Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/Egq8c2M40N5XPhXRN6wPFrEoWzg.roa
File: Egq8c2M40N5XPhXRN6wPFrEoWzg.roa (raw, json)
Hash identifier: LXwcZIuTLias+4izgRmYfgAXgigqzmPtqmQmu5qIPng=
Subject key identifier: 12:0A:BC:73:63:38:D0:DE:57:3E:15:D1:37:AC:0F:16:B1:28:5B:38
Certificate issuer: /CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Certificate serial: 0190C562082C82303CDDF9F358EC13EFF654
Authority key identifier: D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/Egq8c2M40N5XPhXRN6wPFrEoWzg.roa
Signing time: Thu 18 Jul 2024 10:27:34 +0000
ROA not before: Thu 18 Jul 2024 10:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56324
IP address blocks: 185.6.28.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:62:08:2c:82:30:3c:dd:f9:f3:58:ec:13:ef:f6:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a988916d51406f9a269f30a02d0086b57f4d5a
Validity
Not Before: Jul 18 10:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=120abc736338d0de573e15d137ac0f16b1285b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2f:8d:2c:46:b8:42:8b:c9:94:7d:d9:3b:62:
9b:75:fb:c4:d6:f3:fb:4b:70:9b:dc:13:bb:fd:e4:
58:ed:1d:18:4d:be:20:64:2f:94:22:df:88:7b:6c:
b5:3a:5d:e4:7b:bb:b5:31:ce:60:7d:85:93:ef:aa:
d0:19:43:a9:08:54:1d:a5:d4:10:9a:6c:ed:4f:48:
ca:d7:80:a1:e6:22:76:0c:94:1c:a7:aa:c1:dd:bc:
53:7e:80:20:3e:0f:dc:76:59:8c:7c:76:0a:7b:33:
37:c8:a9:35:65:49:98:88:52:26:4c:50:79:5d:aa:
4b:42:e5:06:f7:94:c8:14:f9:5e:4e:ac:cf:d0:ac:
31:5b:0b:b2:ef:b9:35:fd:a1:0b:e7:ea:86:ad:a0:
b6:fb:71:3b:44:ba:fb:c1:25:ef:fe:c4:be:4b:f7:
ea:9b:fc:52:c6:d5:2a:97:fa:d0:b6:56:2b:30:f4:
8f:05:3c:a1:c6:39:87:cc:2c:d8:c3:c8:0c:3b:5e:
2e:14:38:e0:96:28:2a:50:36:18:74:79:d6:24:ec:
5e:f5:a5:e5:0a:05:d5:00:07:24:90:2a:a8:86:2a:
6f:57:6c:03:12:7e:34:1c:3d:db:8f:86:22:9c:74:
59:36:f7:ec:fa:10:9f:b6:71:b1:01:95:b0:e1:24:
4e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:0A:BC:73:63:38:D0:DE:57:3E:15:D1:37:AC:0F:16:B1:28:5B:38
X509v3 Authority Key Identifier:
keyid:D9:A9:88:91:6D:51:40:6F:9A:26:9F:30:A0:2D:00:86:B5:7F:4D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2amIkW1RQG-aJp8woC0AhrV_TVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/Egq8c2M40N5XPhXRN6wPFrEoWzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/962b3f-fc26-4549-ae02-4d049a1eaf2f/1/2amIkW1RQG-aJp8woC0AhrV_TVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.28.0/23
Signature Algorithm: sha256WithRSAEncryption
67:7c:ca:ff:55:77:52:38:c6:1a:74:7a:c5:79:d7:0b:18:15:
c2:1b:3b:25:dc:f8:f6:4a:d9:e2:ca:c3:46:ee:e5:c4:b1:90:
bb:3d:ff:15:82:23:1c:ab:b7:c0:f6:13:7e:1f:e5:5e:b5:39:
e1:ed:bc:69:27:47:6a:1f:ff:85:46:89:a1:62:ca:29:46:ce:
65:fe:f0:bf:0c:80:78:98:db:9b:bc:a0:86:85:1d:ea:55:f5:
94:86:68:74:42:4b:ca:0a:7e:87:42:78:59:ef:30:fe:fb:23:
ed:da:ea:ad:e3:73:49:5f:01:b7:d0:4b:c2:d7:79:f7:57:67:
7b:8d:5f:17:9c:36:f0:32:f2:cc:2f:a9:bc:2a:5e:d0:08:fe:
a4:6f:b1:27:18:90:39:c5:f7:47:5c:93:7a:51:29:e8:ac:90:
7c:d4:4e:1c:e7:2a:b1:a9:d1:24:46:fa:93:ae:3a:b0:d0:9b:
1c:88:f0:da:4f:3d:e1:f8:3b:5c:06:d2:fc:f6:7d:85:8f:3d:
28:0d:fa:f8:54:e9:74:3f:ef:8a:27:8c:65:86:36:3f:b5:f9:
bc:3c:4c:dc:5c:40:29:20:18:54:dd:f8:9c:5f:51:19:5a:ae:
46:f2:2a:9f:42:e4:69:c5:59:f1:f4:4a:1d:bc:7a:3e:47:9c:
d7:77:9f:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDFYggsgjA83fnzWOwT7/ZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTk4ODkxNmQ1MTQwNmY5YTI2OWYzMGEwMmQwMDg2YjU3
ZjRkNWEwHhcNMjQwNzE4MTAyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjBhYmM3MzYzMzhkMGRlNTczZTE1ZDEzN2FjMGYxNmIxMjg1YjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyS+NLEa4QovJlH3ZO2KbdfvE1vP7
S3Cb3BO7/eRY7R0YTb4gZC+UIt+Ie2y1Ol3ke7u1Mc5gfYWT76rQGUOpCFQdpdQQ
mmztT0jK14Ch5iJ2DJQcp6rB3bxTfoAgPg/cdlmMfHYKezM3yKk1ZUmYiFImTFB5
XapLQuUG95TIFPleTqzP0KwxWwuy77k1/aEL5+qGraC2+3E7RLr7wSXv/sS+S/fq
m/xSxtUql/rQtlYrMPSPBTyhxjmHzCzYw8gMO14uFDjgligqUDYYdHnWJOxe9aXl
CgXVAAckkCqohipvV2wDEn40HD3bj4YinHRZNvfs+hCftnGxAZWw4SROaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBIKvHNjONDeVz4V0TesDxaxKFs4MB8GA1UdIwQY
MBaAFNmpiJFtUUBvmiafMKAtAIa1f01aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDIt
NGQwNDlhMWVhZjJmLzEvRWdxOGMyTTQwTjVYUGhYUk42d1BGckVvV3pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy85NjJiM2YtZmMyNi00NTQ5LWFlMDItNGQwNDlhMWVhZjJm
LzEvMmFtSWtXMVJRRy1hSnA4d29DMEFoclZfVFZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQYcMA0G
CSqGSIb3DQEBCwUAA4IBAQBnfMr/VXdSOMYadHrFedcLGBXCGzsl3Pj2StniysNG
7uXEsZC7Pf8VgiMcq7fA9hN+H+VetTnh7bxpJ0dqH/+FRomhYsopRs5l/vC/DIB4
mNubvKCGhR3qVfWUhmh0QkvKCn6HQnhZ7zD++yPt2uqt43NJXwG30EvC13n3V2d7
jV8XnDbwMvLML6m8Kl7QCP6kb7EnGJA5xfdHXJN6USnorJB81E4c5yqxqdEkRvqT
rjqw0JsciPDaTz3h+DtcBtL89n2Fjz0oDfr4VOl0P++KJ4xlhjY/tfm8PEzcXEAp
IBhU3ficX1EZWq5G8iqfQuRpxVnx9EodvHo+R5zXd58l
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:10 2025 by rpki-client