Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/5XhlMZbB2uU7-uKZoSHsVwRgf9g.roa
File: 5XhlMZbB2uU7-uKZoSHsVwRgf9g.roa (raw, json)
Hash identifier: w/CXCqlSYxY96z6eFUtH8cAc4enxs3j+OsllAx0YgzM=
Subject key identifier: E5:78:65:31:96:C1:DA:E5:3B:FA:E2:99:A1:21:EC:57:04:60:7F:D8
Certificate issuer: /CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Certificate serial: 0194206834682BEFDC1AC56F7308C409745C
Authority key identifier: C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/5XhlMZbB2uU7-uKZoSHsVwRgf9g.roa
Signing time: Wed 01 Jan 2025 05:48:07 +0000
ROA not before: Wed 01 Jan 2025 05:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21215
IP address blocks: 185.81.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 03 Jan 2025 12:05:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:34:68:2b:ef:dc:1a:c5:6f:73:08:c4:09:74:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6d18653fbfb6fd5732dc940c1d65d77ab0bbfa3
Validity
Not Before: Jan 1 05:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e578653196c1dae53bfae299a121ec5704607fd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4f:d6:2c:bf:52:1e:d4:45:c7:37:0a:a6:0a:
20:87:ae:ba:b4:13:99:17:42:68:e9:bd:ec:4e:fe:
6b:c5:ac:d8:fc:a4:2c:72:91:5e:a3:ec:4f:3e:32:
b1:c5:ff:e1:78:61:76:e5:ea:4e:26:39:0e:c9:69:
c2:d7:76:78:d2:51:b8:38:a2:fd:74:ab:db:1d:59:
0e:04:61:0b:e2:82:78:ef:c6:ba:51:74:63:e4:e3:
93:d1:b9:04:38:a0:db:58:0a:e4:a2:25:2c:98:3f:
36:58:5a:0e:46:84:08:12:92:ff:19:b6:c3:d8:14:
df:32:1f:c3:55:15:4b:46:98:e6:96:d6:1b:a1:ec:
2c:af:29:56:0d:ff:11:f8:b8:7b:78:8b:7e:31:f8:
bd:4f:b3:bd:ba:af:25:18:7d:7f:6d:20:d1:a0:e1:
53:05:df:49:74:dd:2c:0c:bf:38:86:e5:f3:b8:e4:
71:bb:c4:84:40:f8:2e:3b:a9:2c:63:e6:27:87:cc:
ae:dd:54:74:b3:7b:8f:c1:aa:b6:dc:87:e2:cd:b3:
da:bc:16:3e:6e:3a:52:e6:2b:03:fe:c9:c3:13:ff:
6f:63:f5:83:b5:8b:3e:39:22:f0:66:96:17:88:21:
e2:4f:2f:a2:bc:61:36:de:f5:47:4c:f4:d7:dd:20:
f5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:78:65:31:96:C1:DA:E5:3B:FA:E2:99:A1:21:EC:57:04:60:7F:D8
X509v3 Authority Key Identifier:
keyid:C6:D1:86:53:FB:FB:6F:D5:73:2D:C9:40:C1:D6:5D:77:AB:0B:BF:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xtGGU_v7b9VzLclAwdZdd6sLv6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/5XhlMZbB2uU7-uKZoSHsVwRgf9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8d6943-ca75-4372-b77f-5c6502bffa1f/1/xtGGU_v7b9VzLclAwdZdd6sLv6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.60.0/22
Signature Algorithm: sha256WithRSAEncryption
66:fd:c5:12:f5:3f:2c:9c:57:25:e0:8b:6c:61:ac:85:9d:9d:
8a:36:3a:15:b0:b0:59:c6:eb:a9:1c:63:f6:2f:db:30:af:85:
00:45:04:61:34:72:f4:04:c1:75:37:13:59:94:3a:10:75:12:
ec:f4:6f:58:c0:1d:09:a3:55:cb:3f:3f:cc:07:91:02:97:35:
8f:6c:a7:a7:e7:31:67:a4:35:81:e6:d7:97:83:ac:85:66:fe:
f8:10:99:56:6e:52:a0:76:e3:09:f3:2b:78:d5:9e:7c:06:19:
83:b1:dd:60:05:5d:19:ae:c2:ce:7f:38:30:29:0e:b4:ec:18:
27:da:f0:e9:e8:79:62:f4:89:a6:62:c4:7c:02:85:d1:59:77:
29:ea:eb:5a:65:0e:97:86:7a:76:37:eb:a1:0b:7f:06:4f:3e:
5b:1d:5d:08:55:13:1e:5e:d7:23:36:8e:ba:8d:2f:db:0f:27:
0e:af:0c:91:1a:ea:16:a0:e0:f0:00:e7:d0:9c:c5:3b:1e:7e:
01:df:59:1f:0d:ec:7c:72:22:be:e1:8e:40:33:ef:e3:c5:56:
f4:93:e2:57:5c:d9:42:46:da:93:49:16:1b:bd:20:31:43:39:
0f:e8:4d:a7:fe:9b:5d:7b:2c:ec:53:df:27:39:4c:13:94:18:
97:f1:78:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaDRoK+/cGsVvcwjECXRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZDE4NjUzZmJmYjZmZDU3MzJkYzk0MGMxZDY1ZDc3YWIw
YmJmYTMwHhcNMjUwMTAxMDU0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTc4NjUzMTk2YzFkYWU1M2JmYWUyOTlhMTIxZWM1NzA0NjA3ZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE/WLL9SHtRFxzcKpgogh666tBOZ
F0Jo6b3sTv5rxazY/KQscpFeo+xPPjKxxf/heGF25epOJjkOyWnC13Z40lG4OKL9
dKvbHVkOBGEL4oJ478a6UXRj5OOT0bkEOKDbWArkoiUsmD82WFoORoQIEpL/GbbD
2BTfMh/DVRVLRpjmltYboewsrylWDf8R+Lh7eIt+Mfi9T7O9uq8lGH1/bSDRoOFT
Bd9JdN0sDL84huXzuORxu8SEQPguO6ksY+Ynh8yu3VR0s3uPwaq23IfizbPavBY+
bjpS5isD/snDE/9vY/WDtYs+OSLwZpYXiCHiTy+ivGE23vVHTPTX3SD1jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOV4ZTGWwdrlO/rimaEh7FcEYH/YMB8GA1UdIwQY
MBaAFMbRhlP7+2/Vcy3JQMHWXXerC7+jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2Yt
NWM2NTAyYmZmYTFmLzEvNVhobE1aYkIydVU3LXVLWm9TSHNWd1JnZjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZDY5NDMtY2E3NS00MzcyLWI3N2YtNWM2NTAyYmZmYTFm
LzEveHRHR1VfdjdiOVZ6TGNsQXdkWmRkNnNMdjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVE8MA0G
CSqGSIb3DQEBCwUAA4IBAQBm/cUS9T8snFcl4ItsYayFnZ2KNjoVsLBZxuupHGP2
L9swr4UARQRhNHL0BMF1NxNZlDoQdRLs9G9YwB0Jo1XLPz/MB5EClzWPbKen5zFn
pDWB5teXg6yFZv74EJlWblKgduMJ8yt41Z58BhmDsd1gBV0ZrsLOfzgwKQ607Bgn
2vDp6Hli9ImmYsR8AoXRWXcp6utaZQ6Xhnp2N+uhC38GTz5bHV0IVRMeXtcjNo66
jS/bDycOrwyRGuoWoODwAOfQnMU7Hn4B31kfDex8ciK+4Y5AM+/jxVb0k+JXXNlC
RtqTSRYbvSAxQzkP6E2n/ptdeyzsU98nOUwTlBiX8Xjo
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:23:14 2025 by rpki-client