Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/6pm2Sfbp1-WApWzHiA8F4fvT2WM.roa
File: 6pm2Sfbp1-WApWzHiA8F4fvT2WM.roa (raw, json)
Hash identifier: U8kkIBLLEqD2kO0u1WaxhLHrr3Nx2KjFymBLozXKOug=
Subject key identifier: EA:99:B6:49:F6:E9:D7:E5:80:A5:6C:C7:88:0F:05:E1:FB:D3:D9:63
Certificate issuer: /CN=9a5e76f929d21b586f42e30f7d9b00399b3dcbf0
Certificate serial: 01943D9281217E2DD3AFAD1DA966633625A6
Authority key identifier: 9A:5E:76:F9:29:D2:1B:58:6F:42:E3:0F:7D:9B:00:39:9B:3D:CB:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ml52-SnSG1hvQuMPfZsAOZs9y_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/6pm2Sfbp1-WApWzHiA8F4fvT2WM.roa
Signing time: Mon 06 Jan 2025 21:43:18 +0000
ROA not before: Mon 06 Jan 2025 21:43:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 194.54.180.0/24 maxlen: 24
194.54.181.0/24 maxlen: 24
194.54.182.0/24 maxlen: 24
194.54.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 10:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3d:92:81:21:7e:2d:d3:af:ad:1d:a9:66:63:36:25:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a5e76f929d21b586f42e30f7d9b00399b3dcbf0
Validity
Not Before: Jan 6 21:43:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea99b649f6e9d7e580a56cc7880f05e1fbd3d963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b7:08:51:12:c2:11:97:86:6d:a7:e1:e7:e6:
76:46:33:ba:b0:77:80:91:24:f5:88:fc:86:ef:70:
f8:ca:9b:c2:b9:32:4d:aa:f1:d8:79:24:d4:f8:8c:
4f:5e:55:70:76:a6:e1:fd:ed:bf:77:79:71:c7:5d:
1e:97:d8:07:13:ae:6d:de:53:5c:ff:d0:99:0e:73:
11:20:90:19:6c:c9:b6:6a:0d:b6:4d:30:8d:e8:35:
08:5d:bd:4d:56:3e:14:d4:39:c9:05:b0:69:01:1e:
d8:47:a7:59:70:c5:6e:bd:02:29:cf:34:ad:ae:af:
79:9e:a9:c5:91:ed:75:95:68:0c:6f:ca:16:31:c4:
28:2a:17:cb:09:80:a3:b6:8b:21:7a:02:56:9a:76:
fe:06:9e:98:64:62:74:6c:0f:34:4e:8f:f8:04:37:
cc:ee:79:d5:de:b6:f0:f1:36:7e:26:ea:1e:d6:01:
a7:03:86:4c:bf:b0:b7:15:16:e7:51:d3:54:dd:e1:
8c:28:dc:32:6e:bc:0d:f9:b1:73:9c:e8:64:82:99:
fd:bc:83:ba:92:56:ee:81:6c:b4:91:23:d1:c1:77:
d0:2c:89:50:e8:cd:31:ad:49:56:4b:3e:ca:f4:8a:
7d:ad:75:52:2e:dc:4b:e3:4a:f1:2a:8e:68:66:87:
bf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:99:B6:49:F6:E9:D7:E5:80:A5:6C:C7:88:0F:05:E1:FB:D3:D9:63
X509v3 Authority Key Identifier:
keyid:9A:5E:76:F9:29:D2:1B:58:6F:42:E3:0F:7D:9B:00:39:9B:3D:CB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ml52-SnSG1hvQuMPfZsAOZs9y_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/6pm2Sfbp1-WApWzHiA8F4fvT2WM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/ml52-SnSG1hvQuMPfZsAOZs9y_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.54.180.0/22
Signature Algorithm: sha256WithRSAEncryption
98:9b:3e:73:34:e7:98:a5:46:06:58:ca:b6:c5:12:02:23:d6:
22:77:cf:a9:ed:ba:93:fc:00:21:2e:90:1a:3d:48:2a:9e:5e:
d6:e4:18:3d:ee:16:d8:56:3b:ca:4b:a6:54:04:b9:47:fb:27:
12:c0:aa:ed:7d:9b:29:d1:d0:46:3c:e2:49:ed:39:0a:fd:22:
1a:8f:a9:66:5f:4b:07:5d:01:34:6d:fe:c2:01:d1:f0:60:9c:
20:c9:2f:45:6d:a3:9c:6e:6c:26:33:1b:68:81:fc:b9:62:ce:
ea:7c:bc:36:c8:92:d2:61:a3:90:78:b0:14:9c:8d:89:0f:a8:
10:50:35:66:c1:ff:e5:b5:e9:f2:0c:fd:75:55:cf:d6:78:11:
0a:44:54:23:fd:ef:93:51:9d:b6:72:c1:08:e9:da:cf:29:b3:
df:d1:52:13:e1:19:61:8e:74:c7:32:1d:e4:2d:0c:c2:47:71:
bf:59:f7:bc:fb:ef:dc:84:06:6f:3b:54:5f:ec:93:ac:f7:f1:
a6:3f:d3:95:ba:0f:7f:37:de:72:1a:6a:f1:ed:91:19:0f:85:
ac:9e:73:3f:73:74:cf:39:15:d0:82:99:2d:29:e9:5d:50:24:
64:dc:97:81:80:73:ed:3b:7f:54:55:d7:a2:a8:a5:b5:6c:92:
3f:a0:38:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ9koEhfi3Tr60dqWZjNiWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNWU3NmY5MjlkMjFiNTg2ZjQyZTMwZjdkOWIwMDM5OWIz
ZGNiZjAwHhcNMjUwMTA2MjE0MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTk5YjY0OWY2ZTlkN2U1ODBhNTZjYzc4ODBmMDVlMWZiZDNkOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7cIURLCEZeGbafh5+Z2RjO6sHeA
kST1iPyG73D4ypvCuTJNqvHYeSTU+IxPXlVwdqbh/e2/d3lxx10el9gHE65t3lNc
/9CZDnMRIJAZbMm2ag22TTCN6DUIXb1NVj4U1DnJBbBpAR7YR6dZcMVuvQIpzzSt
rq95nqnFke11lWgMb8oWMcQoKhfLCYCjtoshegJWmnb+Bp6YZGJ0bA80To/4BDfM
7nnV3rbw8TZ+Juoe1gGnA4ZMv7C3FRbnUdNU3eGMKNwybrwN+bFznOhkgpn9vIO6
klbugWy0kSPRwXfQLIlQ6M0xrUlWSz7K9Ip9rXVSLtxL40rxKo5oZoe/0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOqZtkn26dflgKVsx4gPBeH709ljMB8GA1UdIwQY
MBaAFJpedvkp0htYb0LjD32bADmbPcvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWw1Mi1TblNHMWh2UXVNUGZac0FPWnM5eV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS83NjdkNmQtMzZjOC00MDNiLTgxYjAt
YjRhYWEyM2ZkYWE5LzEvNnBtMlNmYnAxLVdBcFd6SGlBOEY0ZnZUMldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS83NjdkNmQtMzZjOC00MDNiLTgxYjAtYjRhYWEyM2ZkYWE5
LzEvbWw1Mi1TblNHMWh2UXVNUGZac0FPWnM5eV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwja0MA0G
CSqGSIb3DQEBCwUAA4IBAQCYmz5zNOeYpUYGWMq2xRICI9Yid8+p7bqT/AAhLpAa
PUgqnl7W5Bg97hbYVjvKS6ZUBLlH+ycSwKrtfZsp0dBGPOJJ7TkK/SIaj6lmX0sH
XQE0bf7CAdHwYJwgyS9FbaOcbmwmMxtogfy5Ys7qfLw2yJLSYaOQeLAUnI2JD6gQ
UDVmwf/ltenyDP11Vc/WeBEKRFQj/e+TUZ22csEI6drPKbPf0VIT4RlhjnTHMh3k
LQzCR3G/Wfe8++/chAZvO1Rf7JOs9/GmP9OVug9/N95yGmrx7ZEZD4WsnnM/c3TP
ORXQgpktKeldUCRk3JeBgHPtO39UVdeiqKW1bJI/oDgP
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:49:09 2025 by rpki-client