Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2a0808-7e97-47e0-afbb-74ccd8240bad/1/xp1JGS6h3gih6q4UF-e22uE97bI.roa
File: xp1JGS6h3gih6q4UF-e22uE97bI.roa (raw, json)
Hash identifier: Nfmr9jCYPjHaHDgOXwsrlhrxZ5fJTKWKHiKyv8n419s=
Subject key identifier: C6:9D:49:19:2E:A1:DE:08:A1:EA:AE:14:17:E7:B6:DA:E1:3D:ED:B2
Certificate issuer: /CN=59877720c014688494ea6910c83474de13e99802
Certificate serial: 018D078F2EFFE4EF82FD423F2E2E3C378E4C
Authority key identifier: 59:87:77:20:C0:14:68:84:94:EA:69:10:C8:34:74:DE:13:E9:98:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WYd3IMAUaISU6mkQyDR03hPpmAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2a0808-7e97-47e0-afbb-74ccd8240bad/1/xp1JGS6h3gih6q4UF-e22uE97bI.roa
Signing time: Sun 14 Jan 2024 10:40:40 +0000
ROA not before: Sun 14 Jan 2024 10:40:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.144.15.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:07:8f:2e:ff:e4:ef:82:fd:42:3f:2e:2e:3c:37:8e:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59877720c014688494ea6910c83474de13e99802
Validity
Not Before: Jan 14 10:40:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c69d49192ea1de08a1eaae1417e7b6dae13dedb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:95:9c:3d:d6:2b:20:35:64:80:45:d9:b4:57:
21:46:4d:e2:63:64:d9:ee:66:80:f6:4b:e6:32:38:
a0:88:ed:2c:58:ee:6d:80:f4:77:82:8b:1e:60:56:
7e:d3:98:e2:fa:54:4c:a2:c1:2f:b4:9c:6c:be:c3:
51:b4:94:a3:bd:77:c2:4c:3c:12:48:65:2b:7a:54:
be:c0:e3:1d:5d:29:03:68:ba:97:f0:8c:e2:1c:76:
e5:00:2f:e2:71:51:61:7b:d4:2b:37:4c:78:b0:47:
6d:57:f6:b1:a5:2e:7b:02:90:bd:01:f4:d6:0a:01:
ab:92:d3:59:43:90:9e:53:e1:6e:b2:87:aa:36:51:
64:d7:6b:a2:18:72:42:9a:6b:29:f9:58:96:93:22:
8d:03:9f:00:73:e0:d0:06:e5:33:d6:4e:89:8f:75:
38:89:53:a5:73:3c:ef:c5:7e:7b:40:da:17:6b:33:
7d:55:59:06:10:78:5e:54:58:0b:54:64:4d:a0:5a:
d8:63:60:c0:7d:9b:24:f8:5e:e5:b7:43:82:ea:47:
4c:15:f9:bc:7f:e1:7e:0f:82:59:3f:1f:59:91:3a:
07:52:86:78:9d:87:35:ca:0b:bd:9e:0b:55:39:cb:
5f:b2:ae:30:25:d5:53:9f:59:96:e0:5b:c1:8f:be:
0d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9D:49:19:2E:A1:DE:08:A1:EA:AE:14:17:E7:B6:DA:E1:3D:ED:B2
X509v3 Authority Key Identifier:
keyid:59:87:77:20:C0:14:68:84:94:EA:69:10:C8:34:74:DE:13:E9:98:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WYd3IMAUaISU6mkQyDR03hPpmAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2a0808-7e97-47e0-afbb-74ccd8240bad/1/xp1JGS6h3gih6q4UF-e22uE97bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2a0808-7e97-47e0-afbb-74ccd8240bad/1/WYd3IMAUaISU6mkQyDR03hPpmAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.15.0/24
Signature Algorithm: sha256WithRSAEncryption
22:a8:b5:d8:52:b2:e7:e5:e0:ca:96:1c:c0:cf:df:52:c3:af:
dd:77:84:17:94:78:c8:ec:1c:7c:84:99:4d:a8:bb:d8:63:53:
0e:00:7a:45:0a:fa:6e:9a:43:22:96:28:ca:ba:22:1e:29:54:
7d:d4:af:74:15:2f:38:5c:22:6b:72:ec:34:b3:fd:24:02:84:
2f:a3:4c:28:91:59:fe:a0:95:c7:0b:c4:76:17:c5:4a:46:67:
74:11:4b:61:2d:b7:d6:8b:1a:cc:ff:25:4d:b3:c3:ab:ef:2e:
c0:bc:bf:bb:aa:83:ec:b4:32:20:1c:62:bf:eb:17:5b:aa:f1:
04:35:56:82:56:89:f4:b8:17:b2:df:85:8d:d5:33:9f:73:ef:
ab:79:1e:f0:9d:87:ba:33:ae:5a:87:3a:ea:bc:94:94:38:11:
b7:5c:39:48:ed:eb:94:be:ea:7e:09:bb:7d:2c:dd:1f:e8:ce:
cd:0d:06:ed:9b:9f:d8:40:da:69:cc:fa:0a:60:04:bc:91:1b:
bd:4b:2b:ad:7a:70:6a:ab:73:f3:be:02:c9:5b:9f:30:67:49:
77:f8:7f:e4:1e:fe:0f:9d:2b:c2:1d:80:85:22:f7:25:9c:5d:
44:e9:2f:c9:5f:0c:9f:d0:b1:6a:4a:86:13:cd:c7:99:fd:bc:
0d:14:15:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0Hjy7/5O+C/UI/Li48N45MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ODc3NzIwYzAxNDY4ODQ5NGVhNjkxMGM4MzQ3NGRlMTNl
OTk4MDIwHhcNMjQwMTE0MTA0MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjlkNDkxOTJlYTFkZTA4YTFlYWFlMTQxN2U3YjZkYWUxM2RlZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZWcPdYrIDVkgEXZtFchRk3iY2TZ
7maA9kvmMjigiO0sWO5tgPR3goseYFZ+05ji+lRMosEvtJxsvsNRtJSjvXfCTDwS
SGUrelS+wOMdXSkDaLqX8IziHHblAC/icVFhe9QrN0x4sEdtV/axpS57ApC9AfTW
CgGrktNZQ5CeU+FusoeqNlFk12uiGHJCmmsp+ViWkyKNA58Ac+DQBuUz1k6Jj3U4
iVOlczzvxX57QNoXazN9VVkGEHheVFgLVGRNoFrYY2DAfZsk+F7lt0OC6kdMFfm8
f+F+D4JZPx9ZkToHUoZ4nYc1ygu9ngtVOctfsq4wJdVTn1mW4FvBj74N3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMadSRkuod4IoequFBfnttrhPe2yMB8GA1UdIwQY
MBaAFFmHdyDAFGiElOppEMg0dN4T6ZgCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1lkM0lNQVVhSVNVNm1rUXlEUjAzaFBwbUFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yYTA4MDgtN2U5Ny00N2UwLWFmYmIt
NzRjY2Q4MjQwYmFkLzEveHAxSkdTNmgzZ2loNnE0VUYtZTIydUU5N2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yYTA4MDgtN2U5Ny00N2UwLWFmYmItNzRjY2Q4MjQwYmFk
LzEvV1lkM0lNQVVhSVNVNm1rUXlEUjAzaFBwbUFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZAPMA0G
CSqGSIb3DQEBCwUAA4IBAQAiqLXYUrLn5eDKlhzAz99Sw6/dd4QXlHjI7Bx8hJlN
qLvYY1MOAHpFCvpumkMilijKuiIeKVR91K90FS84XCJrcuw0s/0kAoQvo0wokVn+
oJXHC8R2F8VKRmd0EUthLbfWixrM/yVNs8Or7y7AvL+7qoPstDIgHGK/6xdbqvEE
NVaCVon0uBey34WN1TOfc++reR7wnYe6M65ahzrqvJSUOBG3XDlI7euUvup+Cbt9
LN0f6M7NDQbtm5/YQNppzPoKYAS8kRu9SyutenBqq3PzvgLJW58wZ0l3+H/kHv4P
nSvCHYCFIvclnF1E6S/JXwyf0LFqSoYTzceZ/bwNFBU3
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:03 2025 by rpki-client