Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/XFSz9Bc2OlevB7OCjhxBXpj2l2U.roa
File: XFSz9Bc2OlevB7OCjhxBXpj2l2U.roa (raw, json)
Hash identifier: Tk5GMcqbgSxxgTqVhTuB4hYH8nmjIkEF6JvxOxkkH1I=
Subject key identifier: 5C:54:B3:F4:17:36:3A:57:AF:07:B3:82:8E:1C:41:5E:98:F6:97:65
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0193F52E7F9873BE6C4834535C9FA6BB1470
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/XFSz9Bc2OlevB7OCjhxBXpj2l2U.roa
Signing time: Mon 23 Dec 2024 20:21:25 +0000
ROA not before: Mon 23 Dec 2024 20:21:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13335
IP address blocks: 77.111.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f5:2e:7f:98:73:be:6c:48:34:53:5c:9f:a6:bb:14:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Dec 23 20:21:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c54b3f417363a57af07b3828e1c415e98f69765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5d:21:07:5b:29:8e:0f:e8:83:de:57:ac:9b:
50:cc:18:b9:e2:92:4e:5a:10:ca:cb:27:d2:92:d5:
69:ae:6c:32:b9:a1:28:79:ac:ed:cc:df:c8:9a:9a:
56:59:ae:14:31:20:de:e8:fa:69:2a:87:2b:95:d5:
17:5e:aa:21:16:ea:f8:09:36:1a:60:f4:15:25:37:
d2:b0:16:ee:1b:36:53:63:06:3e:53:23:30:d4:b7:
ce:90:55:f7:7b:89:78:82:01:fa:31:ab:e6:5b:90:
08:de:a0:64:30:bc:c7:91:3f:a6:df:29:80:f9:7a:
8e:dd:26:e2:75:eb:0a:70:e1:84:d1:af:04:d7:e2:
5f:b1:3e:6a:2d:72:fb:3e:d2:35:e4:29:3a:c7:3c:
b8:0e:8c:a0:dd:cc:6a:4d:13:20:fd:24:1e:65:29:
31:67:e7:62:3e:29:67:61:16:7e:b6:48:d0:4c:af:
22:b2:c0:f3:48:a9:af:6d:c3:43:b2:e0:98:83:cf:
3e:b4:ef:8b:7c:6a:1c:6c:64:c0:9d:9b:7d:a3:b9:
e9:be:52:07:4e:35:2a:ea:26:aa:43:df:88:24:e6:
18:fc:db:c6:a0:2f:b8:a7:58:f3:4f:ce:5f:72:f0:
95:fb:32:c0:8a:23:81:16:f0:38:1e:de:75:3e:77:
94:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:54:B3:F4:17:36:3A:57:AF:07:B3:82:8E:1C:41:5E:98:F6:97:65
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/XFSz9Bc2OlevB7OCjhxBXpj2l2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.106.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:76:63:df:0b:c7:3c:db:3d:02:60:72:4d:a0:58:5b:8f:a2:
37:74:d3:88:09:92:04:cc:ac:ec:ff:21:b8:f6:9e:06:6f:a9:
ea:d2:fc:d5:9e:f9:1d:67:fb:e6:77:d0:0e:38:39:f6:5f:8c:
af:2a:ea:89:4d:c1:3e:bd:cd:f6:5c:22:12:d5:8c:43:fa:16:
9a:e7:45:96:72:7d:da:ef:cd:18:0c:af:3e:1b:d5:eb:e4:3b:
0b:1b:a6:35:2f:2e:06:90:95:86:6f:64:41:56:86:6f:e3:93:
84:7e:f1:06:52:34:c2:d0:c5:52:88:14:04:9e:ab:77:f6:3d:
1f:ac:42:b1:a7:79:fb:82:18:2b:7a:a9:64:7b:ed:9d:ed:55:
7a:88:70:eb:8b:0f:65:f7:61:28:54:3f:b3:f8:75:52:64:d8:
00:c0:ea:97:58:95:29:e8:46:09:9e:40:78:47:82:64:19:d1:
c5:2d:26:63:30:c9:40:d6:f7:09:1d:d6:e4:3f:e5:a2:63:fa:
5b:d9:c1:d4:c0:ef:db:7e:ad:1e:d3:89:e5:9b:6f:d4:66:ce:
39:35:cb:47:0a:4c:91:11:40:e3:8a:09:da:65:2c:66:98:63:
49:70:07:07:3c:66:61:14:37:b7:40:20:16:f4:20:7e:05:f2:
a9:ca:2d:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP1Ln+Yc75sSDRTXJ+muxRwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMjIzMjAyMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU0YjNmNDE3MzYzYTU3YWYwN2IzODI4ZTFjNDE1ZTk4ZjY5NzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl10hB1spjg/og95XrJtQzBi54pJO
WhDKyyfSktVprmwyuaEoeaztzN/ImppWWa4UMSDe6PppKocrldUXXqohFur4CTYa
YPQVJTfSsBbuGzZTYwY+UyMw1LfOkFX3e4l4ggH6MavmW5AI3qBkMLzHkT+m3ymA
+XqO3SbidesKcOGE0a8E1+JfsT5qLXL7PtI15Ck6xzy4Doyg3cxqTRMg/SQeZSkx
Z+diPilnYRZ+tkjQTK8issDzSKmvbcNDsuCYg88+tO+LfGocbGTAnZt9o7npvlIH
TjUq6iaqQ9+IJOYY/NvGoC+4p1jzT85fcvCV+zLAiiOBFvA4Ht51PneUMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxUs/QXNjpXrwezgo4cQV6Y9pdlMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWEZTejlCYzJPbGV2QjdPQ2poeEJYcGoybDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATW9qMA0G
CSqGSIb3DQEBCwUAA4IBAQB6dmPfC8c82z0CYHJNoFhbj6I3dNOICZIEzKzs/yG4
9p4Gb6nq0vzVnvkdZ/vmd9AOODn2X4yvKuqJTcE+vc32XCIS1YxD+haa50WWcn3a
780YDK8+G9Xr5DsLG6Y1Ly4GkJWGb2RBVoZv45OEfvEGUjTC0MVSiBQEnqt39j0f
rEKxp3n7ghgreqlke+2d7VV6iHDriw9l92EoVD+z+HVSZNgAwOqXWJUp6EYJnkB4
R4JkGdHFLSZjMMlA1vcJHdbkP+WiY/pb2cHUwO/bfq0e04nlm2/UZs45NctHCkyR
EUDjignaZSxmmGNJcAcHPGZhFDe3QCAW9CB+BfKpyi0T
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:44 2025 by rpki-client