Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/X2OUTpbQfsZw-VIkUy7-7rL1GFM.roa
File: X2OUTpbQfsZw-VIkUy7-7rL1GFM.roa (raw, json)
Hash identifier: eakXgaR2/mZNtoxszg3Zo1L0ErbEH4AY5ajuWmbZt3I=
Subject key identifier: 5F:63:94:4E:96:D0:7E:C6:70:F9:52:24:53:2E:FE:EE:B2:F5:18:53
Certificate issuer: /CN=ac97eb967438ffc4eb66633dd8c03501893667f7
Certificate serial: 018CC26D7A9243E41C8BB1AB0956562C6E4F
Authority key identifier: AC:97:EB:96:74:38:FF:C4:EB:66:63:3D:D8:C0:35:01:89:36:67:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/X2OUTpbQfsZw-VIkUy7-7rL1GFM.roa
Signing time: Mon 01 Jan 2024 00:30:03 +0000
ROA not before: Mon 01 Jan 2024 00:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48288
IP address blocks: 185.161.77.0/24 maxlen: 24
87.104.128.0/18 maxlen: 18
87.104.240.0/20 maxlen: 20
2a00:8200::/32 maxlen: 32
2a12:3d80::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:7a:92:43:e4:1c:8b:b1:ab:09:56:56:2c:6e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac97eb967438ffc4eb66633dd8c03501893667f7
Validity
Not Before: Jan 1 00:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f63944e96d07ec670f95224532efeeeb2f51853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f1:30:9d:57:5b:80:9a:fb:dc:b5:48:d6:39:
1d:72:b3:20:ae:59:f6:40:5d:bc:5c:d3:71:3f:f3:
af:37:91:48:4f:e7:db:92:8b:29:ff:f0:aa:f3:9b:
3e:a1:fb:9d:54:7a:a6:60:6d:c7:2b:1e:1d:89:45:
c1:5c:96:f7:e6:93:59:5d:8b:1b:c8:2d:a9:d6:e4:
7d:e6:54:c0:5a:44:99:c9:fe:d9:ed:d0:7e:00:4b:
6c:1b:f5:6e:4a:e2:e8:5b:8e:65:c3:1a:f7:4a:6e:
9b:0b:17:1f:9e:08:a6:bb:9a:17:ee:f3:c0:74:69:
d9:5f:3a:54:1c:de:07:e2:94:78:57:fe:d8:3b:6d:
e1:28:32:5c:52:44:6e:73:48:8e:84:1e:70:da:85:
65:50:dd:47:ef:80:dc:4e:15:0c:a5:61:f5:74:5a:
5b:ee:38:31:63:97:4e:06:f3:cf:7e:52:14:2e:20:
86:14:41:75:07:6f:c1:ed:51:73:c4:ce:3a:0a:9c:
66:44:26:5e:79:3c:2f:7a:b9:c9:f8:84:67:15:15:
8d:01:ad:78:1d:fa:24:78:19:18:c6:b1:6c:f0:42:
f7:7a:94:52:1a:cc:dd:4e:02:0e:96:7c:4a:7d:e0:
44:2e:40:e3:d5:74:22:52:7e:96:57:86:96:29:cc:
a7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:63:94:4E:96:D0:7E:C6:70:F9:52:24:53:2E:FE:EE:B2:F5:18:53
X509v3 Authority Key Identifier:
keyid:AC:97:EB:96:74:38:FF:C4:EB:66:63:3D:D8:C0:35:01:89:36:67:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/X2OUTpbQfsZw-VIkUy7-7rL1GFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7fed52-d043-453b-8dd1-cf1997c0250d/1/rJfrlnQ4_8TrZmM92MA1AYk2Z_c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.104.128.0/18
87.104.240.0/20
185.161.77.0/24
IPv6:
2a00:8200::/32
2a12:3d80::/29
Signature Algorithm: sha256WithRSAEncryption
0a:6a:1d:1c:13:ee:2f:3c:89:af:d6:8d:91:4d:08:6c:c5:f7:
ff:e0:62:0c:b8:25:f2:9b:19:9e:7e:88:0d:da:c9:43:77:a9:
64:4e:50:e6:6d:a3:98:be:39:5c:9f:69:b7:38:1c:90:01:ff:
82:84:5d:9d:ab:ad:a5:a7:38:0e:38:b7:b0:8f:08:ce:f5:f0:
64:78:9c:39:21:f0:7f:2a:d3:63:2c:6e:4b:7d:2c:b3:bd:2a:
1e:7f:ea:67:25:de:18:18:5a:81:2f:9b:92:9a:f1:af:cb:04:
25:ed:f1:fb:04:84:4f:d4:bc:c0:15:a3:28:f6:dc:e7:5b:fa:
16:f4:1f:79:28:09:d3:b4:0b:db:02:7f:dc:81:9d:91:cd:8e:
29:9c:d7:6f:51:40:74:83:30:43:6f:57:1c:86:ab:5d:5a:5c:
46:83:0c:3c:ed:ee:ed:ef:8e:12:af:28:8c:1b:69:64:dc:48:
3c:0b:35:34:51:68:b3:88:a5:4f:05:8a:aa:61:ec:b4:ca:19:
54:42:54:33:cb:d9:de:1d:a5:dd:68:4f:71:b0:b8:e2:50:73:
50:75:e2:a2:fb:65:f1:a6:d5:c3:d6:18:38:9c:d2:75:e4:13:
44:53:e1:9b:37:68:33:c2:06:d0:24:a1:03:75:1e:35:b4:e4:
c1:11:1c:d1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzCbXqSQ+Qci7GrCVZWLG5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOTdlYjk2NzQzOGZmYzRlYjY2NjMzZGQ4YzAzNTAxODkz
NjY3ZjcwHhcNMjQwMTAxMDAzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjYzOTQ0ZTk2ZDA3ZWM2NzBmOTUyMjQ1MzJlZmVlZWIyZjUxODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/EwnVdbgJr73LVI1jkdcrMgrln2
QF28XNNxP/OvN5FIT+fbkosp//Cq85s+ofudVHqmYG3HKx4diUXBXJb35pNZXYsb
yC2p1uR95lTAWkSZyf7Z7dB+AEtsG/VuSuLoW45lwxr3Sm6bCxcfngimu5oX7vPA
dGnZXzpUHN4H4pR4V/7YO23hKDJcUkRuc0iOhB5w2oVlUN1H74DcThUMpWH1dFpb
7jgxY5dOBvPPflIULiCGFEF1B2/B7VFzxM46CpxmRCZeeTwvernJ+IRnFRWNAa14
HfokeBkYxrFs8EL3epRSGszdTgIOlnxKfeBELkDj1XQiUn6WV4aWKcynCQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFF9jlE6W0H7GcPlSJFMu/u6y9RhTMB8GA1UdIwQY
MBaAFKyX65Z0OP/E62ZjPdjANQGJNmf3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpmcmxuUTRfOFRyWm1NOTJNQTFBWWsyWl9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83ZmVkNTItZDA0My00NTNiLThkZDEt
Y2YxOTk3YzAyNTBkLzEvWDJPVVRwYlFmc1p3LVZJa1V5Ny03ckwxR0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83ZmVkNTItZDA0My00NTNiLThkZDEtY2YxOTk3YzAyNTBk
LzEvckpmcmxuUTRfOFRyWm1NOTJNQTFBWWsyWl9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQGV2iAAwQE
V2jwAwQAuaFNMBQEAgACMA4DBQAqAIIAAwUDKhI9gDANBgkqhkiG9w0BAQsFAAOC
AQEACmodHBPuLzyJr9aNkU0IbMX3/+BiDLgl8psZnn6IDdrJQ3epZE5Q5m2jmL45
XJ9ptzgckAH/goRdnautpac4Dji3sI8IzvXwZHicOSHwfyrTYyxuS30ss70qHn/q
ZyXeGBhagS+bkprxr8sEJe3x+wSET9S8wBWjKPbc51v6FvQfeSgJ07QL2wJ/3IGd
kc2OKZzXb1FAdIMwQ29XHIarXVpcRoMMPO3u7e+OEq8ojBtpZNxIPAs1NFFos4il
TwWKqmHstMoZVEJUM8vZ3h2l3WhPcbC44lBzUHXiovtl8abVw9YYOJzSdeQTRFPh
mzdoM8IG0CShA3UeNbTkwREc0Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:37 2025 by rpki-client