Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/xAXLq_VWhRj3RPxHOzdn18PXn-U.roa
File: xAXLq_VWhRj3RPxHOzdn18PXn-U.roa (raw, json)
Hash identifier: 4ZyBSkxWO5G+XnGVwgx/NPOCVNUV20X6N8b+BY+x15o=
Subject key identifier: C4:05:CB:AB:F5:56:85:18:F7:44:FC:47:3B:37:67:D7:C3:D7:9F:E5
Certificate issuer: /CN=e73cf9433eb80fe9027084529a25412ddfe5bd01
Certificate serial: 018F53B7F884DB63AE01C2EE07179329574A
Authority key identifier: E7:3C:F9:43:3E:B8:0F:E9:02:70:84:52:9A:25:41:2D:DF:E5:BD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5zz5Qz64D-kCcIRSmiVBLd_lvQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/xAXLq_VWhRj3RPxHOzdn18PXn-U.roa
Signing time: Tue 07 May 2024 15:41:56 +0000
ROA not before: Tue 07 May 2024 15:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205112
IP address blocks: 185.65.240.0/22 maxlen: 24
185.232.100.0/22 maxlen: 24
2a0c:1700::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 29 May 2024 06:51:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:b7:f8:84:db:63:ae:01:c2:ee:07:17:93:29:57:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e73cf9433eb80fe9027084529a25412ddfe5bd01
Validity
Not Before: May 7 15:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c405cbabf5568518f744fc473b3767d7c3d79fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:66:41:f2:e6:83:1e:49:1a:5f:40:8d:70:c8:
c0:c3:e7:5a:98:70:59:b5:a7:b9:85:4b:40:90:3f:
72:14:74:f6:6d:27:59:42:51:03:38:c4:fb:7f:8f:
b1:7b:dc:d0:fb:68:f8:2b:a5:5e:92:df:de:1d:c1:
ef:33:0b:28:32:a7:4c:7b:cd:0c:06:f9:75:3b:e5:
d7:1c:16:dd:bf:00:d5:a5:89:2d:05:2a:19:6e:35:
31:ab:13:44:e6:23:6a:4a:81:75:5d:96:b1:f2:9f:
f5:78:ce:b9:c2:7c:2b:f1:ab:a4:40:bc:79:67:54:
a8:f7:0a:4a:bb:3b:85:8d:cd:35:94:e6:94:0c:16:
e8:f0:59:a1:dd:fd:44:dc:ea:f0:03:84:64:86:77:
ac:cf:b7:a4:9f:b0:1c:72:7d:79:46:7b:e5:5d:2b:
3a:6c:35:ec:26:b7:d4:c8:ea:fc:3b:37:3b:24:3b:
68:83:d7:53:d4:2f:e6:97:62:b3:7d:01:bd:38:bd:
10:b3:9a:9f:a9:7a:f5:f9:35:6b:66:e3:a3:25:71:
77:4b:9b:da:a2:9a:89:75:59:f1:1a:92:0e:18:53:
a8:fb:c4:74:51:dc:a1:39:a4:6d:e9:42:70:8b:09:
1c:9c:84:4b:c4:69:3c:aa:2f:60:f4:28:6f:7c:d5:
80:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:05:CB:AB:F5:56:85:18:F7:44:FC:47:3B:37:67:D7:C3:D7:9F:E5
X509v3 Authority Key Identifier:
keyid:E7:3C:F9:43:3E:B8:0F:E9:02:70:84:52:9A:25:41:2D:DF:E5:BD:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zz5Qz64D-kCcIRSmiVBLd_lvQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/xAXLq_VWhRj3RPxHOzdn18PXn-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/5zz5Qz64D-kCcIRSmiVBLd_lvQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.240.0/22
185.232.100.0/22
IPv6:
2a0c:1700::/29
Signature Algorithm: sha256WithRSAEncryption
a1:b2:e4:09:e9:8b:7c:97:39:06:e9:44:7f:a2:3d:18:46:a1:
be:ef:de:30:3d:7e:d7:42:02:7d:17:b5:22:25:a8:2a:d4:13:
0e:4f:e6:78:b6:cf:19:9f:1c:b6:53:7f:16:c6:e2:7b:6c:0d:
2d:54:af:ae:09:2f:ff:5e:e5:7c:71:03:15:4b:70:f3:6e:92:
e0:20:84:e2:e6:42:40:1a:b5:3b:aa:0b:7e:d5:cf:94:39:d8:
d6:95:4e:4c:e3:d0:5a:de:7f:59:14:74:53:a4:c0:b6:ad:59:
78:fc:78:44:9a:3e:cd:1b:33:0c:91:ed:72:f0:2a:b8:a4:7e:
12:8a:16:b9:f2:f5:0a:eb:2a:05:7d:b6:72:0f:cb:2c:e4:34:
10:18:d6:90:db:db:fc:e1:92:6f:7f:3b:e3:0f:d6:7c:a3:14:
8c:ce:f9:94:ed:95:00:2d:2d:47:f9:b3:fb:0f:6e:93:d7:64:
df:1b:74:f3:6d:6f:ad:90:1a:a1:25:d5:67:49:94:3a:c5:41:
1d:5d:df:f3:75:2b:52:6b:1c:21:01:a3:e5:a9:ab:01:3a:c6:
8d:ab:dc:10:16:6d:a6:5b:eb:1d:1e:dd:fe:ae:2c:30:6d:0a:
6d:d7:0c:14:46:28:29:5f:f5:e1:e6:55:c4:fb:97:31:0c:8e:
42:dd:73:72
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY9Tt/iE22OuAcLuBxeTKVdKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3M2NmOTQzM2ViODBmZTkwMjcwODQ1MjlhMjU0MTJkZGZl
NWJkMDEwHhcNMjQwNTA3MTU0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA1Y2JhYmY1NTY4NTE4Zjc0NGZjNDczYjM3NjdkN2MzZDc5ZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmZB8uaDHkkaX0CNcMjAw+damHBZ
tae5hUtAkD9yFHT2bSdZQlEDOMT7f4+xe9zQ+2j4K6Vekt/eHcHvMwsoMqdMe80M
Bvl1O+XXHBbdvwDVpYktBSoZbjUxqxNE5iNqSoF1XZax8p/1eM65wnwr8aukQLx5
Z1So9wpKuzuFjc01lOaUDBbo8Fmh3f1E3OrwA4Rkhnesz7ekn7Accn15RnvlXSs6
bDXsJrfUyOr8Ozc7JDtog9dT1C/ml2KzfQG9OL0Qs5qfqXr1+TVrZuOjJXF3S5va
opqJdVnxGpIOGFOo+8R0UdyhOaRt6UJwiwkcnIRLxGk8qi9g9ChvfNWAuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMQFy6v1VoUY90T8Rzs3Z9fD15/lMB8GA1UdIwQY
MBaAFOc8+UM+uA/pAnCEUpolQS3f5b0BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXp6NVF6NjRELWtDY0lSU21pVkJMZF9sdlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MTdjMTQtYjgwMC00YzE1LWE4OWUt
NzA0ZjI2MzM4OWUyLzEveEFYTHFfVldoUmozUlB4SE96ZG4xOFBYbi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MTdjMTQtYjgwMC00YzE1LWE4OWUtNzA0ZjI2MzM4OWUy
LzEvNXp6NVF6NjRELWtDY0lSU21pVkJMZF9sdlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUHwAwQC
uehkMA0EAgACMAcDBQMqDBcAMA0GCSqGSIb3DQEBCwUAA4IBAQChsuQJ6Yt8lzkG
6UR/oj0YRqG+794wPX7XQgJ9F7UiJagq1BMOT+Z4ts8Znxy2U38WxuJ7bA0tVK+u
CS//XuV8cQMVS3DzbpLgIITi5kJAGrU7qgt+1c+UOdjWlU5M49Ba3n9ZFHRTpMC2
rVl4/HhEmj7NGzMMke1y8Cq4pH4Siha58vUK6yoFfbZyD8ss5DQQGNaQ29v84ZJv
fzvjD9Z8oxSMzvmU7ZUALS1H+bP7D26T12TfG3TzbW+tkBqhJdVnSZQ6xUEdXd/z
dStSaxwhAaPlqasBOsaNq9wQFm2mW+sdHt3+riwwbQpt1wwURigpX/Xh5lXE+5cx
DI5C3XNy
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:11 2025 by rpki-client