Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/1a58d4-133f-4750-a7ed-65e996312cbe/1/xrFZyEJwJ35MP13iTekU2IV1cpA.roa
File: xrFZyEJwJ35MP13iTekU2IV1cpA.roa (raw, json)
Hash identifier: cqmQTiLlE6oHOcPPOnt7BsKYJAZOFIQkpDbBxoyN+Kk=
Subject key identifier: C6:B1:59:C8:42:70:27:7E:4C:3F:5D:E2:4D:E9:14:D8:85:75:72:90
Certificate issuer: /CN=c4145465f0696a70d5f03ee1d5decafd41dc6385
Certificate serial: 018D7B133F566DFA789B64D09CABE072DA06
Authority key identifier: C4:14:54:65:F0:69:6A:70:D5:F0:3E:E1:D5:DE:CA:FD:41:DC:63:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBRUZfBpanDV8D7h1d7K_UHcY4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/1a58d4-133f-4750-a7ed-65e996312cbe/1/xrFZyEJwJ35MP13iTekU2IV1cpA.roa
Signing time: Mon 05 Feb 2024 21:01:15 +0000
ROA not before: Mon 05 Feb 2024 21:01:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48825
IP address blocks: 95.128.128.0/21 maxlen: 21
185.4.48.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 06 Feb 2024 12:15:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7b:13:3f:56:6d:fa:78:9b:64:d0:9c:ab:e0:72:da:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4145465f0696a70d5f03ee1d5decafd41dc6385
Validity
Not Before: Feb 5 21:01:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6b159c84270277e4c3f5de24de914d885757290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7f:26:fd:ed:0f:dd:c8:25:5d:6d:dc:18:d7:
31:b1:4d:c1:58:7c:f0:c0:36:35:54:26:bd:73:33:
d4:83:71:18:33:47:78:44:5a:d0:d2:28:ec:64:26:
2f:e1:5a:3a:89:53:1f:0a:84:d9:29:a6:3b:1f:33:
f6:74:84:2f:04:46:eb:e0:94:5f:ef:eb:77:6a:94:
07:97:b4:2a:66:f9:78:29:13:9c:be:87:08:ab:ff:
a2:7f:0b:ad:79:56:c5:cd:3f:f1:ac:32:bd:84:c5:
79:02:07:a3:ad:d4:09:23:37:a7:46:95:03:6e:5c:
b4:9d:ef:fd:07:e3:e2:59:12:a4:57:10:89:a9:30:
2c:4b:78:e3:3f:97:97:23:6c:2f:6a:e3:a9:39:56:
06:f5:de:a2:6e:07:4f:6e:01:e8:b0:79:31:34:8c:
91:91:a1:32:08:fe:a0:d4:ab:ad:72:dc:58:0e:26:
13:c8:9f:64:22:a6:65:8c:04:74:c1:42:bd:27:ee:
02:e9:a8:03:18:61:3b:29:3e:89:e9:ad:50:26:94:
ec:8d:d2:84:ef:11:81:07:7b:25:a4:73:c8:bd:aa:
a1:f6:49:c0:2f:0a:a8:66:78:09:82:2c:64:51:8c:
fd:8a:6e:be:21:3f:99:31:49:e4:25:fe:51:64:2d:
4a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B1:59:C8:42:70:27:7E:4C:3F:5D:E2:4D:E9:14:D8:85:75:72:90
X509v3 Authority Key Identifier:
keyid:C4:14:54:65:F0:69:6A:70:D5:F0:3E:E1:D5:DE:CA:FD:41:DC:63:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBRUZfBpanDV8D7h1d7K_UHcY4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/1a58d4-133f-4750-a7ed-65e996312cbe/1/xrFZyEJwJ35MP13iTekU2IV1cpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/1a58d4-133f-4750-a7ed-65e996312cbe/1/xBRUZfBpanDV8D7h1d7K_UHcY4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.128.0/21
185.4.48.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:58:74:a1:28:fa:2d:03:25:29:c5:0c:bc:d6:bc:50:ef:4c:
00:af:20:ef:83:8e:4f:37:03:dc:85:66:f9:1c:9e:8a:52:68:
cb:80:2d:26:b0:bb:8f:3f:d8:5f:cb:af:da:64:36:8b:3a:6a:
ed:70:60:5c:80:c4:6f:2b:11:1a:1a:02:00:97:26:15:fe:92:
09:61:27:b3:a1:ff:e3:b5:95:e1:4e:c4:bf:c3:cc:cb:69:07:
74:5a:4e:6e:f5:27:0f:e5:3f:7d:58:8b:47:0d:49:06:41:d9:
20:c7:5d:43:f9:dd:f5:fa:84:b5:5b:22:62:d0:f9:e2:97:c5:
59:46:b8:6a:a0:2a:80:35:a6:50:19:8a:ba:18:10:70:56:cb:
bb:d4:24:5c:bb:d5:23:82:72:ad:8e:f9:43:ec:1b:23:b5:4a:
70:28:78:8d:2f:ad:90:2d:d8:0b:e5:66:e1:25:51:9e:14:2b:
75:46:4b:b4:d3:68:66:0e:a2:66:87:1d:5b:ac:1c:73:8a:47:
35:dc:61:e3:6f:2b:58:ba:33:35:a2:51:6d:02:b4:da:56:60:
5d:df:72:35:23:6b:7c:30:f2:58:5b:be:55:0c:b7:a0:4c:1d:
d8:00:bd:58:98:4b:3a:55:97:46:c7:a8:6f:36:2e:da:be:31:
11:11:ed:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY17Ez9Wbfp4m2TQnKvgctoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTQ1NDY1ZjA2OTZhNzBkNWYwM2VlMWQ1ZGVjYWZkNDFk
YzYzODUwHhcNMjQwMjA1MjEwMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIxNTljODQyNzAyNzdlNGMzZjVkZTI0ZGU5MTRkODg1NzU3MjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX8m/e0P3cglXW3cGNcxsU3BWHzw
wDY1VCa9czPUg3EYM0d4RFrQ0ijsZCYv4Vo6iVMfCoTZKaY7HzP2dIQvBEbr4JRf
7+t3apQHl7QqZvl4KROcvocIq/+ifwuteVbFzT/xrDK9hMV5AgejrdQJIzenRpUD
bly0ne/9B+PiWRKkVxCJqTAsS3jjP5eXI2wvauOpOVYG9d6ibgdPbgHosHkxNIyR
kaEyCP6g1KutctxYDiYTyJ9kIqZljAR0wUK9J+4C6agDGGE7KT6J6a1QJpTsjdKE
7xGBB3slpHPIvaqh9knALwqoZngJgixkUYz9im6+IT+ZMUnkJf5RZC1KVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMaxWchCcCd+TD9d4k3pFNiFdXKQMB8GA1UdIwQY
MBaAFMQUVGXwaWpw1fA+4dXeyv1B3GOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJSVVpmQnBhbkRWOEQ3aDFkN0tfVUhjWTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8xYTU4ZDQtMTMzZi00NzUwLWE3ZWQt
NjVlOTk2MzEyY2JlLzEveHJGWnlFSndKMzVNUDEzaVRla1UySVYxY3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8xYTU4ZDQtMTMzZi00NzUwLWE3ZWQtNjVlOTk2MzEyY2Jl
LzEveEJSVVpmQnBhbkRWOEQ3aDFkN0tfVUhjWTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX4CAAwQB
uQQwMA0GCSqGSIb3DQEBCwUAA4IBAQCgWHShKPotAyUpxQy81rxQ70wAryDvg45P
NwPchWb5HJ6KUmjLgC0msLuPP9hfy6/aZDaLOmrtcGBcgMRvKxEaGgIAlyYV/pIJ
YSezof/jtZXhTsS/w8zLaQd0Wk5u9ScP5T99WItHDUkGQdkgx11D+d31+oS1WyJi
0Pnil8VZRrhqoCqANaZQGYq6GBBwVsu71CRcu9UjgnKtjvlD7BsjtUpwKHiNL62Q
LdgL5WbhJVGeFCt1Rku002hmDqJmhx1brBxzikc13GHjbytYujM1olFtArTaVmBd
33I1I2t8MPJYW75VDLegTB3YAL1YmEs6VZdGx6hvNi7avjEREe2C
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:09 2025 by rpki-client