Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/xGnFRzveAi6zfLKWD9cZsFrlG1g.roa
File: xGnFRzveAi6zfLKWD9cZsFrlG1g.roa (raw, json)
Hash identifier: E2oPtsKAqI6WshjcMy9vc6tj2OQid+X9SpHgDfIYgaA=
Subject key identifier: C4:69:C5:47:3B:DE:02:2E:B3:7C:B2:96:0F:D7:19:B0:5A:E5:1B:58
Certificate issuer: /CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Certificate serial: 0192514721386237E8CF7C39D7B990DFA546
Authority key identifier: 41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/xGnFRzveAi6zfLKWD9cZsFrlG1g.roa
Signing time: Thu 03 Oct 2024 07:27:48 +0000
ROA not before: Thu 03 Oct 2024 07:27:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 192.109.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:47:21:38:62:37:e8:cf:7c:39:d7:b9:90:df:a5:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41f5a10e4fd2655adbbb40ede18b2615ac558ea9
Validity
Not Before: Oct 3 07:27:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c469c5473bde022eb37cb2960fd719b05ae51b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e0:37:8a:d7:4c:11:f0:bc:0c:4a:9b:41:38:
d2:52:5c:ba:32:bf:ac:36:84:64:bb:4b:32:f3:31:
2a:a9:d7:16:3f:29:63:e3:b9:80:c2:80:26:bf:dd:
8c:3d:70:16:3f:b4:93:10:f2:ea:f2:12:46:19:cf:
02:cb:b8:05:38:20:0b:7c:cd:cc:46:9d:cf:10:8f:
d3:ec:25:e5:6b:45:bb:f7:2c:ac:16:1d:60:52:f2:
96:d2:db:8c:0c:ef:ec:51:da:bc:ce:08:6a:f3:fe:
99:5e:b0:b6:82:26:93:c4:01:2e:ea:11:84:9e:e1:
a6:76:df:6d:db:49:4c:fb:9a:31:4c:46:71:87:df:
e0:31:24:b6:39:dc:a7:13:1c:77:9a:29:dc:1b:c3:
3b:42:44:ac:e0:66:c1:81:a8:f6:28:48:8a:c7:66:
37:53:3d:b3:35:2b:07:a6:a6:76:39:46:8a:2a:f7:
09:6d:6d:e7:34:e0:28:90:ff:b3:f8:10:7f:ed:da:
66:cb:a8:36:9b:60:d2:01:79:dc:52:48:03:a6:79:
c6:b8:3b:ae:b3:c3:b6:3b:07:46:b3:47:63:89:90:
2c:af:33:30:f1:4c:ad:bf:a8:1c:24:d4:c7:b0:8c:
7d:b2:79:79:73:22:a9:90:fa:51:aa:a9:b2:fe:c8:
49:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:69:C5:47:3B:DE:02:2E:B3:7C:B2:96:0F:D7:19:B0:5A:E5:1B:58
X509v3 Authority Key Identifier:
keyid:41:F5:A1:0E:4F:D2:65:5A:DB:BB:40:ED:E1:8B:26:15:AC:55:8E:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/xGnFRzveAi6zfLKWD9cZsFrlG1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8d3c82-e403-4da6-b315-8790206f0d74/1/QfWhDk_SZVrbu0Dt4YsmFaxVjqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.139.0/24
Signature Algorithm: sha256WithRSAEncryption
af:87:09:da:52:c8:e6:ec:81:02:53:37:59:c7:31:af:93:dc:
7e:fe:78:68:46:cc:55:bf:a1:ed:bd:a9:3a:1c:50:ee:f9:63:
97:2d:e3:97:0b:fa:88:2e:0f:34:42:c2:b9:c6:2d:a3:56:63:
55:f8:7c:ca:a6:26:fa:19:9d:25:ac:a0:00:c3:a0:db:cc:08:
c3:34:44:ac:d6:03:a2:89:2a:01:06:18:f5:02:07:29:fc:e5:
69:19:10:0d:20:ad:55:7d:39:15:ad:86:9a:4f:39:5b:31:77:
cb:2d:b7:4d:f0:6e:da:a9:cb:2a:5c:7d:56:c0:cc:29:94:2d:
c5:eb:b0:f8:e9:22:f0:ce:ec:34:2c:d8:64:a5:3a:fd:18:43:
c9:89:82:b9:87:37:a0:e3:49:0e:a3:45:0b:18:55:23:04:61:
98:e9:2a:28:5f:1f:18:d6:96:4f:83:f2:7f:fc:bf:8f:51:8b:
fa:37:d9:da:f2:5e:c0:da:31:d0:f6:d7:d4:52:74:eb:c4:4a:
a1:cf:7a:31:72:7e:7a:79:c1:5e:c9:30:a9:57:1a:11:91:25:
e0:2d:d3:0f:ce:c6:33:70:75:af:b5:58:a6:0e:6b:07:40:55:
f9:af:a2:fc:d4:2a:9b:ad:56:af:51:90:45:b6:9e:e4:e0:40:
c4:04:29:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJRRyE4Yjfoz3w517mQ36VGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZjVhMTBlNGZkMjY1NWFkYmJiNDBlZGUxOGIyNjE1YWM1
NThlYTkwHhcNMjQxMDAzMDcyNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDY5YzU0NzNiZGUwMjJlYjM3Y2IyOTYwZmQ3MTliMDVhZTUxYjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eA3itdMEfC8DEqbQTjSUly6Mr+s
NoRku0sy8zEqqdcWPylj47mAwoAmv92MPXAWP7STEPLq8hJGGc8Cy7gFOCALfM3M
Rp3PEI/T7CXla0W79yysFh1gUvKW0tuMDO/sUdq8zghq8/6ZXrC2giaTxAEu6hGE
nuGmdt9t20lM+5oxTEZxh9/gMSS2OdynExx3mincG8M7QkSs4GbBgaj2KEiKx2Y3
Uz2zNSsHpqZ2OUaKKvcJbW3nNOAokP+z+BB/7dpmy6g2m2DSAXncUkgDpnnGuDuu
s8O2OwdGs0djiZAsrzMw8Uytv6gcJNTHsIx9snl5cyKpkPpRqqmy/shJiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRpxUc73gIus3yylg/XGbBa5RtYMB8GA1UdIwQY
MBaAFEH1oQ5P0mVa27tA7eGLJhWsVY6pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUt
ODc5MDIwNmYwZDc0LzEveEduRlJ6dmVBaTZ6ZkxLV0Q5Y1pzRnJsRzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZDNjODItZTQwMy00ZGE2LWIzMTUtODc5MDIwNmYwZDc0
LzEvUWZXaERrX1NaVnJidTBEdDRZc21GYXhWanFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG2LMA0G
CSqGSIb3DQEBCwUAA4IBAQCvhwnaUsjm7IECUzdZxzGvk9x+/nhoRsxVv6Htvak6
HFDu+WOXLeOXC/qILg80QsK5xi2jVmNV+HzKpib6GZ0lrKAAw6DbzAjDNESs1gOi
iSoBBhj1Agcp/OVpGRANIK1VfTkVrYaaTzlbMXfLLbdN8G7aqcsqXH1WwMwplC3F
67D46SLwzuw0LNhkpTr9GEPJiYK5hzeg40kOo0ULGFUjBGGY6SooXx8Y1pZPg/J/
/L+PUYv6N9na8l7A2jHQ9tfUUnTrxEqhz3oxcn56ecFeyTCpVxoRkSXgLdMPzsYz
cHWvtVimDmsHQFX5r6L81CqbrVavUZBFtp7k4EDEBCnA
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:59 2025 by rpki-client