Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4D_Nel15Fg8XjM4wd3LKA6f3yEI.roa
File: 4D_Nel15Fg8XjM4wd3LKA6f3yEI.roa (raw, json)
Hash identifier: Zx+xhnPiitFpj/IAP19hBIJF0EC8cC5bPCOTQJPDfp8=
Subject key identifier: E0:3F:CD:7A:5D:79:16:0F:17:8C:CE:30:77:72:CA:03:A7:F7:C8:42
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F53E44C7EF60FFE2EDC32A88924C
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4D_Nel15Fg8XjM4wd3LKA6f3yEI.roa
Signing time: Mon 01 Jan 2024 08:30:05 +0000
ROA not before: Mon 01 Jan 2024 08:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201064
IP address blocks: 185.87.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f5:3e:44:c7:ef:60:ff:e2:ed:c3:2a:88:92:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e03fcd7a5d79160f178cce307772ca03a7f7c842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e2:ed:f0:50:18:e3:dd:82:8c:a9:f4:af:b1:
fc:4c:ec:3b:c1:8f:32:cf:56:81:6a:2a:65:81:52:
7c:90:55:1e:38:30:41:fb:c4:da:34:d7:b1:c7:f0:
4a:0a:99:68:5c:00:da:d2:7e:1a:76:9f:15:f4:3e:
ac:18:49:9d:e6:d1:46:cf:83:e7:60:11:5a:df:44:
06:ca:41:fe:15:44:22:33:bb:34:a0:d5:e9:53:c0:
a9:2e:61:e3:1b:1d:3c:5e:3f:00:0c:57:34:fc:fd:
86:4c:56:7f:54:1a:90:b3:38:ea:d9:19:e8:0e:8a:
0f:d4:13:0c:57:8c:4c:a2:0d:b5:68:ac:cc:19:4d:
24:a6:4f:50:9c:dc:2e:15:1d:9f:4d:12:bf:b6:9a:
3c:58:73:a3:0e:7d:8a:a4:13:02:c9:1f:d4:73:87:
c5:dd:94:94:9c:b0:b9:b2:6b:2b:b5:91:f3:45:7c:
21:b6:81:37:15:b9:14:2a:9b:87:b8:7c:ed:10:07:
ff:48:2d:80:77:82:1f:12:07:07:94:64:be:b9:91:
47:df:b6:ae:93:17:ee:99:02:6b:17:06:3a:d4:aa:
98:95:c5:0f:5c:92:9f:db:cb:05:d8:ad:25:53:62:
12:ef:87:35:91:04:40:8e:5e:db:67:81:40:fb:c4:
3e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3F:CD:7A:5D:79:16:0F:17:8C:CE:30:77:72:CA:03:A7:F7:C8:42
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/4D_Nel15Fg8XjM4wd3LKA6f3yEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.25.0/24
Signature Algorithm: sha256WithRSAEncryption
09:83:ce:e7:8b:30:43:5b:e2:3b:b9:ed:6b:1e:a7:d2:fc:13:
25:15:1b:c8:0b:20:fe:fd:fd:78:ab:c2:e2:1e:39:4c:77:4e:
4d:ff:c3:23:06:b7:d1:9e:95:71:3a:1f:b5:b6:f4:c1:4d:98:
55:05:1c:b4:3f:b3:d1:07:86:92:2b:02:7e:ba:44:a1:e6:fd:
35:80:79:d2:ce:16:18:97:d4:74:57:e3:94:87:18:ff:d5:1a:
96:75:cc:9d:37:70:0b:84:aa:25:e3:56:c9:11:46:6a:8b:05:
69:d5:83:92:f8:cd:2b:e4:3d:fb:44:d7:89:6d:9d:c2:ae:0e:
3b:6c:ec:e7:83:3b:de:2b:26:7c:4b:77:61:5d:9d:7f:ca:cc:
0c:77:d0:dd:49:b8:6c:f9:38:7a:4c:59:13:e7:17:a3:6f:bc:
11:3a:56:41:59:2a:96:74:cb:08:a3:4e:f9:98:97:10:6c:2f:
f4:2a:e5:03:95:c2:b3:dc:a6:8b:ca:04:4e:54:7b:a8:d3:8b:
6c:cd:73:e1:83:fe:87:6d:48:14:91:e1:42:5a:2c:18:0b:f4:
f5:d1:03:1d:79:26:3c:bc:ca:1b:a0:f5:df:b0:0d:e4:72:5e:
97:8d:86:c3:a0:da:15:39:dc:45:2e:b0:31:2f:cc:9f:f1:33:
d2:17:a6:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJPU+RMfvYP/i7cMqiJJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNmY2Q3YTVkNzkxNjBmMTc4Y2NlMzA3NzcyY2EwM2E3ZjdjODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquLt8FAY492CjKn0r7H8TOw7wY8y
z1aBaiplgVJ8kFUeODBB+8TaNNexx/BKCploXADa0n4adp8V9D6sGEmd5tFGz4Pn
YBFa30QGykH+FUQiM7s0oNXpU8CpLmHjGx08Xj8ADFc0/P2GTFZ/VBqQszjq2Rno
DooP1BMMV4xMog21aKzMGU0kpk9QnNwuFR2fTRK/tpo8WHOjDn2KpBMCyR/Uc4fF
3ZSUnLC5smsrtZHzRXwhtoE3FbkUKpuHuHztEAf/SC2Ad4IfEgcHlGS+uZFH37au
kxfumQJrFwY61KqYlcUPXJKf28sF2K0lU2IS74c1kQRAjl7bZ4FA+8Q+RQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOA/zXpdeRYPF4zOMHdyygOn98hCMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvNERfTmVsMTVGZzhYak00d2QzTEtBNmYzeUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVcZMA0G
CSqGSIb3DQEBCwUAA4IBAQAJg87nizBDW+I7ue1rHqfS/BMlFRvICyD+/f14q8Li
HjlMd05N/8MjBrfRnpVxOh+1tvTBTZhVBRy0P7PRB4aSKwJ+ukSh5v01gHnSzhYY
l9R0V+OUhxj/1RqWdcydN3ALhKol41bJEUZqiwVp1YOS+M0r5D37RNeJbZ3Crg47
bOzngzveKyZ8S3dhXZ1/yswMd9DdSbhs+Th6TFkT5xejb7wROlZBWSqWdMsIo075
mJcQbC/0KuUDlcKz3KaLygROVHuo04tszXPhg/6HbUgUkeFCWiwYC/T10QMdeSY8
vMoboPXfsA3kcl6XjYbDoNoVOdxFLrAxL8yf8TPSF6bF
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:23 2025 by rpki-client