Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xr-7MtWgggscTUESwyDhLc3V80U.roa
File: Xr-7MtWgggscTUESwyDhLc3V80U.roa (raw, json)
Hash identifier: u3oTXG1PseieVqCPOYFz4lhUYFLqdfT4LR6ZuKbkZxM=
Subject key identifier: 5E:BF:BB:32:D5:A0:82:0B:1C:4D:41:12:C3:20:E1:2D:CD:D5:F3:45
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019325E4788E4198A0A2BE5CAB6F50A5C11A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xr-7MtWgggscTUESwyDhLc3V80U.roa
Signing time: Wed 13 Nov 2024 14:19:10 +0000
ROA not before: Wed 13 Nov 2024 14:19:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42708
IP address blocks: 192.121.153.0/24 maxlen: 24
192.165.76.0/24 maxlen: 24
193.180.200.0/24 maxlen: 24
194.14.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 14:57:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:e4:78:8e:41:98:a0:a2:be:5c:ab:6f:50:a5:c1:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 13 14:19:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ebfbb32d5a0820b1c4d4112c320e12dcdd5f345
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d1:8c:73:2b:3b:1b:94:55:cc:df:cc:57:f4:
bb:35:af:0f:4e:bf:13:0a:cd:05:4b:a6:62:9f:65:
cd:ae:39:89:90:a6:f2:ff:ee:d0:8a:0a:8d:94:b0:
94:33:f0:d2:7d:96:ac:c2:e3:1f:73:53:aa:c9:a1:
5c:30:7f:37:2c:6e:e3:42:94:75:85:0e:b1:c7:c6:
80:60:aa:7c:8b:27:1a:9d:d2:fd:88:54:2f:40:9d:
71:54:a4:98:d2:a9:e7:c0:22:69:dc:e8:07:f2:f2:
ac:11:fc:53:1b:da:1f:e9:b0:fc:b3:36:67:b4:2e:
dc:08:b3:e1:54:3d:ae:23:24:14:18:a8:db:3a:ce:
bf:b6:b0:17:c7:c6:cf:63:42:4f:82:66:42:78:95:
c7:92:63:ca:a0:1c:0b:28:8c:6c:f3:7a:28:75:1e:
ba:49:11:b1:67:a2:ad:87:44:65:0d:0d:36:9f:30:
04:fb:5a:4b:41:f4:20:c1:08:b8:44:61:26:cf:b0:
11:c3:e6:17:80:ff:e4:64:5e:ae:27:7e:d3:7d:51:
15:20:f5:67:95:38:7a:3f:b3:9c:8b:7f:25:33:c0:
11:e7:b4:97:ef:5a:67:f2:0f:b3:45:0f:14:6d:35:
a8:7f:9c:13:dc:d1:c2:96:81:4f:a4:11:51:85:e2:
04:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BF:BB:32:D5:A0:82:0B:1C:4D:41:12:C3:20:E1:2D:CD:D5:F3:45
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xr-7MtWgggscTUESwyDhLc3V80U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.153.0/24
192.165.76.0/24
193.180.200.0/24
194.14.177.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:65:b4:10:eb:f8:61:8a:f7:41:09:0d:13:68:9a:b8:67:bc:
ba:8c:4c:16:98:e9:17:0d:b4:92:5a:5d:70:e7:4a:ad:61:1a:
ec:c4:1b:b7:0e:c9:b1:cb:6d:68:a1:78:26:bc:ae:b1:eb:b6:
ab:40:8c:0e:55:06:98:3d:0b:f2:38:04:11:de:8e:15:a9:5c:
d0:dc:95:95:b4:41:17:7c:15:60:bd:6e:34:98:5e:0c:91:04:
4f:43:27:14:06:22:5e:8b:b4:7c:ad:1b:95:2b:4c:d2:62:0f:
17:6e:02:00:42:6c:ba:de:65:d8:63:4c:36:bb:73:e0:50:b3:
9a:da:c3:90:90:d6:84:95:fa:03:c7:f3:d0:0b:67:ea:90:8c:
01:cb:6c:61:f6:60:62:fd:88:d1:60:d7:84:18:13:34:21:a4:
41:12:c2:bc:c8:5e:17:4a:00:91:00:50:07:e1:26:a3:0f:f1:
97:c0:20:7d:0f:86:d6:bd:f1:67:d5:a1:fe:95:7d:82:fd:95:
fc:90:0a:1c:c4:27:15:58:38:df:6c:1f:ed:d9:06:ff:db:54:
55:2e:8c:66:88:4a:dd:49:b2:10:f0:ae:37:db:7a:9e:5a:35:
a3:c0:47:63:22:39:cf:52:80:18:75:90:da:c7:46:fb:7a:dd:
9e:35:8e:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMl5HiOQZigor5cq29QpcEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMTEzMTQxOTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWJmYmIzMmQ1YTA4MjBiMWM0ZDQxMTJjMzIwZTEyZGNkZDVmMzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NGMcys7G5RVzN/MV/S7Na8PTr8T
Cs0FS6Zin2XNrjmJkKby/+7QigqNlLCUM/DSfZaswuMfc1OqyaFcMH83LG7jQpR1
hQ6xx8aAYKp8iycandL9iFQvQJ1xVKSY0qnnwCJp3OgH8vKsEfxTG9of6bD8szZn
tC7cCLPhVD2uIyQUGKjbOs6/trAXx8bPY0JPgmZCeJXHkmPKoBwLKIxs83oodR66
SRGxZ6Kth0RlDQ02nzAE+1pLQfQgwQi4RGEmz7ARw+YXgP/kZF6uJ37TfVEVIPVn
lTh6P7Oci38lM8AR57SX71pn8g+zRQ8UbTWof5wT3NHCloFPpBFRheIEhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF6/uzLVoIILHE1BEsMg4S3N1fNFMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWHItN010V2dnZ3NjVFVFU3d5RGhMYzNWODBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwHmZAwQA
wKVMAwQAwbTIAwQAwg6xMA0GCSqGSIb3DQEBCwUAA4IBAQCkZbQQ6/hhivdBCQ0T
aJq4Z7y6jEwWmOkXDbSSWl1w50qtYRrsxBu3Dsmxy21ooXgmvK6x67arQIwOVQaY
PQvyOAQR3o4VqVzQ3JWVtEEXfBVgvW40mF4MkQRPQycUBiJei7R8rRuVK0zSYg8X
bgIAQmy63mXYY0w2u3PgULOa2sOQkNaElfoDx/PQC2fqkIwBy2xh9mBi/YjRYNeE
GBM0IaRBEsK8yF4XSgCRAFAH4SajD/GXwCB9D4bWvfFn1aH+lX2C/ZX8kAocxCcV
WDjfbB/t2Qb/21RVLoxmiErdSbIQ8K4323qeWjWjwEdjIjnPUoAYdZDax0b7et2e
NY5R
-----END CERTIFICATE-----
Generated at Sat May 17 16:44:20 2025 by rpki-client