Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/IpEVMyNqW7hxc4zShK2ZSuOl0nQ.roa
File: IpEVMyNqW7hxc4zShK2ZSuOl0nQ.roa (raw, json)
Hash identifier: pycniZZSfh5l1bTeOmLpuBa25Hf5f5HBO08nF4dGNxQ=
Subject key identifier: 22:91:15:33:23:6A:5B:B8:71:73:8C:D2:84:AD:99:4A:E3:A5:D2:74
Certificate issuer: /CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Certificate serial: 018CC6B84D8377FDE04DF7B81591A89B686F
Authority key identifier: A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/IpEVMyNqW7hxc4zShK2ZSuOl0nQ.roa
Signing time: Mon 01 Jan 2024 20:30:16 +0000
ROA not before: Mon 01 Jan 2024 20:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15533
IP address blocks: 178.218.242.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:4d:83:77:fd:e0:4d:f7:b8:15:91:a8:9b:68:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42000c4f4ec4a03cd4d3657e01b70034ec23b97
Validity
Not Before: Jan 1 20:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22911533236a5bb871738cd284ad994ae3a5d274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:80:4f:2a:55:10:35:36:f8:12:8c:d7:6b:e7:
b4:3f:da:02:76:e0:2f:af:73:a2:4b:92:ee:f7:91:
dd:20:f7:7d:bc:51:c7:95:ff:db:08:bc:e7:9b:87:
e6:4c:f5:bf:13:24:ae:58:de:39:b5:4e:26:f0:f0:
ae:71:a7:2b:41:d7:cb:42:39:7b:b7:c9:dd:30:59:
58:8e:ff:6b:2a:f3:f4:d3:8e:e9:91:93:69:58:0a:
95:57:c8:42:cb:14:d7:c7:0e:ca:6b:ed:7c:ad:78:
96:7c:60:00:73:68:18:28:02:4e:41:a1:cb:25:09:
0c:c2:1b:42:ca:e4:b0:82:e5:8e:f6:c7:0b:61:0f:
31:d5:49:b6:3b:a3:8c:36:15:73:e1:8e:15:21:0b:
52:6f:a3:45:4f:cf:ba:c3:66:00:df:2a:08:1b:79:
61:79:d4:2b:88:5f:dc:28:6e:e8:41:f1:97:0e:96:
c4:65:f1:ef:83:80:d1:f6:5b:0c:98:66:84:c1:cd:
d7:a9:19:78:38:32:f6:12:e5:41:52:89:eb:64:d7:
ff:6b:19:db:f5:3a:da:f8:59:0b:2a:fd:e9:1f:d1:
8f:f0:58:3d:54:dd:8d:7d:77:c7:64:ac:67:ef:1a:
03:4e:a4:c2:32:86:f2:41:67:95:f9:1e:bd:2b:ba:
04:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:91:15:33:23:6A:5B:B8:71:73:8C:D2:84:AD:99:4A:E3:A5:D2:74
X509v3 Authority Key Identifier:
keyid:A4:20:00:C4:F4:EC:4A:03:CD:4D:36:57:E0:1B:70:03:4E:C2:3B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pCAAxPTsSgPNTTZX4BtwA07CO5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/IpEVMyNqW7hxc4zShK2ZSuOl0nQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/163d77-4fea-4131-becb-0f22d89689a0/1/pCAAxPTsSgPNTTZX4BtwA07CO5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.242.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:5c:80:a9:f3:e5:a1:03:7b:59:18:57:4b:7a:df:5d:e0:ba:
ee:09:19:f3:70:3f:2e:7d:52:93:34:eb:ef:86:16:3f:4a:1f:
d7:78:01:6b:50:86:a9:f2:a8:31:d8:0d:6f:c2:06:1c:4c:21:
b9:3e:86:0e:3b:6f:3b:50:fc:a6:83:b2:80:b2:0d:f7:99:63:
56:5d:03:c0:dd:16:d8:a9:96:4d:88:3a:71:a4:f3:71:14:5b:
0b:6c:1b:d2:79:ac:8a:51:49:c5:45:d8:1f:1c:42:18:c2:01:
59:e9:2b:c9:08:bd:fe:c7:91:00:bc:d9:d3:a8:23:ec:12:e9:
6c:5b:25:ea:43:97:d1:6c:6f:e8:42:a3:9a:98:11:90:b6:fb:
78:11:88:94:c6:6d:dc:2e:b5:2b:bf:89:e5:ff:1e:e5:38:38:
e3:0b:50:c8:69:72:12:9e:14:e7:fb:3b:2a:66:7b:7e:82:31:
d5:9f:b7:c6:45:f9:91:f8:46:55:9e:31:8f:59:25:de:27:f2:
b7:82:f6:5d:07:6b:f7:50:e4:e1:9f:20:bc:10:4f:8c:2a:e4:
5b:a4:68:34:7d:72:70:3b:10:fb:50:a1:ea:cc:40:c0:51:75:
97:94:9b:f3:fd:57:63:02:5b:2b:1b:a2:76:60:d3:3a:91:5f:
c7:8f:29:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuE2Dd/3gTfe4FZGom2hvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MjAwMGM0ZjRlYzRhMDNjZDRkMzY1N2UwMWI3MDAzNGVj
MjNiOTcwHhcNMjQwMTAxMjAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjkxMTUzMzIzNmE1YmI4NzE3MzhjZDI4NGFkOTk0YWUzYTVkMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIBPKlUQNTb4EozXa+e0P9oCduAv
r3OiS5Lu95HdIPd9vFHHlf/bCLznm4fmTPW/EySuWN45tU4m8PCucacrQdfLQjl7
t8ndMFlYjv9rKvP0047pkZNpWAqVV8hCyxTXxw7Ka+18rXiWfGAAc2gYKAJOQaHL
JQkMwhtCyuSwguWO9scLYQ8x1Um2O6OMNhVz4Y4VIQtSb6NFT8+6w2YA3yoIG3lh
edQriF/cKG7oQfGXDpbEZfHvg4DR9lsMmGaEwc3XqRl4ODL2EuVBUonrZNf/axnb
9Tra+FkLKv3pH9GP8Fg9VN2NfXfHZKxn7xoDTqTCMobyQWeV+R69K7oElwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKRFTMjalu4cXOM0oStmUrjpdJ0MB8GA1UdIwQY
MBaAFKQgAMT07EoDzU02V+AbcANOwjuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2It
MGYyMmQ4OTY4OWEwLzEvSXBFVk15TnFXN2h4YzR6U2hLMlpTdU9sMG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNjNkNzctNGZlYS00MTMxLWJlY2ItMGYyMmQ4OTY4OWEw
LzEvcENBQXhQVHNTZ1BOVFRaWDRCdHdBMDdDTzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBstryMA0G
CSqGSIb3DQEBCwUAA4IBAQALXICp8+WhA3tZGFdLet9d4LruCRnzcD8ufVKTNOvv
hhY/Sh/XeAFrUIap8qgx2A1vwgYcTCG5PoYOO287UPymg7KAsg33mWNWXQPA3RbY
qZZNiDpxpPNxFFsLbBvSeayKUUnFRdgfHEIYwgFZ6SvJCL3+x5EAvNnTqCPsEuls
WyXqQ5fRbG/oQqOamBGQtvt4EYiUxm3cLrUrv4nl/x7lODjjC1DIaXISnhTn+zsq
Znt+gjHVn7fGRfmR+EZVnjGPWSXeJ/K3gvZdB2v3UOThnyC8EE+MKuRbpGg0fXJw
OxD7UKHqzEDAUXWXlJvz/VdjAlsrG6J2YNM6kV/Hjyml
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:55 2025 by rpki-client