Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/sXO7MLV4YbkXKsWXhqyTvpxKyRY.roa
File: sXO7MLV4YbkXKsWXhqyTvpxKyRY.roa (raw, json)
Hash identifier: bdwreCY/j0eE23EIls/FPHMFCiNfR/JM3/z6ZHDBlyo=
Subject key identifier: B1:73:BB:30:B5:78:61:B9:17:2A:C5:97:86:AC:93:BE:9C:4A:C9:16
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0194E3F4385E3A4A6CCCF58FA37C1FFBE570
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/sXO7MLV4YbkXKsWXhqyTvpxKyRY.roa
Signing time: Sat 08 Feb 2025 05:07:00 +0000
ROA not before: Sat 08 Feb 2025 05:07:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 178.22.26.0/24 maxlen: 24
193.17.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 15:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e3:f4:38:5e:3a:4a:6c:cc:f5:8f:a3:7c:1f:fb:e5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Feb 8 05:07:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b173bb30b57861b9172ac59786ac93be9c4ac916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6f:1d:4e:a8:69:11:c9:2a:dd:77:1c:c2:fe:
ad:4c:cc:dc:3b:98:cf:bb:94:69:ba:46:b0:1e:95:
92:23:4a:c0:1c:98:6f:bb:fa:4f:80:5b:4a:42:85:
f3:96:5a:c8:75:63:5b:c5:09:76:3f:22:dd:47:8c:
29:94:ce:1a:ae:ff:f8:5f:28:99:9d:62:e3:63:6c:
cf:15:0e:01:2d:ac:b9:fc:4c:bc:8a:f5:33:4f:c0:
a7:7a:7b:1a:12:ce:18:08:16:07:8b:13:77:41:e8:
49:1a:54:c8:0b:eb:9f:e5:33:08:6c:7f:3c:57:5d:
bf:47:d9:c8:2a:25:4b:2a:34:02:d3:8c:6a:70:ff:
a6:b1:71:7b:23:f0:e4:16:a2:1b:58:6b:44:a2:7f:
09:cf:ff:d1:e6:b8:4c:d1:d5:53:99:f1:be:11:60:
04:22:91:29:3e:7a:91:f5:91:55:b4:39:82:6e:1c:
e5:7a:19:5e:a1:34:98:de:b7:d7:7f:55:ff:e8:05:
22:18:cc:f0:f6:72:69:fe:3e:7e:fc:52:d2:4f:60:
c6:a5:cf:8f:09:d8:c8:7c:40:f8:38:a6:22:01:3c:
4a:26:47:07:8d:13:4b:bf:21:95:5a:7f:17:1e:6b:
18:54:75:48:89:06:08:ab:1d:8c:97:03:82:78:c8:
0e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:73:BB:30:B5:78:61:B9:17:2A:C5:97:86:AC:93:BE:9C:4A:C9:16
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/sXO7MLV4YbkXKsWXhqyTvpxKyRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.26.0/24
193.17.91.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:6a:19:25:65:d1:bd:66:6a:fb:88:b7:92:5b:e5:94:7f:15:
bf:ac:a9:f8:30:39:3d:25:ca:54:7c:a4:16:b0:a9:de:1b:98:
e2:79:d1:f0:1a:b8:2a:2f:63:06:85:58:05:7f:31:b5:f2:74:
26:5f:cb:73:01:bd:3e:09:67:98:d3:1b:0a:7f:21:30:f3:9c:
c6:b6:a6:57:35:83:9e:35:95:39:10:4a:10:bf:7e:7c:81:45:
04:a4:dd:9d:8a:a7:7a:a1:14:3d:1c:93:82:12:cd:f5:54:74:
61:32:59:c0:82:4e:52:31:a0:78:95:4d:c1:d5:c2:e4:b6:d4:
c2:9e:4f:b4:87:84:79:57:1c:a8:f9:fa:51:e8:3e:57:fa:d0:
5d:32:8c:4b:75:1c:7d:56:0e:e6:46:c1:f8:be:fe:f3:6f:db:
51:cd:96:e0:9e:c4:ed:c1:3b:f3:e0:e0:75:3f:a7:27:49:8f:
75:a1:59:f8:b7:2e:c0:8f:db:21:6c:a7:b6:59:b3:d7:95:9c:
b4:f9:13:4d:5c:a7:a1:5b:3a:a7:31:5d:ac:3a:b1:2c:7a:13:
d7:b7:de:ef:54:87:4f:b4:28:2b:b1:78:e6:16:93:4c:4c:38:
f3:67:ea:51:36:1c:9b:e1:da:99:91:b7:2d:ac:d7:9c:24:64:
02:36:63:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTj9DheOkpszPWPo3wf++VwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMjA4MDUwNzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTczYmIzMGI1Nzg2MWI5MTcyYWM1OTc4NmFjOTNiZTljNGFjOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG8dTqhpEckq3Xccwv6tTMzcO5jP
u5RpukawHpWSI0rAHJhvu/pPgFtKQoXzllrIdWNbxQl2PyLdR4wplM4arv/4XyiZ
nWLjY2zPFQ4BLay5/Ey8ivUzT8CnensaEs4YCBYHixN3QehJGlTIC+uf5TMIbH88
V12/R9nIKiVLKjQC04xqcP+msXF7I/DkFqIbWGtEon8Jz//R5rhM0dVTmfG+EWAE
IpEpPnqR9ZFVtDmCbhzlehleoTSY3rfXf1X/6AUiGMzw9nJp/j5+/FLST2DGpc+P
CdjIfED4OKYiATxKJkcHjRNLvyGVWn8XHmsYVHVIiQYIqx2MlwOCeMgO4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLFzuzC1eGG5FyrFl4ask76cSskWMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvc1hPN01MVjRZYmtYS3NXWGhxeVR2cHhLeVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAshYaAwQA
wRFbMA0GCSqGSIb3DQEBCwUAA4IBAQCMahklZdG9Zmr7iLeSW+WUfxW/rKn4MDk9
JcpUfKQWsKneG5jiedHwGrgqL2MGhVgFfzG18nQmX8tzAb0+CWeY0xsKfyEw85zG
tqZXNYOeNZU5EEoQv358gUUEpN2diqd6oRQ9HJOCEs31VHRhMlnAgk5SMaB4lU3B
1cLkttTCnk+0h4R5Vxyo+fpR6D5X+tBdMoxLdRx9Vg7mRsH4vv7zb9tRzZbgnsTt
wTvz4OB1P6cnSY91oVn4ty7Aj9shbKe2WbPXlZy0+RNNXKehWzqnMV2sOrEsehPX
t97vVIdPtCgrsXjmFpNMTDjzZ+pRNhyb4dqZkbctrNecJGQCNmPS
-----END CERTIFICATE-----
Generated at Sun Apr 27 16:35:58 2025 by rpki-client