Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/bdfd19-201a-444d-8d88-6ef4c7c7470b/1/xnTAF4Y_5TKNja1Q4j18x5YpPls.roa
File: xnTAF4Y_5TKNja1Q4j18x5YpPls.roa (raw, json)
Hash identifier: taBHxBzIU50AEGISV4VXnVQP6s1yCYgBq1A0SVCDtP4=
Subject key identifier: C6:74:C0:17:86:3F:E5:32:8D:8D:AD:50:E2:3D:7C:C7:96:29:3E:5B
Certificate issuer: /CN=14c51262fe87f4e295ef9e7f87a1f9e49f57c300
Certificate serial: 018CC5DD108E84E61F1F2564B77C1CC7B680
Authority key identifier: 14:C5:12:62:FE:87:F4:E2:95:EF:9E:7F:87:A1:F9:E4:9F:57:C3:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FMUSYv6H9OKV755_h6H55J9XwwA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/bdfd19-201a-444d-8d88-6ef4c7c7470b/1/xnTAF4Y_5TKNja1Q4j18x5YpPls.roa
Signing time: Mon 01 Jan 2024 16:30:48 +0000
ROA not before: Mon 01 Jan 2024 16:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62024
IP address blocks: 185.50.96.0/24 maxlen: 24
185.50.98.0/24 maxlen: 24
185.50.97.0/24 maxlen: 24
2a01:a3e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:10:8e:84:e6:1f:1f:25:64:b7:7c:1c:c7:b6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14c51262fe87f4e295ef9e7f87a1f9e49f57c300
Validity
Not Before: Jan 1 16:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c674c017863fe5328d8dad50e23d7cc796293e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c4:0a:6a:1a:ae:b0:09:f1:ad:fb:82:dc:97:
10:38:68:93:d1:36:bf:b5:43:fe:c7:03:b1:52:43:
58:f0:65:4a:25:71:0f:ba:18:90:b6:92:5a:58:58:
f2:9f:cf:a1:19:25:ea:8f:23:8d:ff:51:76:59:bf:
b3:6a:28:5a:2f:ab:ec:f9:50:45:02:de:3b:be:3e:
e8:da:4a:a2:44:c8:c3:ed:cb:52:70:0b:bb:bd:5f:
e6:95:79:b9:58:bb:9b:3c:ff:88:71:f4:4d:5e:6c:
cf:6d:53:30:0c:c5:54:84:82:17:85:90:94:a9:bb:
c7:f8:0b:36:13:5a:5e:3a:0b:f3:b5:20:43:d9:43:
5b:47:2e:38:67:88:5d:98:3d:0c:bb:79:0b:ce:71:
45:37:ca:45:b5:17:a3:eb:23:e0:08:80:c5:62:66:
60:39:a8:58:eb:a5:66:7c:32:b7:e2:5f:29:54:89:
9a:12:8c:a9:20:18:ef:8a:58:53:ae:8f:cf:47:7a:
16:23:ef:34:fa:64:8e:f4:5f:77:95:ab:52:23:a0:
bc:3e:6f:77:c8:7c:01:ab:82:e5:d5:29:41:07:85:
82:a0:bd:29:95:81:cb:f4:3f:3a:e6:92:59:86:65:
36:55:89:d0:b5:1d:e4:c8:64:4b:12:cc:de:84:4f:
25:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:74:C0:17:86:3F:E5:32:8D:8D:AD:50:E2:3D:7C:C7:96:29:3E:5B
X509v3 Authority Key Identifier:
keyid:14:C5:12:62:FE:87:F4:E2:95:EF:9E:7F:87:A1:F9:E4:9F:57:C3:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMUSYv6H9OKV755_h6H55J9XwwA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bdfd19-201a-444d-8d88-6ef4c7c7470b/1/xnTAF4Y_5TKNja1Q4j18x5YpPls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/bdfd19-201a-444d-8d88-6ef4c7c7470b/1/FMUSYv6H9OKV755_h6H55J9XwwA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.50.96.0-185.50.98.255
IPv6:
2a01:a3e0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:0e:49:b1:1f:a7:62:bb:6f:da:90:d5:96:70:d1:a5:bf:2b:
46:d6:20:f9:a0:3e:71:4d:5d:61:53:99:67:2d:8f:77:45:de:
42:90:cf:6b:45:26:77:d8:34:88:02:a4:1b:65:fa:84:41:79:
fc:09:75:c9:b6:d1:6c:12:c1:63:ab:39:28:dc:02:49:a5:7a:
2f:b7:0f:6d:7c:dd:14:a7:12:5f:dd:51:34:2e:33:7b:0c:4d:
70:26:a1:45:26:6b:96:95:79:be:f9:d3:da:7e:b8:39:c5:7c:
09:42:bd:0c:ea:1f:d4:89:75:f4:bb:ca:dc:a6:7b:d6:56:4a:
2c:90:3f:7e:13:fe:4e:ad:00:d6:be:7e:a1:b2:dc:c9:ad:35:
2b:2b:ba:56:84:ca:7a:fe:e6:93:38:ab:db:d4:66:ac:45:77:
c5:a1:b1:fb:16:82:60:65:2c:45:9e:9e:35:7b:4f:40:d3:1e:
bf:0d:a4:8b:ad:0a:2a:eb:b0:8a:e4:bf:28:8c:82:1e:b4:fa:
55:5e:7a:b4:be:c5:c5:8f:ca:d1:fd:ac:2a:04:cf:92:8c:51:
c0:e3:9f:e4:99:95:3a:02:65:d0:71:10:08:50:74:df:9f:48:
8d:8c:0f:35:81:4c:78:71:87:a9:7f:fb:eb:ae:7b:d5:4d:43:
81:c2:8a:8a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3RCOhOYfHyVkt3wcx7aAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzUxMjYyZmU4N2Y0ZTI5NWVmOWU3Zjg3YTFmOWU0OWY1
N2MzMDAwHhcNMjQwMTAxMTYzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjc0YzAxNzg2M2ZlNTMyOGQ4ZGFkNTBlMjNkN2NjNzk2MjkzZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMQKahqusAnxrfuC3JcQOGiT0Ta/
tUP+xwOxUkNY8GVKJXEPuhiQtpJaWFjyn8+hGSXqjyON/1F2Wb+zaihaL6vs+VBF
At47vj7o2kqiRMjD7ctScAu7vV/mlXm5WLubPP+IcfRNXmzPbVMwDMVUhIIXhZCU
qbvH+As2E1peOgvztSBD2UNbRy44Z4hdmD0Mu3kLznFFN8pFtRej6yPgCIDFYmZg
OahY66VmfDK34l8pVImaEoypIBjvilhTro/PR3oWI+80+mSO9F93latSI6C8Pm93
yHwBq4Ll1SlBB4WCoL0plYHL9D865pJZhmU2VYnQtR3kyGRLEszehE8l7QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMZ0wBeGP+UyjY2tUOI9fMeWKT5bMB8GA1UdIwQY
MBaAFBTFEmL+h/Tile+ef4eh+eSfV8MAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1VU1l2Nkg5T0tWNzU1X2g2SDU1SjlYd3dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iZGZkMTktMjAxYS00NDRkLThkODgt
NmVmNGM3Yzc0NzBiLzEveG5UQUY0WV81VEtOamExUTRqMTh4NVlwUGxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iZGZkMTktMjAxYS00NDRkLThkODgtNmVmNGM3Yzc0NzBi
LzEvRk1VU1l2Nkg5T0tWNzU1X2g2SDU1SjlYd3dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAW5MmAD
BAC5MmIwDQQCAAIwBwMFACoBo+AwDQYJKoZIhvcNAQELBQADggEBAHoOSbEfp2K7
b9qQ1ZZw0aW/K0bWIPmgPnFNXWFTmWctj3dF3kKQz2tFJnfYNIgCpBtl+oRBefwJ
dcm20WwSwWOrOSjcAkmlei+3D2183RSnEl/dUTQuM3sMTXAmoUUma5aVeb7509p+
uDnFfAlCvQzqH9SJdfS7ytyme9ZWSiyQP34T/k6tANa+fqGy3MmtNSsrulaEynr+
5pM4q9vUZqxFd8WhsfsWgmBlLEWenjV7T0DTHr8NpIutCirrsIrkvyiMgh60+lVe
erS+xcWPytH9rCoEz5KMUcDjn+SZlToCZdBxEAhQdN+fSI2MDzWBTHhxh6l/++uu
e9VNQ4HCioo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:42:00 2025 by rpki-client