Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/X_ZX8sz8cWmdPzyqzHzJUvKajpQ.roa
File: X_ZX8sz8cWmdPzyqzHzJUvKajpQ.roa (raw, json)
Hash identifier: XxhSY7NGQuMJ+zTgsbUAmvSCPa4SNVg0Cdu3HwfERc0=
Subject key identifier: 5F:F6:57:F2:CC:FC:71:69:9D:3F:3C:AA:CC:7C:C9:52:F2:9A:8E:94
Certificate issuer: /CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Certificate serial: 018CC50115A555E20FCF955E62918B96C52B
Authority key identifier: C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/X_ZX8sz8cWmdPzyqzHzJUvKajpQ.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62254
IP address blocks: 185.41.148.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:15:a5:55:e2:0f:cf:95:5e:62:91:8b:96:c5:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c875f76e8f894247923c0e276234d98a4c3ec5c2
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ff657f2ccfc71699d3f3caacc7cc952f29a8e94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a1:2c:62:22:2e:06:0b:ae:02:d1:9d:90:e7:
45:07:74:7c:ea:ca:4f:e6:c6:03:82:07:89:45:d9:
c3:b8:a3:0c:fb:ce:28:74:b4:49:7c:e8:5a:c3:de:
53:aa:2f:89:f0:94:54:4f:00:8d:51:be:c4:70:89:
75:5d:9d:7a:b6:06:fe:4f:35:e1:d6:20:4d:ca:2c:
7e:26:75:6b:d1:1f:42:e8:2e:cf:8f:44:ec:15:47:
2a:14:8a:f0:49:d6:3f:a1:68:46:a0:8e:7d:77:d5:
ba:cb:a8:2a:02:e2:b5:a5:e1:b5:97:37:84:32:cb:
cc:5d:25:82:1b:d2:9c:9b:87:e7:a2:c8:64:9c:35:
d7:89:58:b2:99:d0:6a:45:0f:cb:0d:94:67:9f:04:
b2:87:0b:81:0f:7f:72:cd:c0:37:93:91:3d:32:e5:
f0:31:78:c6:7b:02:c4:e0:46:62:6f:9c:49:ad:32:
e7:b6:48:0a:37:95:4a:ff:3b:1c:0a:c2:cf:f6:bf:
f9:f5:3b:d6:25:45:49:c3:9b:0c:a4:e1:f4:2d:a3:
0b:62:66:32:a9:fc:23:2c:77:2a:41:2c:cf:54:00:
99:88:cf:c2:58:1b:cb:62:2b:61:a6:43:31:70:61:
aa:41:3a:31:97:de:e8:84:a5:c5:1f:15:20:64:84:
80:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:F6:57:F2:CC:FC:71:69:9D:3F:3C:AA:CC:7C:C9:52:F2:9A:8E:94
X509v3 Authority Key Identifier:
keyid:C8:75:F7:6E:8F:89:42:47:92:3C:0E:27:62:34:D9:8A:4C:3E:C5:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHX3bo-JQkeSPA4nYjTZikw-xcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/X_ZX8sz8cWmdPzyqzHzJUvKajpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/e9e798-4ef3-4aa8-81f0-305658f91635/1/yHX3bo-JQkeSPA4nYjTZikw-xcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.148.0/22
Signature Algorithm: sha256WithRSAEncryption
66:8d:40:bf:2c:43:bf:c7:bf:22:a9:e1:5e:65:d7:e5:b4:a4:
12:27:d6:d6:04:a2:5f:7d:9e:ad:82:ca:05:00:53:1d:39:bc:
01:b6:d7:41:2e:d4:ca:9b:a0:1a:42:be:8f:dc:20:ab:d2:9a:
37:1b:11:2a:4e:bf:eb:b4:8c:dd:d1:81:10:76:eb:63:11:95:
3f:16:ab:44:b0:0c:d9:21:aa:cc:73:13:25:f1:7e:27:f5:3b:
d6:ac:e0:4f:72:cb:a5:08:e1:1e:d0:f6:8d:64:b0:31:00:7d:
ce:c7:e1:5b:3f:8a:18:ff:d5:fd:c0:6c:cf:95:45:e6:b7:03:
83:cb:f2:08:fe:27:39:ab:ca:f4:06:5f:7a:bf:5d:09:24:57:
9c:06:d0:97:bd:ab:6c:aa:85:bf:b9:ae:40:64:c6:11:1e:a9:
f7:a2:96:92:02:09:a7:81:8e:79:84:85:72:12:6d:3c:3d:95:
61:8b:02:d8:f4:32:f2:44:bc:85:4a:77:ea:bc:0b:6f:d9:9e:
fd:4a:3d:2e:d0:62:48:e2:a3:e6:fb:55:ed:99:db:97:b5:86:
6f:d5:76:d5:e5:89:f3:cb:73:fd:4d:d1:ad:10:54:ac:14:7c:
b4:fb:56:24:28:24:be:a6:30:65:2c:40:ca:5e:1e:d1:57:f5:
7d:1d:6a:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFARWlVeIPz5VeYpGLlsUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NzVmNzZlOGY4OTQyNDc5MjNjMGUyNzYyMzRkOThhNGMz
ZWM1YzIwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmY2NTdmMmNjZmM3MTY5OWQzZjNjYWFjYzdjYzk1MmYyOWE4ZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaEsYiIuBguuAtGdkOdFB3R86spP
5sYDggeJRdnDuKMM+84odLRJfOhaw95Tqi+J8JRUTwCNUb7EcIl1XZ16tgb+TzXh
1iBNyix+JnVr0R9C6C7Pj0TsFUcqFIrwSdY/oWhGoI59d9W6y6gqAuK1peG1lzeE
MsvMXSWCG9Kcm4fnoshknDXXiViymdBqRQ/LDZRnnwSyhwuBD39yzcA3k5E9MuXw
MXjGewLE4EZib5xJrTLntkgKN5VK/zscCsLP9r/59TvWJUVJw5sMpOH0LaMLYmYy
qfwjLHcqQSzPVACZiM/CWBvLYithpkMxcGGqQToxl97ohKXFHxUgZISAswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/2V/LM/HFpnT88qsx8yVLymo6UMB8GA1UdIwQY
MBaAFMh1926PiUJHkjwOJ2I02YpMPsXCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAt
MzA1NjU4ZjkxNjM1LzEvWF9aWDhzejhjV21kUHp5cXpIekpVdkthanBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9lOWU3OTgtNGVmMy00YWE4LTgxZjAtMzA1NjU4ZjkxNjM1
LzEveUhYM2JvLUpRa2VTUEE0bllqVFppa3cteGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSmUMA0G
CSqGSIb3DQEBCwUAA4IBAQBmjUC/LEO/x78iqeFeZdfltKQSJ9bWBKJffZ6tgsoF
AFMdObwBttdBLtTKm6AaQr6P3CCr0po3GxEqTr/rtIzd0YEQdutjEZU/FqtEsAzZ
IarMcxMl8X4n9TvWrOBPcsulCOEe0PaNZLAxAH3Ox+FbP4oY/9X9wGzPlUXmtwOD
y/II/ic5q8r0Bl96v10JJFecBtCXvatsqoW/ua5AZMYRHqn3opaSAgmngY55hIVy
Em08PZVhiwLY9DLyRLyFSnfqvAtv2Z79Sj0u0GJI4qPm+1XtmduXtYZv1XbV5Ynz
y3P9TdGtEFSsFHy0+1YkKCS+pjBlLEDKXh7RV/V9HWoh
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:27 2025 by rpki-client