Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/xy2CE0c1yGLOrKbccUUymohABpg.roa
File: xy2CE0c1yGLOrKbccUUymohABpg.roa (raw, json)
Hash identifier: ase6xehlUpBB4VXyEx/vXmj1NTV5t89ZQ91CJ2Gg7Zs=
Subject key identifier: C7:2D:82:13:47:35:C8:62:CE:AC:A6:DC:71:45:32:9A:88:40:06:98
Certificate issuer: /CN=ea1c951d61b87da19439784d23667a89cb3290a4
Certificate serial: 018CC500269AE230EA80EBBA109F0D9F8136
Authority key identifier: EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/xy2CE0c1yGLOrKbccUUymohABpg.roa
Signing time: Mon 01 Jan 2024 12:29:30 +0000
ROA not before: Mon 01 Jan 2024 12:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203603
IP address blocks: 185.249.233.0/24 maxlen: 24
185.249.234.0/23 maxlen: 23
185.113.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:26:9a:e2:30:ea:80:eb:ba:10:9f:0d:9f:81:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1c951d61b87da19439784d23667a89cb3290a4
Validity
Not Before: Jan 1 12:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c72d82134735c862ceaca6dc7145329a88400698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ff:0b:94:d2:d5:99:73:f2:1e:9b:e0:ac:a5:
6e:a6:57:62:e3:2d:4e:96:d5:32:0e:38:ff:5d:50:
7a:7e:1b:71:c9:ed:75:22:90:0a:5d:33:01:8e:ba:
a1:5c:7e:06:48:a2:ee:3b:85:be:04:ce:e7:8e:c0:
a4:51:97:f9:5f:7f:7d:8b:0e:7f:92:35:e8:82:01:
07:c7:91:bf:b6:7d:a2:00:14:3a:7a:e1:7d:3a:a3:
e0:fb:7f:3a:83:3c:32:ee:e2:87:f6:d6:c4:01:34:
78:df:cd:0f:3f:65:0b:9e:c2:fc:52:43:e4:f3:03:
fc:a8:57:5d:ac:47:d6:f1:89:0a:c1:e8:38:7f:3c:
66:d7:e3:d2:c5:71:b8:a9:c5:73:b4:ec:02:e7:ae:
e5:78:77:e1:59:f5:f9:80:77:71:f0:ec:79:eb:40:
b6:fd:d5:ae:32:20:1e:3d:93:ca:f2:23:67:0c:bb:
b8:b4:32:08:e6:37:8f:eb:6e:59:2e:40:95:36:86:
b6:e7:b1:ed:96:d3:2b:f3:60:6c:1b:62:a3:35:6d:
fc:79:ef:1b:59:5f:8e:38:ea:8e:f7:e4:1b:86:18:
28:b6:0e:74:f0:8a:76:8e:cf:a9:78:c6:57:4b:ce:
f4:ca:fd:ed:ff:32:2a:9c:65:8b:8e:fb:ec:bf:0f:
11:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2D:82:13:47:35:C8:62:CE:AC:A6:DC:71:45:32:9A:88:40:06:98
X509v3 Authority Key Identifier:
keyid:EA:1C:95:1D:61:B8:7D:A1:94:39:78:4D:23:66:7A:89:CB:32:90:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6hyVHWG4faGUOXhNI2Z6icsykKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/xy2CE0c1yGLOrKbccUUymohABpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/617715-9484-40f9-896c-724b1a0212d4/1/6hyVHWG4faGUOXhNI2Z6icsykKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.236.0/22
185.249.233.0-185.249.235.255
Signature Algorithm: sha256WithRSAEncryption
3e:d4:99:b2:46:25:de:d7:51:46:5a:eb:c6:9a:08:78:33:43:
0f:31:3b:3c:65:fa:42:5b:a3:af:65:65:2d:89:2c:06:51:db:
8f:d6:ec:1e:12:ed:80:97:62:40:98:2b:ca:44:2a:71:5a:35:
b1:a2:52:89:e1:33:29:4e:3d:38:ae:28:61:d9:5d:fd:88:b4:
8c:c5:41:c2:6e:fd:86:ea:4a:fe:8f:46:87:d7:1b:42:71:09:
d7:fd:5e:92:c4:c6:8d:fa:35:99:8b:7c:99:14:4e:30:3d:61:
a4:25:50:6a:74:23:b9:77:49:e2:71:e4:ff:d4:3b:17:f1:b3:
8b:7b:c2:cb:fc:bb:28:df:7f:8a:03:5d:84:e4:b1:f8:19:8c:
8d:5f:a0:bb:c2:e2:da:71:f9:f1:38:ad:84:8c:77:8d:cb:15:
ee:04:ee:43:d4:78:46:c5:3e:e3:2e:68:69:9e:40:b1:ad:65:
ac:09:b4:5c:64:a9:83:b4:d0:83:9d:ac:c2:36:67:54:22:36:
7e:d6:72:b6:8f:7c:99:2d:1e:5e:96:c0:9d:29:b2:76:d5:01:
92:59:23:82:36:98:fc:cb:fb:67:b9:d0:73:6a:67:03:34:de:
42:92:26:7f:c5:1e:ce:db:7f:34:73:54:53:03:b3:b1:7f:5d:
ea:9b:ac:5e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFACaa4jDqgOu6EJ8Nn4E2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMWM5NTFkNjFiODdkYTE5NDM5Nzg0ZDIzNjY3YTg5Y2Iz
MjkwYTQwHhcNMjQwMTAxMTIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzJkODIxMzQ3MzVjODYyY2VhY2E2ZGM3MTQ1MzI5YTg4NDAwNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/8LlNLVmXPyHpvgrKVupldi4y1O
ltUyDjj/XVB6fhtxye11IpAKXTMBjrqhXH4GSKLuO4W+BM7njsCkUZf5X399iw5/
kjXoggEHx5G/tn2iABQ6euF9OqPg+386gzwy7uKH9tbEATR4380PP2ULnsL8UkPk
8wP8qFddrEfW8YkKweg4fzxm1+PSxXG4qcVztOwC567leHfhWfX5gHdx8Ox560C2
/dWuMiAePZPK8iNnDLu4tDII5jeP625ZLkCVNoa257HtltMr82BsG2KjNW38ee8b
WV+OOOqO9+Qbhhgotg508Ip2js+peMZXS870yv3t/zIqnGWLjvvsvw8RSQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMctghNHNchizqym3HFFMpqIQAaYMB8GA1UdIwQY
MBaAFOoclR1huH2hlDl4TSNmeonLMpCkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmh5VkhXRzRmYUdVT1hoTkkyWjZpY3N5a0tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82MTc3MTUtOTQ4NC00MGY5LTg5NmMt
NzI0YjFhMDIxMmQ0LzEveHkyQ0UwYzF5R0xPcktiY2NVVXltb2hBQnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82MTc3MTUtOTQ4NC00MGY5LTg5NmMtNzI0YjFhMDIxMmQ0
LzEvNmh5VkhXRzRmYUdVT1hoTkkyWjZpY3N5a0tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuXHsMAwD
BAC5+ekDBAK5+egwDQYJKoZIhvcNAQELBQADggEBAD7UmbJGJd7XUUZa68aaCHgz
Qw8xOzxl+kJbo69lZS2JLAZR24/W7B4S7YCXYkCYK8pEKnFaNbGiUonhMylOPTiu
KGHZXf2ItIzFQcJu/YbqSv6PRofXG0JxCdf9XpLExo36NZmLfJkUTjA9YaQlUGp0
I7l3SeJx5P/UOxfxs4t7wsv8uyjff4oDXYTksfgZjI1foLvC4tpx+fE4rYSMd43L
Fe4E7kPUeEbFPuMuaGmeQLGtZawJtFxkqYO00IOdrMI2Z1QiNn7WcraPfJktHl6W
wJ0psnbVAZJZI4I2mPzL+2e50HNqZwM03kKSJn/FHs7bfzRzVFMDs7F/XeqbrF4=
-----END CERTIFICATE-----
Generated at Fri Apr 18 09:58:09 2025 by rpki-client