e39958ab29742393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:c7:9a:72:b7:2c:9f:d0:33:1b:41:5f:69:
ff:05:31:84:24:e1:99:42:8c:80:b2:5c:f3:a4:f9:
82:78:de:d4:0f:52:66:d1:e9:1d:73:f9:d2:42:83:
02:4a:91:ac:5c:ab:a4:8c:08:02:b7:3b:ce:99:1f:
09:54:3c:8b:93:35:28:54:ba:0b:d7:7d:99:f2:4c:
9d:d8:1f:32:1f:6e:f9:87:2b:1e:65:74:71:7a:96:
eb:7b:e5:80:d5:c7:e2:7f:f5:6a:ec:37:fa:03:9d:
d1:05:b3:e7:69:7c:47:70:0f:7e:04:51:f4:5d:7b:
de:95:47:9f:57:9b:55:a9:e1:01:28:d0:a5:62:96:
e8:9a:84:2d:4f:dd:70:3c:66:aa:5b:60:4d:b8:34:
45:01:32:2d:23:05:79:2f:79:82:0a:3d:f5:c9:b5:
40:de:32:07:5a:95:1c:18:d0:6b:20:5d:16:cb:bc:
24:12:26:8b:31:60:fc:20:d3:d1:ee:1f:4a:52:03:
f1:73:c5:bb:76:73:be:34:ce:28:61:a0:b7:47:82:
33:31:97:76:c2:ec:3d:8a:72:bd:18:e3:b6:bb:dc:
bd:c8:5a:2c:1e:2e:f1:03:f9:ac:a6:1b:90:ff:ba:
3b:67:37:30:2e:82:88:ff:0a:73:d0:5b:21:3c:4c:
39:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CC:30:90:E4:D4:00:52:0E:D8:1F:B9:E3:99:58:AB:29:74:23:93
X509v3 Authority Key Identifier:
keyid:7E:11:67:88:6D:A8:15:24:43:1B:BF:2E:FB:05:72:91:4B:68:6E:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhFniG2oFSRDG78u-wVykUtobrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/XcwwkOTUAFIO2B-545lYqyl0I5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f92cd7-646c-441b-ae46-9b282c643256/1/fhFniG2oFSRDG78u-wVykUtobrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.148.0/23
Signature Algorithm: sha256WithRSAEncryption
44:0b:8c:bf:4b:b2:ba:22:9b:0d:49:1a:d8:f7:9d:34:bf:28:
7c:bc:eb:0b:17:d4:06:65:a4:03:a0:99:4b:8f:86:55:e1:4f:
b8:0a:16:1b:7f:85:53:a3:8d:3d:a9:7d:3d:35:d1:45:ac:d2:
b0:7a:09:9b:e4:47:7a:29:e6:32:5d:d0:84:c1:06:bc:2b:55:
03:f0:d9:09:ba:07:73:24:4d:45:61:96:09:b4:c2:29:11:71:
82:c5:fa:6b:54:d1:3a:63:d0:7e:8a:8c:e6:53:31:2a:58:0b:
3e:72:ba:01:75:18:60:35:49:8e:bb:2e:ad:a8:31:a5:e4:30:
b4:21:d3:59:65:77:e4:ca:25:cc:be:c1:d3:ca:7f:3e:7a:30:
ee:3b:1b:20:04:3d:5b:95:1a:fd:84:67:ae:e6:26:92:c3:b3:
80:33:04:4d:26:c6:57:d5:bd:e6:f4:96:f0:45:54:68:0d:72:
e8:c6:92:29:47:d9:75:60:30:e5:e2:fd:cc:eb:98:17:65:52:
72:b7:d9:09:1e:e5:a3:95:51:84:e9:fe:5d:fa:2d:31:54:d3:
40:89:df:79:aa:26:3a:79:b6:45:19:16:24:ae:1d:19:bd:92:
bc:ab:87:bf:18:58:44:50:5f:cb:40:25:ee:a7:d5:f0:0e:03:
87:88:52:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZF/ejrUs26GcvEvu2AfqbvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMTE2Nzg4NmRhODE1MjQ0MzFiYmYyZWZiMDU3MjkxNGI2
ODZlYmMwHhcNMjQwODIzMTM0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNjMzA5MGU0ZDQwMDUyMGVkODFmYjllMzk5NThhYjI5NzQyMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJvHmnK3LJ/QMxtBX2n/BTGEJOGZ
QoyAslzzpPmCeN7UD1Jm0ekdc/nSQoMCSpGsXKukjAgCtzvOmR8JVDyLkzUoVLoL
132Z8kyd2B8yH275hyseZXRxepbre+WA1cfif/Vq7Df6A53RBbPnaXxHcA9+BFH0
XXvelUefV5tVqeEBKNClYpbomoQtT91wPGaqW2BNuDRFATItIwV5L3mCCj31ybVA
3jIHWpUcGNBrIF0Wy7wkEiaLMWD8INPR7h9KUgPxc8W7dnO+NM4oYaC3R4IzMZd2
wuw9inK9GOO2u9y9yFosHi7xA/msphuQ/7o7ZzcwLoKI/wpz0FshPEw5/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3MMJDk1ABSDtgfueOZWKspdCOTMB8GA1UdIwQY
MBaAFH4RZ4htqBUkQxu/LvsFcpFLaG68MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYt
OWIyODJjNjQzMjU2LzEvWGN3d2tPVFVBRklPMkItNTQ1bFlxeWwwSTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mOTJjZDctNjQ2Yy00NDFiLWFlNDYtOWIyODJjNjQzMjU2
LzEvZmhGbmlHMm9GU1JERzc4dS13VnlrVXRvYnJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw6CUMA0G
CSqGSIb3DQEBCwUAA4IBAQBEC4y/S7K6IpsNSRrY9500vyh8vOsLF9QGZaQDoJlL
j4ZV4U+4ChYbf4VTo409qX09NdFFrNKwegmb5Ed6KeYyXdCEwQa8K1UD8NkJugdz
JE1FYZYJtMIpEXGCxfprVNE6Y9B+iozmUzEqWAs+croBdRhgNUmOuy6tqDGl5DC0
IdNZZXfkyiXMvsHTyn8+ejDuOxsgBD1blRr9hGeu5iaSw7OAMwRNJsZX1b3m9Jbw
RVRoDXLoxpIpR9l1YDDl4v3M65gXZVJyt9kJHuWjlVGE6f5d+i0xVNNAid95qiY6
ebZFGRYkrh0ZvZK8q4e/GFhEUF/LQCXup9XwDgOHiFJ9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:01 2025 by rpki-client