Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/xIlcmXA5jrNSALlhazowvUHu0To.roa
File: xIlcmXA5jrNSALlhazowvUHu0To.roa (raw, json)
Hash identifier: s7CGh21ZNWc+fFxlynS3q8GdK4y25LnjnbcUp6gMl5I=
Subject key identifier: C4:89:5C:99:70:39:8E:B3:52:00:B9:61:6B:3A:30:BD:41:EE:D1:3A
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 018CC7958E9E7096F7B219736C704A37B667
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/xIlcmXA5jrNSALlhazowvUHu0To.roa
Signing time: Tue 02 Jan 2024 00:31:56 +0000
ROA not before: Tue 02 Jan 2024 00:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6584
IP address blocks: 194.69.96.0/19 maxlen: 19
194.69.96.0/22 maxlen: 24
194.69.100.0/22 maxlen: 22
194.69.126.0/23 maxlen: 24
2a01:110:8012::/48 maxlen: 48
2a01:110::/32 maxlen: 32
2a01:110:8008::/48 maxlen: 48
2a01:110:e050::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8e:9e:70:96:f7:b2:19:73:6c:70:4a:37:b6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Jan 2 00:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4895c9970398eb35200b9616b3a30bd41eed13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ec:ae:0e:05:a7:da:dd:bc:0f:50:03:d4:0a:
7b:15:1d:4a:16:c9:3b:62:92:b0:12:02:77:13:47:
16:a9:d5:f6:6d:c8:b4:f1:cf:cd:ab:93:83:03:70:
2f:51:65:2e:2a:06:6e:d1:9d:3d:1c:d2:fd:0a:d7:
06:ba:94:78:a0:bb:05:5f:3a:01:27:2d:51:63:58:
a2:76:c3:8b:e2:85:47:01:ce:c7:b8:78:b8:5b:7c:
61:ad:c6:81:5d:ab:ef:fa:61:9c:d6:29:36:8a:23:
ee:a6:00:b1:cc:af:37:2a:a6:c2:27:f8:d5:6d:24:
df:80:8b:cf:f2:cd:b2:a5:73:e4:5a:23:21:3c:80:
b0:3b:cd:31:cd:10:9e:55:ab:5f:d2:20:a5:93:19:
11:1d:c1:e9:4b:83:b7:80:96:50:65:ef:b8:62:fe:
4e:85:9a:3e:48:11:1f:31:4d:26:24:69:b0:4d:f7:
4b:56:3f:d7:5d:05:3f:0e:9d:61:d0:7b:91:66:ff:
b4:1c:72:f9:33:25:c5:71:1d:d4:43:15:6d:b9:0f:
fd:dc:c3:69:76:24:6d:17:3c:7d:08:a5:79:11:3f:
98:47:e5:5e:b0:1b:2c:53:b5:83:ca:db:7e:11:12:
ff:c5:7d:be:7d:f0:10:60:67:0d:67:2c:8d:a4:a7:
35:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:89:5C:99:70:39:8E:B3:52:00:B9:61:6B:3A:30:BD:41:EE:D1:3A
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/xIlcmXA5jrNSALlhazowvUHu0To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.69.96.0/19
IPv6:
2a01:110::/32
Signature Algorithm: sha256WithRSAEncryption
46:c9:4a:ca:f8:d0:79:13:ae:12:c3:b4:49:b7:ca:2d:e9:e9:
4d:da:f1:5f:dd:28:fc:01:34:23:46:82:f6:7f:92:ea:13:3f:
c8:79:91:3c:41:1e:ea:92:fe:60:38:d9:dc:29:df:9c:aa:27:
f3:e1:46:b8:0d:9d:95:a3:09:05:8f:11:fa:f8:a0:b9:52:3c:
8a:dd:bd:33:26:56:cf:96:4e:d9:be:9e:89:9a:87:48:2d:61:
06:7a:f0:57:67:74:b4:d3:08:b6:80:b5:7e:31:37:1d:b8:31:
fb:3d:5a:46:95:87:dc:cd:5e:05:8a:6c:5d:d8:57:eb:c8:18:
36:13:c3:e6:12:bd:ec:af:5f:cd:ba:c2:d7:51:67:66:72:7b:
6d:7d:80:48:73:df:90:e5:4d:67:aa:f3:42:66:1d:f0:1e:7f:
8b:54:19:20:1f:28:0b:23:83:46:4a:5d:b4:22:7d:ae:b4:57:
0d:b3:87:65:91:7b:25:7b:c7:78:d9:49:a4:f3:29:c5:38:2b:
2e:49:e4:47:c6:26:8b:06:cb:bb:a2:7d:44:1b:2b:dc:32:38:
bf:35:f6:ed:47:73:ce:9d:c4:95:f6:a4:26:ce:14:e9:b8:a9:
6e:7a:fb:5e:6a:b7:04:a1:e2:81:43:f2:b5:09:a5:35:cb:82:
17:20:b2:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlY6ecJb3shlzbHBKN7ZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjQwMTAyMDAzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDg5NWM5OTcwMzk4ZWIzNTIwMGI5NjE2YjNhMzBiZDQxZWVkMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOyuDgWn2t28D1AD1Ap7FR1KFsk7
YpKwEgJ3E0cWqdX2bci08c/Nq5ODA3AvUWUuKgZu0Z09HNL9CtcGupR4oLsFXzoB
Jy1RY1iidsOL4oVHAc7HuHi4W3xhrcaBXavv+mGc1ik2iiPupgCxzK83KqbCJ/jV
bSTfgIvP8s2ypXPkWiMhPICwO80xzRCeVatf0iClkxkRHcHpS4O3gJZQZe+4Yv5O
hZo+SBEfMU0mJGmwTfdLVj/XXQU/Dp1h0HuRZv+0HHL5MyXFcR3UQxVtuQ/93MNp
diRtFzx9CKV5ET+YR+VesBssU7WDytt+ERL/xX2+ffAQYGcNZyyNpKc1NQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMSJXJlwOY6zUgC5YWs6ML1B7tE6MB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEveElsY21YQTVqck5TQUxsaGF6b3d2VUh1MFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwkVgMA0E
AgACMAcDBQAqAQEQMA0GCSqGSIb3DQEBCwUAA4IBAQBGyUrK+NB5E64Sw7RJt8ot
6elN2vFf3Sj8ATQjRoL2f5LqEz/IeZE8QR7qkv5gONncKd+cqifz4Ua4DZ2VowkF
jxH6+KC5UjyK3b0zJlbPlk7Zvp6JmodILWEGevBXZ3S00wi2gLV+MTcduDH7PVpG
lYfczV4Fimxd2FfryBg2E8PmEr3sr1/NusLXUWdmcnttfYBIc9+Q5U1nqvNCZh3w
Hn+LVBkgHygLI4NGSl20In2utFcNs4dlkXsle8d42Umk8ynFOCsuSeRHxiaLBsu7
on1EGyvcMji/NfbtR3POncSV9qQmzhTpuKluevtearcEoeKBQ/K1CaU1y4IXILKI
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:20 2025 by rpki-client