Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/xMRcpyIgeFw4VgsDOVhWr24eXGk.roa
File: xMRcpyIgeFw4VgsDOVhWr24eXGk.roa (raw, json)
Hash identifier: 5vJ/hYaO/5OoGziJX3WSixVExcfYxkUdFKkEzpjsyQA=
Subject key identifier: C4:C4:5C:A7:22:20:78:5C:38:56:0B:03:39:58:56:AF:6E:1E:5C:69
Certificate issuer: /CN=3e46fa1d779c196ceb28029106b4ef7d17553d2b
Certificate serial: 018CCA2BA49F652E24994FB9965A1EA5292D
Authority key identifier: 3E:46:FA:1D:77:9C:19:6C:EB:28:02:91:06:B4:EF:7D:17:55:3D:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pkb6HXecGWzrKAKRBrTvfRdVPSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/xMRcpyIgeFw4VgsDOVhWr24eXGk.roa
Signing time: Tue 02 Jan 2024 12:35:07 +0000
ROA not before: Tue 02 Jan 2024 12:35:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203299
IP address blocks: 185.135.20.0/24 maxlen: 24
2a06:f080::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 11:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:a4:9f:65:2e:24:99:4f:b9:96:5a:1e:a5:29:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e46fa1d779c196ceb28029106b4ef7d17553d2b
Validity
Not Before: Jan 2 12:35:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4c45ca72220785c38560b03395856af6e1e5c69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:9c:ad:ab:7b:57:10:52:87:37:89:2e:cd:bd:
eb:5d:78:00:f8:d5:e8:26:d7:69:d6:a6:cb:45:09:
1a:78:18:e3:df:72:56:f5:cf:8b:15:2f:7f:81:e4:
45:56:73:a8:78:7e:80:d4:0a:06:4d:fc:b6:a4:80:
13:a7:92:5f:dd:31:04:63:dd:b5:05:42:99:af:c7:
64:28:7d:7b:b5:b2:6c:02:1d:b9:95:93:da:84:b5:
41:f6:a3:f4:8c:13:7d:01:39:b8:2b:c7:20:19:bd:
93:ba:49:60:b2:85:df:c7:61:61:12:37:99:02:6f:
3a:95:a3:35:ce:23:65:f8:4b:80:06:e6:a9:e4:e1:
60:3a:a0:3f:26:89:3c:29:3c:32:83:b9:20:d1:91:
69:d0:98:c8:00:f0:48:13:2c:36:37:ac:65:b5:e0:
d0:2a:55:01:5c:51:d6:60:23:5b:11:4c:f8:34:65:
4f:05:e1:58:65:c0:fd:3b:ce:8e:39:e2:36:9c:20:
0d:df:a0:28:7a:1b:91:f4:69:10:f2:1d:5f:9e:56:
7d:0c:b4:a0:9e:93:98:01:5b:ee:3f:6c:55:fa:b2:
ba:31:1f:4f:e7:29:23:cb:2b:48:74:08:2a:14:73:
50:5b:3e:e1:29:33:b7:01:bf:c7:18:65:bd:e2:f7:
57:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C4:5C:A7:22:20:78:5C:38:56:0B:03:39:58:56:AF:6E:1E:5C:69
X509v3 Authority Key Identifier:
keyid:3E:46:FA:1D:77:9C:19:6C:EB:28:02:91:06:B4:EF:7D:17:55:3D:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pkb6HXecGWzrKAKRBrTvfRdVPSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/xMRcpyIgeFw4VgsDOVhWr24eXGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/Pkb6HXecGWzrKAKRBrTvfRdVPSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.20.0/24
IPv6:
2a06:f080::/32
Signature Algorithm: sha256WithRSAEncryption
09:fc:ad:0e:9c:2d:3d:9d:d6:f1:29:9a:6b:8b:ee:2a:3c:45:
3c:d3:14:6d:d4:a4:78:b9:ce:c2:c6:69:9f:da:1a:a4:56:08:
dc:ae:40:2b:1e:fa:8a:f0:14:4f:0b:e2:07:16:a0:17:37:27:
17:aa:19:a5:41:94:6d:f6:2c:f1:97:ca:60:8e:0a:db:8c:33:
6b:06:04:b2:ee:fd:00:74:cf:1d:10:86:15:7b:0a:0b:3e:8c:
5a:42:b0:34:51:48:57:35:e2:ad:8f:6f:be:09:fe:49:5d:58:
92:ab:1a:f5:8a:ff:44:1f:c0:c9:d9:73:49:9a:51:4e:96:4a:
ca:d0:b1:37:77:44:0a:8e:e6:fd:40:51:4a:1d:bf:23:95:43:
79:9a:15:5f:92:71:4b:88:0c:33:f7:6e:8d:e3:0f:6e:4c:9b:
18:29:07:ca:ec:58:6c:52:5c:58:ed:61:ff:2e:ba:de:65:b6:
70:fe:5a:ca:4a:c5:79:9f:de:90:4a:fd:92:c2:b7:39:0d:18:
d4:7d:53:84:cc:a6:26:7c:26:ee:54:0f:87:54:ab:14:b4:ef:
81:eb:2b:b0:cd:40:60:68:77:d3:f5:dc:66:d6:f8:68:9c:d6:
96:93:d2:1a:6d:9e:fa:48:77:8f:51:8a:e2:9e:9f:70:5a:e2:
64:c5:40:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKK6SfZS4kmU+5lloepSktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDZmYTFkNzc5YzE5NmNlYjI4MDI5MTA2YjRlZjdkMTc1
NTNkMmIwHhcNMjQwMTAyMTIzNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGM0NWNhNzIyMjA3ODVjMzg1NjBiMDMzOTU4NTZhZjZlMWU1YzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipytq3tXEFKHN4kuzb3rXXgA+NXo
Jtdp1qbLRQkaeBjj33JW9c+LFS9/geRFVnOoeH6A1AoGTfy2pIATp5Jf3TEEY921
BUKZr8dkKH17tbJsAh25lZPahLVB9qP0jBN9ATm4K8cgGb2TuklgsoXfx2FhEjeZ
Am86laM1ziNl+EuABuap5OFgOqA/Jok8KTwyg7kg0ZFp0JjIAPBIEyw2N6xlteDQ
KlUBXFHWYCNbEUz4NGVPBeFYZcD9O86OOeI2nCAN36AoehuR9GkQ8h1fnlZ9DLSg
npOYAVvuP2xV+rK6MR9P5ykjyytIdAgqFHNQWz7hKTO3Ab/HGGW94vdXjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMTEXKciIHhcOFYLAzlYVq9uHlxpMB8GA1UdIwQY
MBaAFD5G+h13nBls6ygCkQa0730XVT0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtiNkhYZWNHV3pyS0FLUkJyVHZmUmRWUFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8wM2NiMzEtNjJmMi00OGM3LTliN2Yt
MGNkMWQyODk2NWQxLzEveE1SY3B5SWdlRnc0VmdzRE9WaFdyMjRlWEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8wM2NiMzEtNjJmMi00OGM3LTliN2YtMGNkMWQyODk2NWQx
LzEvUGtiNkhYZWNHV3pyS0FLUkJyVHZmUmRWUFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYcUMA0E
AgACMAcDBQAqBvCAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ/K0OnC09ndbxKZpri+4q
PEU80xRt1KR4uc7Cxmmf2hqkVgjcrkArHvqK8BRPC+IHFqAXNycXqhmlQZRt9izx
l8pgjgrbjDNrBgSy7v0AdM8dEIYVewoLPoxaQrA0UUhXNeKtj2++Cf5JXViSqxr1
iv9EH8DJ2XNJmlFOlkrK0LE3d0QKjub9QFFKHb8jlUN5mhVfknFLiAwz926N4w9u
TJsYKQfK7FhsUlxY7WH/LrreZbZw/lrKSsV5n96QSv2Swrc5DRjUfVOEzKYmfCbu
VA+HVKsUtO+B6yuwzUBgaHfT9dxm1vhonNaWk9IabZ76SHePUYrinp9wWuJkxUBA
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:54:13 2025 by rpki-client