Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/xnE5yG60eo7gg77wmGfK1hASGws.roa
File: xnE5yG60eo7gg77wmGfK1hASGws.roa (raw, json)
Hash identifier: pUYLrEOl8XN/3kdWl83zze7mT9/ORmaQ1jotZzPxkP0=
Subject key identifier: C6:71:39:C8:6E:B4:7A:8E:E0:83:BE:F0:98:67:CA:D6:10:12:1B:0B
Certificate issuer: /CN=3f1c938bb206a3896d064c0852fa9885ff2cebd9
Certificate serial: 01922AD7F4260615AE49B576D23B60D94563
Authority key identifier: 3F:1C:93:8B:B2:06:A3:89:6D:06:4C:08:52:FA:98:85:FF:2C:EB:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/xnE5yG60eo7gg77wmGfK1hASGws.roa
Signing time: Wed 25 Sep 2024 20:20:48 +0000
ROA not before: Wed 25 Sep 2024 20:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203343
IP address blocks: 185.120.24.0/22 maxlen: 24
2a0f:a5c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2a:d7:f4:26:06:15:ae:49:b5:76:d2:3b:60:d9:45:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f1c938bb206a3896d064c0852fa9885ff2cebd9
Validity
Not Before: Sep 25 20:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c67139c86eb47a8ee083bef09867cad610121b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8e:2d:bf:b0:8b:25:9e:79:2b:a9:b4:16:e6:
73:58:fe:69:6c:33:09:ad:9f:bc:8a:9b:0f:4a:08:
54:89:8e:ee:43:cc:5e:fc:57:58:7d:6e:11:1a:a5:
e2:30:f0:60:66:48:e4:3d:41:86:bc:e4:54:a8:7a:
e1:c7:f5:0a:fa:f8:5e:9a:50:84:ec:c8:77:00:dd:
a5:a7:09:8a:2e:ce:bb:6c:d1:53:df:f6:98:b6:76:
de:23:21:f4:dc:32:c8:51:f9:56:de:2c:e9:14:3a:
3f:41:3d:fa:d6:db:8a:4e:78:85:f9:f7:e8:fb:c5:
47:c5:28:b8:de:d4:3f:61:ff:2b:63:da:d8:aa:74:
2e:43:7f:e1:a3:22:62:6b:a0:03:7e:05:25:c8:60:
5c:33:73:30:05:52:81:39:90:23:c0:18:11:eb:b6:
8d:87:87:a1:80:05:b4:e0:1c:74:c5:e6:de:43:41:
fe:52:f5:38:3f:f5:21:d0:f0:ff:65:89:80:e4:0e:
61:ec:ab:34:44:5a:a5:79:07:d9:72:ce:25:44:92:
30:0e:3e:84:04:ed:b8:f8:8e:6b:a7:54:45:a0:6c:
95:ea:24:73:3f:48:49:5b:a9:44:7e:1b:ad:82:ab:
24:f1:1e:69:44:71:7c:ea:24:8f:36:d0:37:cc:ed:
61:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:71:39:C8:6E:B4:7A:8E:E0:83:BE:F0:98:67:CA:D6:10:12:1B:0B
X509v3 Authority Key Identifier:
keyid:3F:1C:93:8B:B2:06:A3:89:6D:06:4C:08:52:FA:98:85:FF:2C:EB:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PxyTi7IGo4ltBkwIUvqYhf8s69k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/xnE5yG60eo7gg77wmGfK1hASGws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b249c-b40e-4fb9-8ff4-e0526033a484/1/PxyTi7IGo4ltBkwIUvqYhf8s69k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.24.0/22
IPv6:
2a0f:a5c0::/32
Signature Algorithm: sha256WithRSAEncryption
86:2e:3d:7a:cb:ff:81:7e:f9:eb:3c:13:79:c0:87:11:d4:8b:
d2:f8:f7:ad:ed:29:87:40:91:71:21:98:9b:10:6b:43:46:f8:
54:45:aa:43:64:be:ae:69:32:f0:9d:d2:f1:24:48:e1:cf:a6:
df:bb:8d:25:e5:27:a8:2b:1c:3e:30:7a:df:dd:c6:7e:9d:89:
58:47:18:b5:f3:0e:70:88:0a:0e:2c:f4:34:c4:fd:3c:8b:ab:
48:dd:01:c7:51:d5:1d:ca:bb:50:1e:39:c9:f4:b0:e5:43:6a:
7e:c4:f3:7d:40:7b:12:58:9e:2c:c9:ce:b2:4f:85:c1:c5:6b:
5c:8d:b4:54:f3:8d:8f:81:74:8f:ef:c6:73:5d:c1:02:68:42:
72:09:f5:fe:4f:18:72:ca:01:e1:19:c6:65:9c:4c:09:cc:e7:
5a:87:d3:ac:f4:4d:3e:31:c0:b7:19:76:a0:52:29:58:57:da:
45:c6:02:ac:b0:46:a1:61:86:28:f9:a3:6e:ea:ee:55:3c:03:
41:13:34:70:3b:e0:dd:9c:09:5f:37:a3:88:70:71:fd:c2:5b:
36:8e:54:86:b1:c9:b8:74:dc:f5:51:64:a1:14:91:2e:c4:e3:
5c:db:c1:c9:38:5c:5f:a2:5a:93:79:91:67:ec:09:bc:ed:d1:
1f:fd:a7:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZIq1/QmBhWuSbV20jtg2UVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMWM5MzhiYjIwNmEzODk2ZDA2NGMwODUyZmE5ODg1ZmYy
Y2ViZDkwHhcNMjQwOTI1MjAyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjcxMzljODZlYjQ3YThlZTA4M2JlZjA5ODY3Y2FkNjEwMTIxYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn44tv7CLJZ55K6m0FuZzWP5pbDMJ
rZ+8ipsPSghUiY7uQ8xe/FdYfW4RGqXiMPBgZkjkPUGGvORUqHrhx/UK+vhemlCE
7Mh3AN2lpwmKLs67bNFT3/aYtnbeIyH03DLIUflW3izpFDo/QT361tuKTniF+ffo
+8VHxSi43tQ/Yf8rY9rYqnQuQ3/hoyJia6ADfgUlyGBcM3MwBVKBOZAjwBgR67aN
h4ehgAW04Bx0xebeQ0H+UvU4P/Uh0PD/ZYmA5A5h7Ks0RFqleQfZcs4lRJIwDj6E
BO24+I5rp1RFoGyV6iRzP0hJW6lEfhutgqsk8R5pRHF86iSPNtA3zO1hbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMZxOchutHqO4IO+8JhnytYQEhsLMB8GA1UdIwQY
MBaAFD8ck4uyBqOJbQZMCFL6mIX/LOvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjI0OWMtYjQwZS00ZmI5LThmZjQt
ZTA1MjYwMzNhNDg0LzEveG5FNXlHNjBlbzdnZzc3d21HZksxaEFTR3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zYjI0OWMtYjQwZS00ZmI5LThmZjQtZTA1MjYwMzNhNDg0
LzEvUHh5VGk3SUdvNGx0Qmt3SVV2cVloZjhzNjlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXgYMA0E
AgACMAcDBQAqD6XAMA0GCSqGSIb3DQEBCwUAA4IBAQCGLj16y/+BfvnrPBN5wIcR
1IvS+Pet7SmHQJFxIZibEGtDRvhURapDZL6uaTLwndLxJEjhz6bfu40l5SeoKxw+
MHrf3cZ+nYlYRxi18w5wiAoOLPQ0xP08i6tI3QHHUdUdyrtQHjnJ9LDlQ2p+xPN9
QHsSWJ4syc6yT4XBxWtcjbRU842PgXSP78ZzXcECaEJyCfX+TxhyygHhGcZlnEwJ
zOdah9Os9E0+McC3GXagUilYV9pFxgKssEahYYYo+aNu6u5VPANBEzRwO+DdnAlf
N6OIcHH9wls2jlSGscm4dNz1UWShFJEuxONc28HJOFxfolqTeZFn7Am87dEf/adi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:20 2025 by rpki-client