Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Xkkfwr-G7UGD3dPMMOvuwlELMOY.roa
File: Xkkfwr-G7UGD3dPMMOvuwlELMOY.roa (raw, json)
Hash identifier: esUbHPQb8UQHST/Ws4gGAryLXbuG+0/cqebtiT4xkms=
Subject key identifier: 5E:49:1F:C2:BF:86:ED:41:83:DD:D3:CC:30:EB:EE:C2:51:0B:30:E6
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018F96559E0B41781B05F2BE3D2143732385
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Xkkfwr-G7UGD3dPMMOvuwlELMOY.roa
Signing time: Mon 20 May 2024 14:09:04 +0000
ROA not before: Mon 20 May 2024 14:09:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57053
IP address blocks: 185.155.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:96:55:9e:0b:41:78:1b:05:f2:be:3d:21:43:73:23:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: May 20 14:09:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e491fc2bf86ed4183ddd3cc30ebeec2510b30e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:86:3f:b6:0f:3e:7b:2e:d7:c6:3e:74:ea:fc:
63:b9:75:6e:23:ec:3a:95:bc:5a:81:ce:ed:12:a5:
c6:ba:e7:58:a2:ee:7f:28:51:4b:cc:5e:52:b5:c3:
ad:18:ba:8e:bb:1f:13:ec:6c:ef:48:22:1f:aa:a6:
ac:58:23:d8:a7:dd:ef:bb:f5:e1:b3:94:17:f5:27:
3f:bf:6c:86:cc:8d:a2:dd:f1:aa:11:35:e6:8a:fc:
89:69:2f:f0:fb:eb:d1:a6:a5:69:3a:9d:9f:75:b5:
14:d8:c7:59:b3:c6:cd:04:9a:f8:0b:c4:6c:54:7b:
5e:69:48:88:cb:de:61:46:21:24:14:f1:5d:ff:e2:
bd:df:ae:51:07:5e:39:dc:94:c4:c6:f2:d7:da:f7:
27:c0:b4:7c:b1:89:3e:62:dd:19:cb:46:45:b7:6d:
83:32:7c:0f:20:65:7c:c9:92:59:65:14:27:b2:e7:
47:01:f8:3c:d4:82:3c:3a:89:f4:d9:d2:9c:cf:0c:
00:53:be:7f:6e:89:17:2f:0e:6b:2a:ba:38:14:5d:
e1:99:42:f2:ef:d8:18:44:77:bf:88:b6:5f:2d:e8:
4b:30:07:55:e8:b1:4a:0d:98:b4:ee:1e:4f:f5:32:
2b:c4:9e:e1:58:82:a4:1d:19:b8:48:5a:db:5f:15:
09:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:49:1F:C2:BF:86:ED:41:83:DD:D3:CC:30:EB:EE:C2:51:0B:30:E6
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/Xkkfwr-G7UGD3dPMMOvuwlELMOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.159.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:aa:5c:a1:6e:6f:af:a7:55:78:57:89:7f:f3:bf:27:0e:84:
b5:06:58:62:38:12:6c:6c:ff:56:7a:55:c0:c0:46:28:6d:94:
30:ec:3a:e0:81:b3:0c:f9:b5:77:30:d9:17:5b:d7:19:db:66:
10:72:6e:1c:63:91:ba:c5:41:d7:3e:f6:5a:d0:50:47:7e:20:
df:36:81:1b:f9:8b:96:c4:00:48:ea:99:89:49:ea:b5:a6:ad:
67:c0:72:45:ac:d8:8b:9b:c8:e7:fb:85:2e:07:9c:85:42:55:
41:2d:d5:fb:21:21:6a:c9:09:33:09:5d:81:fe:2b:cb:60:9e:
ce:fc:d4:bb:e1:63:33:ff:ef:1a:72:9d:b7:13:12:73:07:e2:
67:5f:0c:e4:b9:2d:65:87:46:c7:d5:e8:c0:65:dc:6f:2e:17:
55:a0:73:95:94:f2:17:5b:a3:f6:d0:18:4c:45:ae:b8:25:db:
84:1b:4d:ef:20:ba:e9:a0:a6:ed:2a:5b:35:26:fb:e5:80:ef:
0e:a0:6a:bc:6d:71:af:5b:78:45:b7:4c:c8:b5:dd:50:f6:94:
59:b5:12:d3:e3:09:f0:55:dc:ac:a5:bb:82:76:cd:5d:03:20:
73:99:fc:9d:5b:24:55:6f:d4:f5:91:7c:ef:89:2d:dd:48:08:
86:7e:bf:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+WVZ4LQXgbBfK+PSFDcyOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQwNTIwMTQwOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTQ5MWZjMmJmODZlZDQxODNkZGQzY2MzMGViZWVjMjUxMGIzMGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIY/tg8+ey7Xxj506vxjuXVuI+w6
lbxagc7tEqXGuudYou5/KFFLzF5StcOtGLqOux8T7GzvSCIfqqasWCPYp93vu/Xh
s5QX9Sc/v2yGzI2i3fGqETXmivyJaS/w++vRpqVpOp2fdbUU2MdZs8bNBJr4C8Rs
VHteaUiIy95hRiEkFPFd/+K9365RB1453JTExvLX2vcnwLR8sYk+Yt0Zy0ZFt22D
MnwPIGV8yZJZZRQnsudHAfg81II8Oon02dKczwwAU75/bokXLw5rKro4FF3hmULy
79gYRHe/iLZfLehLMAdV6LFKDZi07h5P9TIrxJ7hWIKkHRm4SFrbXxUJHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5JH8K/hu1Bg93TzDDr7sJRCzDmMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvWGtrZndyLUc3VUdEM2RQTU1PdnV3bEVMTU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZufMA0G
CSqGSIb3DQEBCwUAA4IBAQB7qlyhbm+vp1V4V4l/878nDoS1BlhiOBJsbP9WelXA
wEYobZQw7DrggbMM+bV3MNkXW9cZ22YQcm4cY5G6xUHXPvZa0FBHfiDfNoEb+YuW
xABI6pmJSeq1pq1nwHJFrNiLm8jn+4UuB5yFQlVBLdX7ISFqyQkzCV2B/ivLYJ7O
/NS74WMz/+8acp23ExJzB+JnXwzkuS1lh0bH1ejAZdxvLhdVoHOVlPIXW6P20BhM
Ra64JduEG03vILrpoKbtKls1JvvlgO8OoGq8bXGvW3hFt0zItd1Q9pRZtRLT4wnw
VdyspbuCds1dAyBzmfydWyRVb9T1kXzviS3dSAiGfr/O
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:36 2025 by rpki-client