Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/136b43-3b76-4b17-a366-84b7f688ba30/1/Xe4wvL4BCLrqOELlGqO8cRVsJEU.roa
File: Xe4wvL4BCLrqOELlGqO8cRVsJEU.roa (raw, json)
Hash identifier: 7Z+BgZpjrK/ubdNUAR2QNcO6Q0h2ZY+JaEyFF5R+zuQ=
Subject key identifier: 5D:EE:30:BC:BE:01:08:BA:EA:38:42:E5:1A:A3:BC:71:15:6C:24:45
Certificate issuer: /CN=7551b02d55d3505fb9f9719fbd0b52316ff6c103
Certificate serial: 018CC2DAD3906EF35B23868A0AD0677BB23C
Authority key identifier: 75:51:B0:2D:55:D3:50:5F:B9:F9:71:9F:BD:0B:52:31:6F:F6:C1:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dVGwLVXTUF-5-XGfvQtSMW_2wQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/136b43-3b76-4b17-a366-84b7f688ba30/1/Xe4wvL4BCLrqOELlGqO8cRVsJEU.roa
Signing time: Mon 01 Jan 2024 02:29:29 +0000
ROA not before: Mon 01 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204642
IP address blocks: 185.244.124.0/24 maxlen: 24
185.244.124.0/22 maxlen: 22
185.244.125.0/24 maxlen: 24
185.244.126.0/24 maxlen: 24
185.244.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d3:90:6e:f3:5b:23:86:8a:0a:d0:67:7b:b2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7551b02d55d3505fb9f9719fbd0b52316ff6c103
Validity
Not Before: Jan 1 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dee30bcbe0108baea3842e51aa3bc71156c2445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c8:32:4e:e7:d4:dc:d2:e5:92:70:9f:cb:04:
ab:e4:b6:46:f9:8d:c2:18:d2:02:a0:7e:1a:ca:43:
1e:a1:fb:7f:d3:59:89:3d:28:df:a5:cd:2f:14:b5:
47:fb:2a:eb:59:4e:1a:f0:fd:68:8e:dc:dc:38:82:
45:f9:80:60:f1:25:3b:c5:94:f9:2f:56:40:f8:3b:
b8:ec:e1:13:2f:bd:9d:67:f7:b6:60:02:0b:a2:bd:
5d:f1:62:b0:8c:54:e0:97:6a:d6:35:b0:a5:33:3f:
7a:6e:da:e6:72:e3:e3:ae:ee:fd:99:1d:e9:83:d2:
ea:56:bd:c6:fe:06:d3:f0:1f:59:da:2c:02:96:b7:
7e:03:1a:87:33:de:7b:0c:b6:94:30:94:2b:c7:44:
11:20:ac:16:74:31:b4:48:70:b5:15:e5:06:8f:5a:
15:12:f2:09:b0:63:65:2b:53:9e:98:b0:77:29:dc:
60:e9:1e:cf:46:a6:1d:89:87:5c:5c:13:8c:16:44:
34:a5:49:d6:af:ef:f4:48:78:99:4f:70:a1:fa:1e:
08:08:6c:c6:64:4c:2d:d0:f5:fe:21:f2:06:a4:7e:
31:01:66:59:f6:92:f7:22:07:a7:b2:ba:3d:ee:8d:
ff:30:d6:aa:64:c6:83:63:0d:ba:43:ff:59:53:ba:
01:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EE:30:BC:BE:01:08:BA:EA:38:42:E5:1A:A3:BC:71:15:6C:24:45
X509v3 Authority Key Identifier:
keyid:75:51:B0:2D:55:D3:50:5F:B9:F9:71:9F:BD:0B:52:31:6F:F6:C1:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVGwLVXTUF-5-XGfvQtSMW_2wQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/136b43-3b76-4b17-a366-84b7f688ba30/1/Xe4wvL4BCLrqOELlGqO8cRVsJEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/136b43-3b76-4b17-a366-84b7f688ba30/1/dVGwLVXTUF-5-XGfvQtSMW_2wQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.124.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:9d:ba:61:98:df:d0:78:22:8c:ff:9b:83:53:0f:ff:fb:65:
2e:44:51:1a:78:8c:44:c8:19:6a:ca:03:da:01:1c:60:1c:92:
d7:ad:c1:b6:0b:02:f1:b9:28:bb:02:18:e5:03:2d:e5:fe:b9:
43:1d:81:e3:2d:85:c8:4d:11:e9:e2:6a:67:54:29:d4:7b:ef:
85:74:18:36:8b:23:ac:f4:66:43:b2:5b:41:3f:a7:05:77:b0:
37:28:05:23:12:40:c6:40:9e:e7:92:8d:31:b1:7a:d4:a4:ae:
9a:61:1d:0d:a5:f9:c2:f6:e9:32:ec:ec:b7:e6:73:ed:2e:b8:
ed:05:3c:19:3b:63:ca:7d:77:78:1e:a9:e6:14:09:a9:d6:64:
93:f4:f0:e5:6a:c9:99:69:65:31:69:5c:55:eb:4a:ad:72:9e:
bf:9d:f1:35:6d:0c:0b:d0:ba:c0:88:d1:6f:aa:2e:ba:83:a8:
4c:a5:a3:d4:e2:a5:b5:28:73:35:0e:a5:7a:38:e6:96:62:90:
5f:e9:20:0a:f5:4b:6f:2f:ae:1b:24:c9:27:0d:ab:1f:35:6c:
85:7e:2c:e1:24:00:62:d1:40:5d:2e:85:8b:b9:e8:ec:f9:2c:
2d:f4:96:71:83:20:32:cd:3e:c3:1e:87:b6:e8:3b:32:38:c9:
a7:51:4b:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2tOQbvNbI4aKCtBne7I8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NTFiMDJkNTVkMzUwNWZiOWY5NzE5ZmJkMGI1MjMxNmZm
NmMxMDMwHhcNMjQwMTAxMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGVlMzBiY2JlMDEwOGJhZWEzODQyZTUxYWEzYmM3MTE1NmMyNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsgyTufU3NLlknCfywSr5LZG+Y3C
GNICoH4aykMeoft/01mJPSjfpc0vFLVH+yrrWU4a8P1ojtzcOIJF+YBg8SU7xZT5
L1ZA+Du47OETL72dZ/e2YAILor1d8WKwjFTgl2rWNbClMz96btrmcuPjru79mR3p
g9LqVr3G/gbT8B9Z2iwClrd+AxqHM957DLaUMJQrx0QRIKwWdDG0SHC1FeUGj1oV
EvIJsGNlK1OemLB3Kdxg6R7PRqYdiYdcXBOMFkQ0pUnWr+/0SHiZT3Ch+h4ICGzG
ZEwt0PX+IfIGpH4xAWZZ9pL3Igensro97o3/MNaqZMaDYw26Q/9ZU7oBZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3uMLy+AQi66jhC5RqjvHEVbCRFMB8GA1UdIwQY
MBaAFHVRsC1V01Bfuflxn70LUjFv9sEDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFZHd0xWWFRVRi01LVhHZnZRdFNNV18yd1FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xMzZiNDMtM2I3Ni00YjE3LWEzNjYt
ODRiN2Y2ODhiYTMwLzEvWGU0d3ZMNEJDTHJxT0VMbEdxTzhjUlZzSkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xMzZiNDMtM2I3Ni00YjE3LWEzNjYtODRiN2Y2ODhiYTMw
LzEvZFZHd0xWWFRVRi01LVhHZnZRdFNNV18yd1FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufR8MA0G
CSqGSIb3DQEBCwUAA4IBAQCqnbphmN/QeCKM/5uDUw//+2UuRFEaeIxEyBlqygPa
ARxgHJLXrcG2CwLxuSi7AhjlAy3l/rlDHYHjLYXITRHp4mpnVCnUe++FdBg2iyOs
9GZDsltBP6cFd7A3KAUjEkDGQJ7nko0xsXrUpK6aYR0NpfnC9uky7Oy35nPtLrjt
BTwZO2PKfXd4HqnmFAmp1mST9PDlasmZaWUxaVxV60qtcp6/nfE1bQwL0LrAiNFv
qi66g6hMpaPU4qW1KHM1DqV6OOaWYpBf6SAK9UtvL64bJMknDasfNWyFfizhJABi
0UBdLoWLuejs+Swt9JZxgyAyzT7DHoe26DsyOMmnUUs2
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:59:57 2025 by rpki-client