Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f74738-5830-417c-8360-0d60d64732bf/1/XwkwtwPEPpWIBcnDq-oLWXSoJnw.roa
File: XwkwtwPEPpWIBcnDq-oLWXSoJnw.roa (raw, json)
Hash identifier: JI3i/fkPzxEtIkRrh991JnX6VyAqCmm8001Et+PXn9k=
Subject key identifier: 5F:09:30:B7:03:C4:3E:95:88:05:C9:C3:AB:EA:0B:59:74:A8:26:7C
Certificate issuer: /CN=6246bd00daa4da92a0c36facdd9cd69491d96c68
Certificate serial: 0190517620DBB46D32475C842E88092934B8
Authority key identifier: 62:46:BD:00:DA:A4:DA:92:A0:C3:6F:AC:DD:9C:D6:94:91:D9:6C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yka9ANqk2pKgw2-s3ZzWlJHZbGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f74738-5830-417c-8360-0d60d64732bf/1/XwkwtwPEPpWIBcnDq-oLWXSoJnw.roa
Signing time: Tue 25 Jun 2024 22:13:34 +0000
ROA not before: Tue 25 Jun 2024 22:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39128
IP address blocks: 195.114.96.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Jun 2024 22:46:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:51:76:20:db:b4:6d:32:47:5c:84:2e:88:09:29:34:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6246bd00daa4da92a0c36facdd9cd69491d96c68
Validity
Not Before: Jun 25 22:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f0930b703c43e958805c9c3abea0b5974a8267c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:02:43:50:3f:75:27:54:79:37:3d:47:cc:a4:
32:8d:7d:5c:3e:71:37:6d:a5:d9:05:0b:75:62:04:
9c:50:8f:8a:19:01:9a:e8:a8:1e:f5:59:cd:78:9e:
6b:3c:04:93:d3:2e:13:03:bd:8f:6a:55:22:fd:c7:
d7:a2:e4:be:4a:23:3c:66:55:39:48:76:0d:c8:e4:
0c:39:de:6f:05:d3:21:1c:53:80:46:cd:7e:d0:27:
50:be:ac:14:d5:ad:6b:e1:e0:cc:28:3b:a8:a7:31:
08:04:7a:b8:8a:68:34:97:ea:35:89:eb:73:11:09:
d0:35:81:21:3a:b8:0b:7a:68:2e:41:d3:be:1f:4e:
b7:aa:05:7c:cd:61:47:eb:30:8c:88:e8:75:05:72:
8d:f6:17:df:8e:ef:95:b3:db:55:f5:be:c5:32:97:
36:22:e4:5a:bc:9c:ca:7a:5c:59:c7:9c:f7:cc:81:
9d:cd:07:9f:8b:52:72:45:b8:14:7a:39:02:6e:de:
9e:84:3b:95:f4:8c:bd:d4:04:d4:7c:57:4d:75:5a:
19:5f:9e:e8:55:e7:88:21:53:6a:f2:65:d8:5d:ca:
fd:27:61:24:c0:90:b7:76:73:f1:06:eb:c4:77:78:
cb:64:f1:74:d7:10:5b:c1:cb:9c:96:7a:a9:5c:23:
93:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:09:30:B7:03:C4:3E:95:88:05:C9:C3:AB:EA:0B:59:74:A8:26:7C
X509v3 Authority Key Identifier:
keyid:62:46:BD:00:DA:A4:DA:92:A0:C3:6F:AC:DD:9C:D6:94:91:D9:6C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yka9ANqk2pKgw2-s3ZzWlJHZbGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f74738-5830-417c-8360-0d60d64732bf/1/XwkwtwPEPpWIBcnDq-oLWXSoJnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f74738-5830-417c-8360-0d60d64732bf/1/Yka9ANqk2pKgw2-s3ZzWlJHZbGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.96.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:00:0f:e8:c7:b0:7a:bf:c9:63:be:eb:70:84:6b:6d:4d:c4:
d7:33:ee:d4:95:ec:d1:67:ca:12:34:18:ab:0e:8b:f0:0b:eb:
79:0d:e7:78:79:42:4b:2d:cb:9a:63:eb:74:2c:2e:2a:b2:26:
b2:e3:11:5b:0c:58:60:44:9d:e4:96:ed:6f:96:02:3d:02:9e:
9d:f0:5c:ab:e6:8c:5d:de:af:eb:a0:0a:17:e8:b3:6d:85:b5:
74:0f:cd:86:a4:9d:ee:57:57:3a:38:75:29:13:4d:13:dd:21:
c3:24:09:40:84:bd:5c:96:b0:f8:3a:69:23:5a:68:d5:c8:79:
69:d0:5f:b6:9c:95:0e:cc:96:38:a5:0d:e8:5c:92:e3:58:1a:
69:2a:98:e2:ee:83:e5:58:86:9f:1e:8d:b7:58:41:a1:30:a9:
7b:c6:31:9b:25:6c:7f:49:2a:5d:06:70:62:98:82:72:33:20:
13:3e:c6:24:8a:15:d2:24:76:f9:1a:28:74:fd:4e:01:81:a6:
13:c6:60:8f:da:60:b7:a7:e1:8d:2a:aa:0e:27:70:f4:09:b1:
ae:47:20:19:12:8c:7d:b0:c0:9f:94:90:cc:da:f0:dc:d4:5c:
06:f4:bc:5f:1f:48:2d:09:8e:97:fb:0e:12:d3:81:33:85:72:
83:83:6f:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBRdiDbtG0yR1yELogJKTS4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNDZiZDAwZGFhNGRhOTJhMGMzNmZhY2RkOWNkNjk0OTFk
OTZjNjgwHhcNMjQwNjI1MjIxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA5MzBiNzAzYzQzZTk1ODgwNWM5YzNhYmVhMGI1OTc0YTgyNjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wJDUD91J1R5Nz1HzKQyjX1cPnE3
baXZBQt1YgScUI+KGQGa6Kge9VnNeJ5rPAST0y4TA72PalUi/cfXouS+SiM8ZlU5
SHYNyOQMOd5vBdMhHFOARs1+0CdQvqwU1a1r4eDMKDuopzEIBHq4img0l+o1ietz
EQnQNYEhOrgLemguQdO+H063qgV8zWFH6zCMiOh1BXKN9hffju+Vs9tV9b7FMpc2
IuRavJzKelxZx5z3zIGdzQefi1JyRbgUejkCbt6ehDuV9Iy91ATUfFdNdVoZX57o
VeeIIVNq8mXYXcr9J2EkwJC3dnPxBuvEd3jLZPF01xBbwcuclnqpXCOTmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8JMLcDxD6ViAXJw6vqC1l0qCZ8MB8GA1UdIwQY
MBaAFGJGvQDapNqSoMNvrN2c1pSR2WxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWthOUFOcWsycEtndzItczNaeldsSkhaYkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNzQ3MzgtNTgzMC00MTdjLTgzNjAt
MGQ2MGQ2NDczMmJmLzEvWHdrd3R3UEVQcFdJQmNuRHEtb0xXWFNvSm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNzQ3MzgtNTgzMC00MTdjLTgzNjAtMGQ2MGQ2NDczMmJm
LzEvWWthOUFOcWsycEtndzItczNaeldsSkhaYkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw3JgMA0G
CSqGSIb3DQEBCwUAA4IBAQCdAA/ox7B6v8ljvutwhGttTcTXM+7UlezRZ8oSNBir
DovwC+t5Ded4eUJLLcuaY+t0LC4qsiay4xFbDFhgRJ3klu1vlgI9Ap6d8Fyr5oxd
3q/roAoX6LNthbV0D82GpJ3uV1c6OHUpE00T3SHDJAlAhL1clrD4OmkjWmjVyHlp
0F+2nJUOzJY4pQ3oXJLjWBppKpji7oPlWIafHo23WEGhMKl7xjGbJWx/SSpdBnBi
mIJyMyATPsYkihXSJHb5Gih0/U4BgaYTxmCP2mC3p+GNKqoOJ3D0CbGuRyAZEox9
sMCflJDM2vDc1FwG9LxfH0gtCY6X+w4S04EzhXKDg28o
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:39:46 2025 by rpki-client