Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/e62fee-da47-4777-9d39-1fece0592e9b/1/xPOw4pRZvrVn9Q6ksCeOoMdUxds.roa
File: xPOw4pRZvrVn9Q6ksCeOoMdUxds.roa (raw, json)
Hash identifier: kvdUQHDZF6joZcHhkafHXMZYR9pJZ8npewedOf4qh60=
Subject key identifier: C4:F3:B0:E2:94:59:BE:B5:67:F5:0E:A4:B0:27:8E:A0:C7:54:C5:DB
Certificate issuer: /CN=7bcabe6490fa8bd572440fd6616a8430ee66d154
Certificate serial: 0192F7E2139396C5BE48A115DF710AA91000
Authority key identifier: 7B:CA:BE:64:90:FA:8B:D5:72:44:0F:D6:61:6A:84:30:EE:66:D1:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e8q-ZJD6i9VyRA_WYWqEMO5m0VQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/e62fee-da47-4777-9d39-1fece0592e9b/1/xPOw4pRZvrVn9Q6ksCeOoMdUxds.roa
Signing time: Mon 04 Nov 2024 15:54:01 +0000
ROA not before: Mon 04 Nov 2024 15:54:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204657
IP address blocks: 185.132.232.0/24 maxlen: 24
185.132.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 13:41:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f7:e2:13:93:96:c5:be:48:a1:15:df:71:0a:a9:10:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bcabe6490fa8bd572440fd6616a8430ee66d154
Validity
Not Before: Nov 4 15:54:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4f3b0e29459beb567f50ea4b0278ea0c754c5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6d:b4:ef:61:4f:f8:06:a0:5a:4d:54:88:24:
19:31:9e:81:85:94:83:0f:db:6b:1d:da:67:5d:c2:
c9:5e:73:88:41:cc:ac:85:45:57:6a:f9:be:f5:40:
e4:40:b4:7a:df:f3:cc:60:7d:46:2b:ed:67:dc:9f:
be:d1:46:6d:7a:1e:79:e0:34:a2:0d:02:65:82:ec:
fc:7e:4d:cb:1a:33:51:49:51:c6:fc:2a:19:6a:00:
01:12:6a:44:1e:44:ea:b7:10:93:bf:58:d1:c4:56:
d7:d1:af:3d:a5:1c:f8:2f:da:84:93:f7:c7:3f:41:
c0:fe:b6:2c:29:c4:1c:04:bb:3d:36:7a:0e:f4:76:
93:40:40:e7:66:65:a7:93:18:40:16:bc:1d:f2:f3:
4b:a3:4b:00:52:8e:85:4c:d5:7b:8a:64:cb:69:b5:
a0:58:92:ca:63:e6:f7:d2:68:ef:f7:c5:ec:99:a7:
55:f5:77:2a:f8:b3:a9:47:dd:2f:59:56:93:3c:99:
ee:ae:b7:c3:e5:50:c4:a0:89:80:5c:15:a0:11:27:
88:67:5a:2a:44:b3:1b:5d:13:98:cf:60:d3:71:81:
d1:ad:18:6f:35:89:8b:85:d6:2d:59:48:23:ae:a9:
08:7a:ed:a9:0c:10:cf:aa:a7:10:0b:6e:42:b8:0f:
c5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F3:B0:E2:94:59:BE:B5:67:F5:0E:A4:B0:27:8E:A0:C7:54:C5:DB
X509v3 Authority Key Identifier:
keyid:7B:CA:BE:64:90:FA:8B:D5:72:44:0F:D6:61:6A:84:30:EE:66:D1:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8q-ZJD6i9VyRA_WYWqEMO5m0VQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e62fee-da47-4777-9d39-1fece0592e9b/1/xPOw4pRZvrVn9Q6ksCeOoMdUxds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/e62fee-da47-4777-9d39-1fece0592e9b/1/e8q-ZJD6i9VyRA_WYWqEMO5m0VQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.232.0/23
Signature Algorithm: sha256WithRSAEncryption
33:a0:50:8c:f0:c3:08:a8:0b:8f:80:de:07:e9:91:76:20:2d:
0e:3c:95:8a:b4:a4:89:0d:7b:5e:15:b0:35:37:6d:cd:5f:41:
d4:a8:8c:07:45:a3:3a:6a:f0:5d:cf:b1:a3:84:de:e4:56:ed:
73:55:f5:b5:e5:06:ca:eb:23:ee:06:b1:f7:2b:6c:b9:ec:da:
7a:6f:da:1d:e0:6d:72:3a:6b:fc:23:52:af:62:e0:9b:c7:6c:
cd:ae:f4:7a:f3:98:cd:f2:fe:fc:56:43:30:84:1a:84:75:88:
83:05:b7:8e:45:31:5a:6b:b6:c1:55:e2:24:84:82:31:25:75:
cb:85:5a:b4:09:88:5b:1c:2c:77:a8:ec:dc:3b:39:73:14:66:
76:e6:71:e4:53:2f:2c:93:48:a8:ef:80:d6:a6:a7:7a:3f:d6:
38:a7:4f:2c:51:03:83:4f:ba:82:12:43:90:71:6d:29:d2:13:
8a:a1:af:db:77:db:f5:2d:5c:11:b3:63:27:0b:09:08:49:ac:
91:83:f6:12:f9:b7:0f:ca:83:d8:f8:24:fb:25:b3:67:8d:8a:
be:da:09:64:9a:d0:50:c7:41:69:dd:3e:1f:ef:56:d6:f5:30:
d5:f8:a6:2b:ce:83:f4:a7:0c:ab:46:ba:e4:92:2e:6c:5f:ff:
b3:e1:09:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZL34hOTlsW+SKEV33EKqRAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiY2FiZTY0OTBmYThiZDU3MjQ0MGZkNjYxNmE4NDMwZWU2
NmQxNTQwHhcNMjQxMTA0MTU1NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGYzYjBlMjk0NTliZWI1NjdmNTBlYTRiMDI3OGVhMGM3NTRjNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW2072FP+AagWk1UiCQZMZ6BhZSD
D9trHdpnXcLJXnOIQcyshUVXavm+9UDkQLR63/PMYH1GK+1n3J++0UZteh554DSi
DQJlguz8fk3LGjNRSVHG/CoZagABEmpEHkTqtxCTv1jRxFbX0a89pRz4L9qEk/fH
P0HA/rYsKcQcBLs9NnoO9HaTQEDnZmWnkxhAFrwd8vNLo0sAUo6FTNV7imTLabWg
WJLKY+b30mjv98XsmadV9Xcq+LOpR90vWVaTPJnurrfD5VDEoImAXBWgESeIZ1oq
RLMbXROYz2DTcYHRrRhvNYmLhdYtWUgjrqkIeu2pDBDPqqcQC25CuA/FkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTzsOKUWb61Z/UOpLAnjqDHVMXbMB8GA1UdIwQY
MBaAFHvKvmSQ+ovVckQP1mFqhDDuZtFUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZThxLVpKRDZpOVZ5UkFfV1lXcUVNTzVtMFZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9lNjJmZWUtZGE0Ny00Nzc3LTlkMzkt
MWZlY2UwNTkyZTliLzEveFBPdzRwUlp2clZuOVE2a3NDZU9vTWRVeGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9lNjJmZWUtZGE0Ny00Nzc3LTlkMzktMWZlY2UwNTkyZTli
LzEvZThxLVpKRDZpOVZ5UkFfV1lXcUVNTzVtMFZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYToMA0G
CSqGSIb3DQEBCwUAA4IBAQAzoFCM8MMIqAuPgN4H6ZF2IC0OPJWKtKSJDXteFbA1
N23NX0HUqIwHRaM6avBdz7GjhN7kVu1zVfW15QbK6yPuBrH3K2y57Np6b9od4G1y
Omv8I1KvYuCbx2zNrvR685jN8v78VkMwhBqEdYiDBbeORTFaa7bBVeIkhIIxJXXL
hVq0CYhbHCx3qOzcOzlzFGZ25nHkUy8sk0io74DWpqd6P9Y4p08sUQODT7qCEkOQ
cW0p0hOKoa/bd9v1LVwRs2MnCwkISayRg/YS+bcPyoPY+CT7JbNnjYq+2glkmtBQ
x0Fp3T4f71bW9TDV+KYrzoP0pwyrRrrkki5sX/+z4Qm3
-----END CERTIFICATE-----
Generated at Tue Nov 5 19:27:10 2024 by rpki-client on console-ams.rpki-client.org