Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/c159ad-1bfb-490e-8d78-eb00121a55e5/1/F3XY4GLtVTQY3xdzqd276t6xNKQ.roa
File: F3XY4GLtVTQY3xdzqd276t6xNKQ.roa (raw, json)
Hash identifier: AmhgBHJPCsVYzgpM2PU4s/1JszRm+lBg1CoyppdD7oc=
Subject key identifier: 17:75:D8:E0:62:ED:55:34:18:DF:17:73:A9:DD:BB:EA:DE:B1:34:A4
Certificate issuer: /CN=8cecb68c80d6d8d164892230f9d11f2551bed38a
Certificate serial: 019252DCB419AD7A6E192B81EA9007029659
Authority key identifier: 8C:EC:B6:8C:80:D6:D8:D1:64:89:22:30:F9:D1:1F:25:51:BE:D3:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jOy2jIDW2NFkiSIw-dEfJVG-04o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/c159ad-1bfb-490e-8d78-eb00121a55e5/1/F3XY4GLtVTQY3xdzqd276t6xNKQ.roa
Signing time: Thu 03 Oct 2024 14:50:48 +0000
ROA not before: Thu 03 Oct 2024 14:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202075
IP address blocks: 185.50.172.0/22 maxlen: 22
185.50.172.0/23 maxlen: 23
185.50.174.0/23 maxlen: 23
2a04:be80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:dc:b4:19:ad:7a:6e:19:2b:81:ea:90:07:02:96:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cecb68c80d6d8d164892230f9d11f2551bed38a
Validity
Not Before: Oct 3 14:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1775d8e062ed553418df1773a9ddbbeadeb134a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b6:5e:f9:96:f3:1a:83:52:f9:02:03:d5:7b:
d7:5b:5e:e5:80:db:91:10:09:68:ba:99:e1:a7:82:
98:44:6d:2a:8e:fb:58:ab:c2:0c:83:12:11:9e:6e:
8b:de:29:7d:c7:4a:8e:27:7a:2b:9f:6a:b4:c8:e6:
21:93:7e:5a:81:7b:5f:76:3b:c1:be:e8:fb:a2:2f:
c8:22:ed:1a:b4:c8:99:d5:d7:41:9e:be:2b:89:05:
d4:d4:03:c0:02:00:5e:84:0d:62:d1:61:ff:98:27:
c5:4b:36:53:b4:f8:d4:a1:94:a2:df:2b:96:70:ad:
d7:df:85:2b:3c:ac:e0:d8:ad:6f:06:ef:96:a4:2c:
10:23:0e:aa:88:0a:df:51:e3:31:97:d5:d3:51:52:
b4:9d:88:d9:3f:e6:61:c3:aa:a0:c9:a9:09:06:d9:
ec:cb:77:9e:32:d6:a5:06:cc:b4:53:45:2d:6b:3b:
39:74:6e:31:ae:95:ca:81:80:22:37:3a:47:3b:85:
f4:26:e3:0a:5b:e9:a4:3d:4b:11:d1:0d:90:0c:99:
51:45:c2:f8:59:db:62:2d:4e:63:22:9b:c9:99:74:
85:c6:6c:57:0d:d1:a4:ac:3c:2f:c3:56:5d:1a:ab:
13:3c:e0:2a:57:6a:19:6e:a2:24:3b:ff:61:eb:8a:
c1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:75:D8:E0:62:ED:55:34:18:DF:17:73:A9:DD:BB:EA:DE:B1:34:A4
X509v3 Authority Key Identifier:
keyid:8C:EC:B6:8C:80:D6:D8:D1:64:89:22:30:F9:D1:1F:25:51:BE:D3:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jOy2jIDW2NFkiSIw-dEfJVG-04o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c159ad-1bfb-490e-8d78-eb00121a55e5/1/F3XY4GLtVTQY3xdzqd276t6xNKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/c159ad-1bfb-490e-8d78-eb00121a55e5/1/jOy2jIDW2NFkiSIw-dEfJVG-04o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.172.0/22
IPv6:
2a04:be80::/29
Signature Algorithm: sha256WithRSAEncryption
48:0e:b4:b9:61:2d:c1:d1:c1:54:9c:f6:ce:6e:8f:72:f9:c6:
f7:03:c4:77:2f:69:76:ff:ca:8f:3c:fe:f5:ed:17:8e:a6:93:
29:a3:f4:dc:0f:b1:30:fb:0a:37:42:cd:5c:5f:e6:41:35:d3:
e6:c4:17:ff:30:85:90:17:46:b2:12:fd:d7:50:f1:f7:72:32:
23:44:f3:6b:2f:c8:cb:0c:06:0c:58:15:c1:0c:e0:dd:68:08:
c4:c0:88:1b:90:d3:5f:3a:41:4e:41:4d:c6:87:f7:a1:8a:74:
f1:8b:7c:ed:8c:61:a1:e3:60:bf:c4:c3:a1:57:5b:98:e4:19:
5d:81:6e:8f:b0:99:e0:d4:9b:e3:10:5c:76:c1:13:a6:5e:bf:
7c:3a:25:99:63:90:33:34:83:01:07:89:82:35:79:50:f2:d9:
cc:1b:d4:7e:7c:9f:1b:b1:59:96:33:dd:cd:aa:8d:f0:62:80:
a2:e7:d7:c0:7d:fe:20:1b:b0:bc:b4:08:00:51:d2:c8:e8:06:
27:8d:9d:d5:fb:0c:78:10:f9:31:83:39:2d:6f:2c:27:4f:5f:
f8:4c:33:c3:90:31:a5:61:ee:a7:e6:ef:37:bf:12:87:fc:73:
a2:62:06:aa:d9:5d:b1:28:52:fb:6d:2b:5d:55:eb:d9:9d:f4:
33:35:dc:34
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZJS3LQZrXpuGSuB6pAHApZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZWNiNjhjODBkNmQ4ZDE2NDg5MjIzMGY5ZDExZjI1NTFi
ZWQzOGEwHhcNMjQxMDAzMTQ1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzc1ZDhlMDYyZWQ1NTM0MThkZjE3NzNhOWRkYmJlYWRlYjEzNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrZe+ZbzGoNS+QID1XvXW17lgNuR
EAloupnhp4KYRG0qjvtYq8IMgxIRnm6L3il9x0qOJ3orn2q0yOYhk35agXtfdjvB
vuj7oi/IIu0atMiZ1ddBnr4riQXU1APAAgBehA1i0WH/mCfFSzZTtPjUoZSi3yuW
cK3X34UrPKzg2K1vBu+WpCwQIw6qiArfUeMxl9XTUVK0nYjZP+Zhw6qgyakJBtns
y3eeMtalBsy0U0Utazs5dG4xrpXKgYAiNzpHO4X0JuMKW+mkPUsR0Q2QDJlRRcL4
WdtiLU5jIpvJmXSFxmxXDdGkrDwvw1ZdGqsTPOAqV2oZbqIkO/9h64rBVwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBd12OBi7VU0GN8Xc6ndu+resTSkMB8GA1UdIwQY
MBaAFIzstoyA1tjRZIkiMPnRHyVRvtOKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak95MmpJRFcyTkZraVNJdy1kRWZKVkctMDRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9jMTU5YWQtMWJmYi00OTBlLThkNzgt
ZWIwMDEyMWE1NWU1LzEvRjNYWTRHTHRWVFFZM3hkenFkMjc2dDZ4TktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9jMTU5YWQtMWJmYi00OTBlLThkNzgtZWIwMDEyMWE1NWU1
LzEvak95MmpJRFcyTkZraVNJdy1kRWZKVkctMDRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTKsMA0E
AgACMAcDBQMqBL6AMA0GCSqGSIb3DQEBCwUAA4IBAQBIDrS5YS3B0cFUnPbObo9y
+cb3A8R3L2l2/8qPPP717ReOppMpo/TcD7Ew+wo3Qs1cX+ZBNdPmxBf/MIWQF0ay
Ev3XUPH3cjIjRPNrL8jLDAYMWBXBDODdaAjEwIgbkNNfOkFOQU3Gh/ehinTxi3zt
jGGh42C/xMOhV1uY5BldgW6PsJng1JvjEFx2wROmXr98OiWZY5AzNIMBB4mCNXlQ
8tnMG9R+fJ8bsVmWM93Nqo3wYoCi59fAff4gG7C8tAgAUdLI6AYnjZ3V+wx4EPkx
gzktbywnT1/4TDPDkDGlYe6n5u83vxKH/HOiYgaq2V2xKFL7bStdVevZnfQzNdw0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:04 2025 by rpki-client