Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/2b42fc-49bc-4f81-987b-85493046ec46/1/RLxTr-p8b8JODzpFFZnStANBlLY.roa
File: RLxTr-p8b8JODzpFFZnStANBlLY.roa (raw, json)
Hash identifier: 6VADD2e9Lr1SZs1yGSmZsiu270jn2b42hupmHjvQLio=
Subject key identifier: 44:BC:53:AF:EA:7C:6F:C2:4E:0F:3A:45:15:99:D2:B4:03:41:94:B6
Certificate issuer: /CN=0701b929fd9edbabae35dd44adc161d7d470b1fa
Certificate serial: 018CC26D3909DAC8E582B5320AE40C56238D
Authority key identifier: 07:01:B9:29:FD:9E:DB:AB:AE:35:DD:44:AD:C1:61:D7:D4:70:B1:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BwG5Kf2e26uuNd1ErcFh19Rwsfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/2b42fc-49bc-4f81-987b-85493046ec46/1/RLxTr-p8b8JODzpFFZnStANBlLY.roa
Signing time: Mon 01 Jan 2024 00:29:47 +0000
ROA not before: Mon 01 Jan 2024 00:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16019
IP address blocks: 185.31.36.0/22 maxlen: 22
2a04:4d40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:39:09:da:c8:e5:82:b5:32:0a:e4:0c:56:23:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0701b929fd9edbabae35dd44adc161d7d470b1fa
Validity
Not Before: Jan 1 00:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44bc53afea7c6fc24e0f3a451599d2b4034194b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:18:03:b1:1e:58:68:fb:af:24:b2:24:a0:31:
5e:56:f2:58:2b:19:45:e6:e8:f7:4c:f6:4a:32:d2:
ba:20:8f:0b:b4:f6:9a:7c:89:25:75:ba:2d:de:6f:
bb:c2:8c:9a:32:25:b3:23:65:c7:cc:d7:3b:cc:93:
80:3c:72:8b:61:0d:ca:c2:c6:d3:a2:b4:05:b9:34:
91:d6:13:3c:b2:e5:a2:3e:d3:16:36:c7:13:f9:fc:
05:10:88:0b:27:b5:d4:4c:08:1b:76:85:9f:66:1e:
c5:9a:f2:47:45:d3:e7:e3:f0:24:f7:ad:c9:63:58:
1a:b6:ba:83:e5:bd:2d:36:60:0f:2e:21:c8:1e:7b:
a9:a6:e5:97:04:8c:76:da:ab:99:8b:9a:69:cd:2b:
e5:61:0e:dc:79:f4:45:6c:8f:9e:4c:0a:87:d3:bc:
79:c7:1d:87:c2:9a:41:fa:dc:4d:47:1b:77:83:65:
b2:8d:c6:3a:51:cc:ef:ea:ba:32:ab:ad:06:a1:a6:
f1:15:d2:14:f3:bc:ca:c3:5f:80:b2:3a:78:c0:46:
23:1d:f6:3d:ab:7f:49:15:77:9e:33:f6:26:fc:db:
d2:5b:33:5d:26:13:c7:63:b5:dc:97:7c:63:17:ed:
95:2d:1e:cc:14:52:96:9a:54:e3:65:59:17:e6:a6:
69:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:BC:53:AF:EA:7C:6F:C2:4E:0F:3A:45:15:99:D2:B4:03:41:94:B6
X509v3 Authority Key Identifier:
keyid:07:01:B9:29:FD:9E:DB:AB:AE:35:DD:44:AD:C1:61:D7:D4:70:B1:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwG5Kf2e26uuNd1ErcFh19Rwsfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2b42fc-49bc-4f81-987b-85493046ec46/1/RLxTr-p8b8JODzpFFZnStANBlLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2b42fc-49bc-4f81-987b-85493046ec46/1/BwG5Kf2e26uuNd1ErcFh19Rwsfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.36.0/22
IPv6:
2a04:4d40::/29
Signature Algorithm: sha256WithRSAEncryption
8f:99:80:d9:af:5a:90:ef:f6:4c:6b:8f:07:7d:b1:f1:34:20:
7a:23:39:04:6d:10:cc:37:af:5c:0e:40:c3:05:a8:18:09:21:
21:af:78:6f:73:41:33:f3:01:7c:c6:39:6c:5b:71:d9:30:9a:
5c:9f:8d:08:7e:ed:94:56:24:f0:3e:db:75:56:3c:2f:be:96:
62:d1:63:4c:06:e4:23:14:ed:05:f6:64:cc:0c:04:23:fc:48:
d8:74:2b:1f:2d:3e:1e:99:f8:24:b1:71:bf:1c:c2:21:a3:98:
fa:8a:32:a7:33:4a:ed:87:d1:7e:71:57:9d:13:5c:0b:75:b6:
10:71:37:b0:54:38:3a:66:32:da:24:6c:60:12:a5:88:e6:6a:
25:75:11:3e:7d:92:18:00:46:91:fd:00:68:33:cf:0a:c7:ad:
f5:ce:0a:8c:04:68:a6:2b:2b:14:79:ea:fb:f6:91:f4:c0:ce:
f6:2c:07:0d:c2:7d:8f:f2:c4:1a:5d:ef:57:ee:56:10:02:32:
e5:72:5e:9d:ca:58:7e:55:5f:2d:21:78:87:50:02:1a:8f:05:
05:ed:90:f0:b7:c4:55:4c:ac:b2:48:76:9c:cf:c5:ea:fe:c7:
da:13:34:31:4a:30:30:43:62:4d:88:c8:0f:58:30:84:0f:46:
c1:b3:5b:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbTkJ2sjlgrUyCuQMViONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDFiOTI5ZmQ5ZWRiYWJhZTM1ZGQ0NGFkYzE2MWQ3ZDQ3
MGIxZmEwHhcNMjQwMTAxMDAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGJjNTNhZmVhN2M2ZmMyNGUwZjNhNDUxNTk5ZDJiNDAzNDE5NGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxgDsR5YaPuvJLIkoDFeVvJYKxlF
5uj3TPZKMtK6II8LtPaafIkldbot3m+7woyaMiWzI2XHzNc7zJOAPHKLYQ3KwsbT
orQFuTSR1hM8suWiPtMWNscT+fwFEIgLJ7XUTAgbdoWfZh7FmvJHRdPn4/Ak963J
Y1gatrqD5b0tNmAPLiHIHnuppuWXBIx22quZi5ppzSvlYQ7cefRFbI+eTAqH07x5
xx2HwppB+txNRxt3g2WyjcY6Uczv6royq60GoabxFdIU87zKw1+Asjp4wEYjHfY9
q39JFXeeM/Ym/NvSWzNdJhPHY7Xcl3xjF+2VLR7MFFKWmlTjZVkX5qZpnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFES8U6/qfG/CTg86RRWZ0rQDQZS2MB8GA1UdIwQY
MBaAFAcBuSn9nturrjXdRK3BYdfUcLH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndHNUtmMmUyNnV1TmQxRXJjRmgxOVJ3c2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8yYjQyZmMtNDliYy00ZjgxLTk4N2It
ODU0OTMwNDZlYzQ2LzEvUkx4VHItcDhiOEpPRHpwRkZablN0QU5CbExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8yYjQyZmMtNDliYy00ZjgxLTk4N2ItODU0OTMwNDZlYzQ2
LzEvQndHNUtmMmUyNnV1TmQxRXJjRmgxOVJ3c2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR8kMA0E
AgACMAcDBQMqBE1AMA0GCSqGSIb3DQEBCwUAA4IBAQCPmYDZr1qQ7/ZMa48HfbHx
NCB6IzkEbRDMN69cDkDDBagYCSEhr3hvc0Ez8wF8xjlsW3HZMJpcn40Ifu2UViTw
Ptt1VjwvvpZi0WNMBuQjFO0F9mTMDAQj/EjYdCsfLT4emfgksXG/HMIho5j6ijKn
M0rth9F+cVedE1wLdbYQcTewVDg6ZjLaJGxgEqWI5moldRE+fZIYAEaR/QBoM88K
x631zgqMBGimKysUeer79pH0wM72LAcNwn2P8sQaXe9X7lYQAjLlcl6dylh+VV8t
IXiHUAIajwUF7ZDwt8RVTKyySHacz8Xq/sfaEzQxSjAwQ2JNiMgPWDCED0bBs1vE
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:24:25 2025 by rpki-client