Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/XNVZ9L67PrwuCOCHrIZfjJ25oHM.roa
File: XNVZ9L67PrwuCOCHrIZfjJ25oHM.roa (raw, json)
Hash identifier: M5X79sTKlGo9bk6Z/5gQUZEOIeRMyfcGPEJPpsnmgOs=
Subject key identifier: 5C:D5:59:F4:BE:BB:3E:BC:2E:08:E0:87:AC:86:5F:8C:9D:B9:A0:73
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CD39C59F18CBFB1563B6CCA5DDFA191F4
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/XNVZ9L67PrwuCOCHrIZfjJ25oHM.roa
Signing time: Thu 04 Jan 2024 08:34:48 +0000
ROA not before: Thu 04 Jan 2024 08:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60117
IP address blocks: 85.204.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 19:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:9c:59:f1:8c:bf:b1:56:3b:6c:ca:5d:df:a1:91:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 4 08:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5cd559f4bebb3ebc2e08e087ac865f8c9db9a073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5a:e2:3e:0e:30:41:f7:e1:5b:f5:3e:77:29:
32:55:1d:68:3e:42:e7:4d:41:4e:cd:cc:80:89:25:
62:a5:da:ad:2d:d4:69:fa:b9:12:4b:17:e1:ff:31:
c7:5a:f1:b6:dd:af:d3:3a:aa:e4:27:eb:81:c0:1b:
f4:ca:cf:4d:e1:70:fa:20:78:55:d7:66:58:c5:70:
ad:de:6c:d3:4b:af:0b:3a:84:48:59:38:ea:ea:a5:
3c:7a:5a:f9:a8:c4:aa:06:62:0d:fc:5f:6a:11:4d:
c6:f8:8e:b6:4e:8c:b9:ba:e3:c6:81:be:32:15:2f:
24:d0:16:ae:b3:46:12:b6:e0:82:e8:f8:a8:2b:01:
37:7a:6e:25:30:5e:0e:8d:ae:af:b7:ce:4f:59:ed:
85:5f:7f:d5:af:50:6a:8a:32:4b:0e:e4:a8:35:24:
e8:27:79:02:bd:f2:b8:36:04:36:e8:83:3a:0c:1f:
7f:e8:12:5a:da:4f:d6:db:21:13:45:5b:d8:19:4c:
cf:f4:5c:0a:3f:20:cd:e5:9e:74:49:29:42:69:f2:
16:9e:c9:97:d1:98:8a:75:b9:2a:01:ab:48:a5:3a:
d4:4d:8a:34:58:00:b8:c3:f1:29:3f:70:08:ee:c2:
71:3e:41:bc:74:fc:1e:4e:ee:22:53:67:49:69:20:
d4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D5:59:F4:BE:BB:3E:BC:2E:08:E0:87:AC:86:5F:8C:9D:B9:A0:73
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/XNVZ9L67PrwuCOCHrIZfjJ25oHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:ad:43:03:9e:bf:8e:41:d0:c5:58:8d:57:e4:29:34:cd:a1:
0d:e0:f1:b3:0d:a4:72:9b:6a:e2:ae:fe:2c:cb:73:63:14:a9:
7c:d6:2a:57:35:1d:fe:9c:77:84:82:55:b6:82:0c:f5:d8:ab:
94:7b:16:3b:59:19:2d:4d:81:cd:42:6d:f5:48:85:38:ca:71:
ac:ff:3c:f4:bf:bf:74:f9:80:94:2c:6f:bb:e2:94:45:0d:2b:
f5:0a:2c:c2:8a:db:f6:f2:06:7b:f2:ed:91:be:09:a8:ce:e1:
75:f6:9b:d5:bc:9d:11:2d:d6:bc:f0:e9:60:4c:d7:ac:e5:21:
5b:f6:60:e0:d6:7f:8e:4f:e2:d0:95:4c:ac:b0:8b:d3:dc:39:
ff:e4:74:63:8c:74:23:98:ac:f5:b0:86:8c:cb:ec:c3:d4:17:
c0:59:dd:30:e9:f7:cd:55:af:55:3d:7e:7d:e1:b8:6a:5f:17:
3c:b4:44:4b:e0:d6:c7:bd:88:da:e6:83:91:e3:e9:d9:79:a7:
5b:cf:08:b6:d4:c2:f9:a7:37:9d:a1:a7:5c:8e:d3:a7:80:2b:
10:53:d4:eb:fa:c7:03:da:cb:77:4c:0e:72:11:15:0b:be:e8:
a6:0f:58:ef:67:5c:c7:7d:58:cb:77:fe:5d:fa:e3:91:f3:d2:
53:c5:2b:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzTnFnxjL+xVjtsyl3foZH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTA0MDgzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q1NTlmNGJlYmIzZWJjMmUwOGUwODdhYzg2NWY4YzlkYjlhMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilriPg4wQffhW/U+dykyVR1oPkLn
TUFOzcyAiSVipdqtLdRp+rkSSxfh/zHHWvG23a/TOqrkJ+uBwBv0ys9N4XD6IHhV
12ZYxXCt3mzTS68LOoRIWTjq6qU8elr5qMSqBmIN/F9qEU3G+I62Toy5uuPGgb4y
FS8k0Baus0YStuCC6PioKwE3em4lMF4Oja6vt85PWe2FX3/Vr1BqijJLDuSoNSTo
J3kCvfK4NgQ26IM6DB9/6BJa2k/W2yETRVvYGUzP9FwKPyDN5Z50SSlCafIWnsmX
0ZiKdbkqAatIpTrUTYo0WAC4w/EpP3AI7sJxPkG8dPweTu4iU2dJaSDUnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzVWfS+uz68Lgjgh6yGX4yduaBzMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvWE5WWjlMNjdQcnd1Q09DSHJJWmZqSjI1b0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcx9MA0G
CSqGSIb3DQEBCwUAA4IBAQDIrUMDnr+OQdDFWI1X5Ck0zaEN4PGzDaRym2rirv4s
y3NjFKl81ipXNR3+nHeEglW2ggz12KuUexY7WRktTYHNQm31SIU4ynGs/zz0v790
+YCULG+74pRFDSv1CizCitv28gZ78u2RvgmozuF19pvVvJ0RLda88OlgTNes5SFb
9mDg1n+OT+LQlUyssIvT3Dn/5HRjjHQjmKz1sIaMy+zD1BfAWd0w6ffNVa9VPX59
4bhqXxc8tERL4NbHvYja5oOR4+nZeadbzwi21ML5pzedoadcjtOngCsQU9Tr+scD
2st3TA5yERULvuimD1jvZ1zHfVjLd/5d+uOR89JTxSu4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org