Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0eecef-ae8f-4bf9-ab5e-524764a40e22/1/FXdw4LEvQK5WmNB-mzxF9hqHb0A.roa
File: FXdw4LEvQK5WmNB-mzxF9hqHb0A.roa (raw, json)
Hash identifier: NCiDRiMt47xEcUZG6b0wGRSy7ldL15p5TXMRexliF3I=
Subject key identifier: 15:77:70:E0:B1:2F:40:AE:56:98:D0:7E:9B:3C:45:F6:1A:87:6F:40
Certificate issuer: /CN=c815d5c0cd2146baafe8aa6b8b9aa7ceb6e4175a
Certificate serial: 018CC80173F8A3093D0439E545B12E336ED2
Authority key identifier: C8:15:D5:C0:CD:21:46:BA:AF:E8:AA:6B:8B:9A:A7:CE:B6:E4:17:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yBXVwM0hRrqv6Kpri5qnzrbkF1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/0eecef-ae8f-4bf9-ab5e-524764a40e22/1/FXdw4LEvQK5WmNB-mzxF9hqHb0A.roa
Signing time: Tue 02 Jan 2024 02:29:47 +0000
ROA not before: Tue 02 Jan 2024 02:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201463
IP address blocks: 193.8.68.0/22 maxlen: 24
128.127.8.0/22 maxlen: 24
194.55.42.0/24 maxlen: 24
2a07:ce40::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 09 Jan 2024 08:44:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:73:f8:a3:09:3d:04:39:e5:45:b1:2e:33:6e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c815d5c0cd2146baafe8aa6b8b9aa7ceb6e4175a
Validity
Not Before: Jan 2 02:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=157770e0b12f40ae5698d07e9b3c45f61a876f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:2c:5a:8f:9a:e3:43:72:1a:6f:09:23:db:5c:
a2:98:ba:36:66:38:82:5a:7e:05:10:23:7a:09:15:
e6:88:ee:a1:0f:2d:09:cd:66:d1:26:06:2d:3d:28:
9a:2e:fa:1e:eb:68:a9:7d:fb:93:1c:ed:da:95:9e:
fe:38:4d:e8:18:40:ca:f0:ef:95:d1:10:2f:07:d7:
56:e7:e6:64:22:83:87:75:6e:01:06:ee:06:da:5d:
ce:ca:35:f6:d8:3f:3c:1d:c6:fc:0c:f3:55:05:0a:
f4:6e:f2:69:05:15:71:d7:9c:cb:b0:a6:e0:5c:af:
b1:44:b4:50:9e:48:8e:fb:40:06:2c:7f:35:8a:98:
27:20:e4:36:f7:f8:e7:15:f8:dd:16:e1:73:e2:36:
c9:c5:68:80:c6:a0:0c:4f:d0:a3:84:d9:a5:5d:d9:
57:95:6d:81:e2:c9:db:aa:ae:fa:45:75:e7:f7:4d:
09:ab:03:06:74:6f:af:7f:27:e7:df:67:f5:18:b3:
82:2c:16:fb:fe:c6:25:49:cf:95:f8:e2:59:c7:1e:
5b:d7:ff:1a:7c:a6:85:9b:93:76:a7:91:cd:ce:37:
b5:a8:cc:67:a9:9b:d7:ff:a7:05:d3:0d:6d:60:9c:
e8:6a:96:12:d0:59:80:16:b1:86:81:d0:b2:12:da:
6b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:77:70:E0:B1:2F:40:AE:56:98:D0:7E:9B:3C:45:F6:1A:87:6F:40
X509v3 Authority Key Identifier:
keyid:C8:15:D5:C0:CD:21:46:BA:AF:E8:AA:6B:8B:9A:A7:CE:B6:E4:17:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yBXVwM0hRrqv6Kpri5qnzrbkF1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0eecef-ae8f-4bf9-ab5e-524764a40e22/1/FXdw4LEvQK5WmNB-mzxF9hqHb0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0eecef-ae8f-4bf9-ab5e-524764a40e22/1/yBXVwM0hRrqv6Kpri5qnzrbkF1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.8.0/22
193.8.68.0/22
194.55.42.0/24
IPv6:
2a07:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
6b:17:c8:be:69:31:44:45:40:88:1f:b3:02:57:51:e0:91:b2:
b8:11:b9:0d:f3:f1:dd:7e:fa:d0:b5:f1:ae:6e:17:42:08:11:
af:ac:41:54:14:e9:c9:90:00:11:57:0c:80:49:c1:01:03:08:
67:9d:ec:11:ca:e8:7a:97:7e:c6:04:0a:f9:8b:ab:87:4a:26:
df:ef:2c:fa:f0:30:d9:d9:7f:11:e7:40:67:cd:22:ef:d1:00:
da:a6:af:a3:6d:09:ec:0f:da:99:b9:5b:a9:ed:e5:eb:69:11:
96:6a:1a:06:a4:df:2e:ae:10:fc:18:c0:3a:4e:17:50:a1:b7:
f6:76:a3:00:bc:5c:f5:56:d5:ab:c1:22:af:72:24:37:2f:90:
65:3f:e7:d8:4e:17:fa:90:cc:31:84:62:86:03:be:44:e2:27:
c3:6e:cf:f1:ce:b5:ae:02:1b:72:fe:e1:87:54:96:cd:fa:e4:
42:25:9d:a8:8a:bc:e8:51:34:73:66:7f:6d:a5:88:9a:8e:b6:
5f:55:ba:c1:2d:e4:76:0f:c8:fe:04:ff:9e:41:fd:b1:1a:a6:
78:61:e0:0c:f8:a3:ff:b4:3b:0f:78:5e:7d:83:d2:3b:48:e4:
28:c1:df:e6:06:1f:41:06:9f:77:90:03:37:93:5e:48:85:ad:
07:a6:7e:b1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzIAXP4owk9BDnlRbEuM27SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MTVkNWMwY2QyMTQ2YmFhZmU4YWE2YjhiOWFhN2NlYjZl
NDE3NWEwHhcNMjQwMTAyMDIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTc3NzBlMGIxMmY0MGFlNTY5OGQwN2U5YjNjNDVmNjFhODc2ZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6yxaj5rjQ3Iabwkj21yimLo2ZjiC
Wn4FECN6CRXmiO6hDy0JzWbRJgYtPSiaLvoe62ipffuTHO3alZ7+OE3oGEDK8O+V
0RAvB9dW5+ZkIoOHdW4BBu4G2l3OyjX22D88Hcb8DPNVBQr0bvJpBRVx15zLsKbg
XK+xRLRQnkiO+0AGLH81ipgnIOQ29/jnFfjdFuFz4jbJxWiAxqAMT9CjhNmlXdlX
lW2B4snbqq76RXXn900JqwMGdG+vfyfn32f1GLOCLBb7/sYlSc+V+OJZxx5b1/8a
fKaFm5N2p5HNzje1qMxnqZvX/6cF0w1tYJzoapYS0FmAFrGGgdCyEtprTQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBV3cOCxL0CuVpjQfps8RfYah29AMB8GA1UdIwQY
MBaAFMgV1cDNIUa6r+iqa4uap8625BdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUJYVndNMGhScnF2Nktwcmk1cW56cmJrRjFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wZWVjZWYtYWU4Zi00YmY5LWFiNWUt
NTI0NzY0YTQwZTIyLzEvRlhkdzRMRXZRSzVXbU5CLW16eEY5aHFIYjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wZWVjZWYtYWU4Zi00YmY5LWFiNWUtNTI0NzY0YTQwZTIy
LzEveUJYVndNMGhScnF2Nktwcmk1cW56cmJrRjFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCgH8IAwQC
wQhEAwQAwjcqMA0EAgACMAcDBQMqB85AMA0GCSqGSIb3DQEBCwUAA4IBAQBrF8i+
aTFERUCIH7MCV1HgkbK4EbkN8/HdfvrQtfGubhdCCBGvrEFUFOnJkAARVwyAScEB
AwhnnewRyuh6l37GBAr5i6uHSibf7yz68DDZ2X8R50BnzSLv0QDapq+jbQnsD9qZ
uVup7eXraRGWahoGpN8urhD8GMA6ThdQobf2dqMAvFz1VtWrwSKvciQ3L5BlP+fY
Thf6kMwxhGKGA75E4ifDbs/xzrWuAhty/uGHVJbN+uRCJZ2oirzoUTRzZn9tpYia
jrZfVbrBLeR2D8j+BP+eQf2xGqZ4YeAM+KP/tDsPeF59g9I7SOQowd/mBh9BBp93
kAM3k15Iha0Hpn6x
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:31 2025 by rpki-client