Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/1pxzmjTeLtdT1DEcUEKTz3TWHP0.roa
File: 1pxzmjTeLtdT1DEcUEKTz3TWHP0.roa (raw, json)
Hash identifier: H2BPUFgv+h+wkAUfvoDlaOqYh9bQuuDcsPvqNeqN7nc=
Subject key identifier: D6:9C:73:9A:34:DE:2E:D7:53:D4:31:1C:50:42:93:CF:74:D6:1C:FD
Certificate issuer: /CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf
Certificate serial: 018CC348969375FDBEF6B3CAC77BB650762A
Authority key identifier: 41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/1pxzmjTeLtdT1DEcUEKTz3TWHP0.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56833
IP address blocks: 185.93.200.0/22 maxlen: 22
185.18.36.0/22 maxlen: 22
91.235.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 31 Jul 2024 05:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:96:93:75:fd:be:f6:b3:ca:c7:7b:b6:50:76:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d69c739a34de2ed753d4311c504293cf74d61cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b2:06:b6:dd:f7:a0:10:80:9d:3f:c7:b1:97:
22:fc:4a:bd:8c:13:31:20:1a:19:57:71:68:21:67:
03:79:32:15:84:5c:bb:6f:ee:6f:b0:22:90:13:3d:
38:e7:87:4e:92:03:0f:06:32:df:50:92:d3:b8:8f:
a3:c2:02:a8:22:13:7d:0c:c7:01:a1:72:bc:45:2f:
49:9d:aa:2b:cf:17:24:19:db:fc:8d:40:f2:1b:34:
ab:54:e6:37:b3:a9:21:9c:68:66:09:3f:cd:11:dd:
d1:64:e4:4e:76:d8:e6:ca:61:99:13:7f:6c:45:24:
1c:de:5c:20:90:47:44:19:fc:51:d5:15:7e:ad:46:
52:5d:59:77:3f:ac:2e:bf:ae:f6:cc:34:cf:66:45:
1d:c0:c8:19:6a:10:c5:25:e6:d0:aa:30:58:08:7d:
11:6f:4d:3a:d1:4f:b3:80:dc:b4:96:3c:1e:d1:85:
8f:ec:14:ef:b8:cd:5d:78:61:25:01:28:70:29:68:
fc:9d:15:44:20:d7:70:ba:02:54:ad:14:e8:56:1c:
8d:6d:c6:db:30:61:9d:dc:85:e8:2d:ae:c2:e2:6f:
e6:dc:b8:51:0d:fd:35:5c:99:46:ac:bb:d4:07:dc:
a9:6c:c5:4b:37:0e:ec:0d:17:df:b9:eb:05:06:67:
65:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9C:73:9A:34:DE:2E:D7:53:D4:31:1C:50:42:93:CF:74:D6:1C:FD
X509v3 Authority Key Identifier:
keyid:41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/1pxzmjTeLtdT1DEcUEKTz3TWHP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.8.0/22
185.18.36.0/22
185.93.200.0/22
Signature Algorithm: sha256WithRSAEncryption
84:5a:34:ed:5e:ad:e0:ee:70:eb:4b:96:90:a3:83:28:a0:ab:
51:20:e9:d8:e5:66:60:81:81:37:c2:b9:56:dc:b2:15:1d:46:
87:a3:70:70:76:ed:48:d3:b6:a0:bb:ee:b9:a7:3d:38:9c:24:
ce:63:aa:f3:2e:8d:33:1a:a6:17:e4:27:ef:24:6d:94:c7:b1:
be:01:ab:34:9f:d6:05:c6:ee:90:68:76:a3:02:e9:9c:45:0e:
e5:da:5b:c5:b7:31:be:7b:b4:29:58:c9:24:a7:1b:0d:5c:90:
d8:0e:de:8a:56:91:08:e2:e3:08:de:cb:c0:61:74:c4:9a:e2:
7a:c1:4b:20:6d:6d:90:73:e4:f4:e3:0d:5f:29:f7:b6:3e:83:
b3:c7:bf:f9:76:32:92:f4:f4:da:9a:5c:36:78:e6:a6:c9:d2:
0b:4b:68:bd:c3:fc:f8:88:7b:bc:c2:24:b4:fb:87:c4:4d:4a:
22:1a:49:c6:f4:dd:58:b6:08:cf:73:6b:3e:ed:a7:23:72:25:
5f:1d:71:52:b9:53:54:5a:dd:f4:ab:d8:17:f5:fb:f3:ac:fb:
f9:c9:74:42:76:31:11:46:2b:24:42:59:54:5f:ea:56:d2:af:
e6:f2:f2:6a:96:b4:3a:5f:d5:9a:ba:c9:4d:70:f9:84:6b:3d:
26:36:fa:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSJaTdf2+9rPKx3u2UHYqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNWMxMGY4NGRjMjI5MzdlZjZkMTVlYjcxYmJiNGE1MzA4
MTYyYmYwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjljNzM5YTM0ZGUyZWQ3NTNkNDMxMWM1MDQyOTNjZjc0ZDYxY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLIGtt33oBCAnT/HsZci/Eq9jBMx
IBoZV3FoIWcDeTIVhFy7b+5vsCKQEz0454dOkgMPBjLfUJLTuI+jwgKoIhN9DMcB
oXK8RS9JnaorzxckGdv8jUDyGzSrVOY3s6khnGhmCT/NEd3RZOROdtjmymGZE39s
RSQc3lwgkEdEGfxR1RV+rUZSXVl3P6wuv672zDTPZkUdwMgZahDFJebQqjBYCH0R
b0060U+zgNy0ljwe0YWP7BTvuM1deGElAShwKWj8nRVEINdwugJUrRToVhyNbcbb
MGGd3IXoLa7C4m/m3LhRDf01XJlGrLvUB9ypbMVLNw7sDRffuesFBmdlawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNacc5o03i7XU9QxHFBCk8901hz9MB8GA1UdIwQY
MBaAFEFcEPhNwik3720V63G7tKUwgWK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVZ3US1FM0NLVGZ2YlJYcmNidTBwVENCWXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81YzU3ZTctN2JhOC00YTYyLThkMTUt
YzZiNmZkMTJjZTI3LzEvMXB4em1qVGVMdGRUMURFY1VFS1R6M1RXSFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81YzU3ZTctN2JhOC00YTYyLThkMTUtYzZiNmZkMTJjZTI3
LzEvUVZ3US1FM0NLVGZ2YlJYcmNidTBwVENCWXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+sIAwQC
uRIkAwQCuV3IMA0GCSqGSIb3DQEBCwUAA4IBAQCEWjTtXq3g7nDrS5aQo4MooKtR
IOnY5WZggYE3wrlW3LIVHUaHo3Bwdu1I07agu+65pz04nCTOY6rzLo0zGqYX5Cfv
JG2Ux7G+Aas0n9YFxu6QaHajAumcRQ7l2lvFtzG+e7QpWMkkpxsNXJDYDt6KVpEI
4uMI3svAYXTEmuJ6wUsgbW2Qc+T04w1fKfe2PoOzx7/5djKS9PTamlw2eOamydIL
S2i9w/z4iHu8wiS0+4fETUoiGknG9N1YtgjPc2s+7acjciVfHXFSuVNUWt30q9gX
9fvzrPv5yXRCdjERRiskQllUX+pW0q/m8vJqlrQ6X9WauslNcPmEaz0mNvps
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:00 2025 by rpki-client