Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/xH15JpMxA1SVuRoIJklxq0Le_mA.roa
File: xH15JpMxA1SVuRoIJklxq0Le_mA.roa (raw, json)
Hash identifier: 6cVPKb7lD5VXFjrXWMg8gc0Rpz8Icrd/mFgn/NRlRuk=
Subject key identifier: C4:7D:79:26:93:31:03:54:95:B9:1A:08:26:49:71:AB:42:DE:FE:60
Certificate issuer: /CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59
Certificate serial: 018CCA29FD5C6870C0A455D56F941A481755
Authority key identifier: 70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/xH15JpMxA1SVuRoIJklxq0Le_mA.roa
Signing time: Tue 02 Jan 2024 12:33:18 +0000
ROA not before: Tue 02 Jan 2024 12:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204807
IP address blocks: 185.189.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:fd:5c:68:70:c0:a4:55:d5:6f:94:1a:48:17:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70b190d6f89a434cce5cb8c0d4b38a1669defb59
Validity
Not Before: Jan 2 12:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c47d79269331035495b91a08264971ab42defe60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9a:c1:75:36:fe:ea:08:10:0a:58:29:6f:93:
8b:a6:fc:a8:78:7f:af:c2:20:b0:32:f2:22:39:54:
cd:f8:d5:0d:2b:83:65:61:c5:89:32:63:e1:ca:70:
6c:b4:bb:d7:46:92:32:0b:39:49:90:ae:c3:80:99:
9c:18:71:9f:47:29:41:fd:a4:b0:ac:a1:c5:38:18:
f6:38:f3:b1:e2:81:4f:14:c9:e3:8a:ca:1b:83:38:
13:3d:8b:8d:a1:86:38:bd:15:9a:29:58:dd:0c:24:
73:f3:c4:7a:21:f3:2c:7e:32:5e:42:4d:12:0e:9f:
55:0b:49:41:55:03:8c:b5:c5:0d:33:95:92:40:e5:
57:12:ee:2e:65:92:09:c7:1a:c8:29:eb:f2:e7:16:
fd:73:1f:05:fc:0f:ce:f5:6b:4e:4c:81:18:00:0d:
46:0b:54:96:d3:4b:19:ec:ec:71:9a:8e:ce:a5:99:
aa:c4:6f:dd:0d:1b:cc:a7:e0:52:62:d1:2f:9e:b3:
12:43:f0:ea:3d:90:59:21:13:be:7c:c1:5e:69:b4:
37:a5:42:d0:22:c0:07:5a:ca:f8:29:45:52:78:8e:
1a:a2:c6:e5:94:83:42:87:20:e9:12:f0:74:7d:f8:
64:59:63:5e:3b:2b:29:f8:96:b6:8a:ab:73:82:11:
e1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7D:79:26:93:31:03:54:95:B9:1A:08:26:49:71:AB:42:DE:FE:60
X509v3 Authority Key Identifier:
keyid:70:B1:90:D6:F8:9A:43:4C:CE:5C:B8:C0:D4:B3:8A:16:69:DE:FB:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cLGQ1viaQ0zOXLjA1LOKFmne-1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/xH15JpMxA1SVuRoIJklxq0Le_mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/23dc61-7e9d-40b3-91b6-46bd7d794fb6/1/cLGQ1viaQ0zOXLjA1LOKFmne-1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.109.0/24
Signature Algorithm: sha256WithRSAEncryption
93:db:68:2d:d8:f6:84:90:40:64:60:19:4b:05:b0:35:f0:af:
0c:aa:5a:fc:fb:91:7e:bf:ec:11:45:82:77:27:b3:4a:92:44:
62:4f:67:56:71:6d:51:ac:5b:16:b4:93:96:08:82:74:4b:7c:
b3:5c:a9:a8:5b:b3:1a:86:28:1f:15:68:6f:d7:a1:25:fc:2e:
cc:03:68:32:8e:87:25:65:f0:bf:ce:6b:8f:21:59:40:e9:05:
14:cf:a9:29:75:18:fc:fb:fe:1a:78:bd:9d:66:3b:ca:a1:6d:
5c:50:9e:8b:8d:53:49:cf:21:ee:b9:9c:1a:d8:49:e6:f1:50:
c5:7b:6b:d4:3a:c0:cb:d7:db:d0:e1:45:aa:c0:02:94:e8:99:
76:73:48:94:1e:17:03:81:aa:c1:25:9d:bc:52:45:2f:8c:bf:
55:45:b9:d5:82:4f:a8:da:15:f4:a2:69:0d:66:46:57:9c:ed:
96:1a:dc:c0:3a:64:41:b3:bd:20:b7:e4:8d:56:e3:7a:d4:92:
78:38:4a:21:e8:93:b1:98:33:7d:18:d7:cb:2a:6f:b7:14:e9:
8a:75:95:fd:fd:27:ec:33:b6:fc:4a:12:11:ac:b8:fb:73:c4:
c3:a7:f2:85:35:32:58:63:a6:f8:0a:06:24:c8:69:85:5d:70:
9c:d9:97:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKf1caHDApFXVb5QaSBdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYjE5MGQ2Zjg5YTQzNGNjZTVjYjhjMGQ0YjM4YTE2Njlk
ZWZiNTkwHhcNMjQwMTAyMTIzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDdkNzkyNjkzMzEwMzU0OTViOTFhMDgyNjQ5NzFhYjQyZGVmZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJrBdTb+6ggQClgpb5OLpvyoeH+v
wiCwMvIiOVTN+NUNK4NlYcWJMmPhynBstLvXRpIyCzlJkK7DgJmcGHGfRylB/aSw
rKHFOBj2OPOx4oFPFMnjisobgzgTPYuNoYY4vRWaKVjdDCRz88R6IfMsfjJeQk0S
Dp9VC0lBVQOMtcUNM5WSQOVXEu4uZZIJxxrIKevy5xb9cx8F/A/O9WtOTIEYAA1G
C1SW00sZ7Oxxmo7OpZmqxG/dDRvMp+BSYtEvnrMSQ/DqPZBZIRO+fMFeabQ3pULQ
IsAHWsr4KUVSeI4aosbllINChyDpEvB0ffhkWWNeOysp+Ja2iqtzghHhfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMR9eSaTMQNUlbkaCCZJcatC3v5gMB8GA1UdIwQY
MBaAFHCxkNb4mkNMzly4wNSzihZp3vtZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYt
NDZiZDdkNzk0ZmI2LzEveEgxNUpwTXhBMVNWdVJvSUprbHhxMExlX21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8yM2RjNjEtN2U5ZC00MGIzLTkxYjYtNDZiZDdkNzk0ZmI2
LzEvY0xHUTF2aWFRMHpPWExqQTFMT0tGbW5lLTFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub1tMA0G
CSqGSIb3DQEBCwUAA4IBAQCT22gt2PaEkEBkYBlLBbA18K8Mqlr8+5F+v+wRRYJ3
J7NKkkRiT2dWcW1RrFsWtJOWCIJ0S3yzXKmoW7MahigfFWhv16El/C7MA2gyjocl
ZfC/zmuPIVlA6QUUz6kpdRj8+/4aeL2dZjvKoW1cUJ6LjVNJzyHuuZwa2Enm8VDF
e2vUOsDL19vQ4UWqwAKU6Jl2c0iUHhcDgarBJZ28UkUvjL9VRbnVgk+o2hX0omkN
ZkZXnO2WGtzAOmRBs70gt+SNVuN61JJ4OEoh6JOxmDN9GNfLKm+3FOmKdZX9/Sfs
M7b8ShIRrLj7c8TDp/KFNTJYY6b4CgYkyGmFXXCc2Zc9
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:41:53 2025 by rpki-client