Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/SxaQSxwpfvHbO3I5w37QOnol27k.roa
File: SxaQSxwpfvHbO3I5w37QOnol27k.roa (raw, json)
Hash identifier: dTxjG/m7N1iLA3X+Jp4+DGEcXHiy+VwNR3zwoYAm3Yc=
Subject key identifier: 4B:16:90:4B:1C:29:7E:F1:DB:3B:72:39:C3:7E:D0:3A:7A:25:DB:B9
Certificate issuer: /CN=6e37a10a4a0273f41facf7440d59f39ad5eaf64b
Certificate serial: 018CC64B61A46BC1C52DD1CB04AA9F86FADC
Authority key identifier: 6E:37:A1:0A:4A:02:73:F4:1F:AC:F7:44:0D:59:F3:9A:D5:EA:F6:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bjehCkoCc_QfrPdEDVnzmtXq9ks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/SxaQSxwpfvHbO3I5w37QOnol27k.roa
Signing time: Mon 01 Jan 2024 18:31:18 +0000
ROA not before: Mon 01 Jan 2024 18:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204702
IP address blocks: 185.157.148.0/22 maxlen: 24
2a0c:f380::/29 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:61:a4:6b:c1:c5:2d:d1:cb:04:aa:9f:86:fa:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e37a10a4a0273f41facf7440d59f39ad5eaf64b
Validity
Not Before: Jan 1 18:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b16904b1c297ef1db3b7239c37ed03a7a25dbb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5a:42:f7:0d:63:84:a5:13:57:03:22:a9:7b:
c9:c8:20:f0:f9:b7:52:ee:24:82:5f:39:25:90:f3:
c5:d3:0b:01:c9:cc:c0:c9:bf:83:85:d8:97:5c:c5:
cc:ba:7d:1e:45:05:09:95:b2:06:cd:8f:22:b8:b0:
63:1a:0e:50:63:6b:5d:93:46:c0:fb:fc:0f:21:6b:
41:77:86:a5:68:dd:40:39:0c:87:b3:90:df:8b:79:
a5:9c:96:18:31:af:e1:96:b4:a2:22:43:24:2b:16:
b0:9b:29:2d:70:06:7e:2a:ab:25:23:c8:f4:b4:23:
dc:97:f5:f7:9a:a6:31:73:a4:52:1a:5f:6c:51:c8:
32:29:d3:d1:79:5b:50:e4:88:b0:9f:7a:e9:58:86:
2b:3f:82:4c:9a:f0:ee:50:ea:93:7c:72:93:e1:d4:
a8:bf:e8:7e:2b:1b:c5:88:00:61:8c:70:c4:1b:af:
cc:f7:35:29:2e:4b:e5:a0:ea:1f:69:ef:06:73:a3:
ae:e2:44:27:10:c0:cf:8f:c9:d7:e6:6b:2a:15:a8:
80:e1:42:e5:df:65:cb:22:6a:71:ae:93:ca:38:dc:
08:e1:ce:12:f0:04:40:af:d9:64:96:db:5d:a8:11:
c7:76:7c:09:5c:6b:44:86:12:48:98:a6:9e:74:53:
78:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:16:90:4B:1C:29:7E:F1:DB:3B:72:39:C3:7E:D0:3A:7A:25:DB:B9
X509v3 Authority Key Identifier:
keyid:6E:37:A1:0A:4A:02:73:F4:1F:AC:F7:44:0D:59:F3:9A:D5:EA:F6:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bjehCkoCc_QfrPdEDVnzmtXq9ks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/SxaQSxwpfvHbO3I5w37QOnol27k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/bjehCkoCc_QfrPdEDVnzmtXq9ks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.148.0/22
IPv6:
2a0c:f380::/29
Signature Algorithm: sha256WithRSAEncryption
35:8b:ae:74:3c:b1:6a:47:52:01:0e:65:1d:8a:7a:1e:13:53:
ff:74:4e:4e:d1:cc:90:11:07:a0:a5:ba:50:e3:d4:c4:66:39:
be:8e:3e:99:20:b2:aa:a1:16:08:76:a4:07:18:c2:0a:43:90:
32:fb:29:64:27:82:6e:f3:44:87:a9:ce:5e:1a:46:0c:76:04:
43:2f:0b:4d:52:0e:4d:b9:51:64:01:37:81:03:67:c2:39:94:
9a:6b:07:bf:17:d5:65:c4:2c:19:e7:3c:56:c1:4e:ac:73:4e:
90:5d:47:66:6e:8c:b5:21:d7:8e:99:1d:60:33:d6:a3:76:11:
71:28:c6:85:ef:9b:06:40:14:88:28:01:c4:33:3b:f4:93:e7:
27:b1:55:3d:89:7a:76:e2:d6:bf:82:05:ef:f8:81:e8:9a:c0:
70:bc:6f:33:22:ed:1d:43:89:6a:cc:8c:c6:c5:40:7e:44:4c:
39:06:7e:b1:4e:dc:af:51:82:2e:b5:02:64:81:37:37:7f:bb:
2e:75:66:8d:85:cb:bb:ca:7f:31:fe:8b:55:22:ca:57:b2:9a:
c3:8b:19:f1:b1:57:f9:6a:ed:f1:01:a4:b0:bc:3b:c1:c5:9e:
40:73:9e:a5:c1:17:76:6c:20:9e:03:a3:98:12:04:9c:2f:b3:
04:71:d3:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS2Gka8HFLdHLBKqfhvrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMzdhMTBhNGEwMjczZjQxZmFjZjc0NDBkNTlmMzlhZDVl
YWY2NGIwHhcNMjQwMTAxMTgzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE2OTA0YjFjMjk3ZWYxZGIzYjcyMzljMzdlZDAzYTdhMjVkYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVpC9w1jhKUTVwMiqXvJyCDw+bdS
7iSCXzklkPPF0wsByczAyb+DhdiXXMXMun0eRQUJlbIGzY8iuLBjGg5QY2tdk0bA
+/wPIWtBd4alaN1AOQyHs5Dfi3mlnJYYMa/hlrSiIkMkKxawmyktcAZ+KqslI8j0
tCPcl/X3mqYxc6RSGl9sUcgyKdPReVtQ5Iiwn3rpWIYrP4JMmvDuUOqTfHKT4dSo
v+h+KxvFiABhjHDEG6/M9zUpLkvloOofae8Gc6Ou4kQnEMDPj8nX5msqFaiA4ULl
32XLImpxrpPKONwI4c4S8ARAr9lklttdqBHHdnwJXGtEhhJImKaedFN42wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEsWkEscKX7x2ztyOcN+0Dp6Jdu5MB8GA1UdIwQY
MBaAFG43oQpKAnP0H6z3RA1Z85rV6vZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmplaENrb0NjX1FmclBkRURWbnptdFhxOWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMGFlZjMtMjYzZC00ZjQxLTg4NTMt
MThiN2ViOTIzYTk5LzEvU3hhUVN4d3BmdkhiTzNJNXczN1FPbm9sMjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMGFlZjMtMjYzZC00ZjQxLTg4NTMtMThiN2ViOTIzYTk5
LzEvYmplaENrb0NjX1FmclBkRURWbnptdFhxOWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ2UMA0E
AgACMAcDBQMqDPOAMA0GCSqGSIb3DQEBCwUAA4IBAQA1i650PLFqR1IBDmUdinoe
E1P/dE5O0cyQEQegpbpQ49TEZjm+jj6ZILKqoRYIdqQHGMIKQ5Ay+ylkJ4Ju80SH
qc5eGkYMdgRDLwtNUg5NuVFkATeBA2fCOZSaawe/F9VlxCwZ5zxWwU6sc06QXUdm
boy1IdeOmR1gM9ajdhFxKMaF75sGQBSIKAHEMzv0k+cnsVU9iXp24ta/ggXv+IHo
msBwvG8zIu0dQ4lqzIzGxUB+REw5Bn6xTtyvUYIutQJkgTc3f7sudWaNhcu7yn8x
/otVIspXsprDixnxsVf5au3xAaSwvDvBxZ5Ac56lwRd2bCCeA6OYEgScL7MEcdPn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:26 2025 by rpki-client