Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/oxXtPiCbxePi52hboTig6lMMo5o.roa
File: oxXtPiCbxePi52hboTig6lMMo5o.roa (raw, json)
Hash identifier: Vq0T3kgavYSIVF1YR8V9oI2DzflsWpVF53TNZ/Y/JwE=
Subject key identifier: A3:15:ED:3E:20:9B:C5:E3:E2:E7:68:5B:A1:38:A0:EA:53:0C:A3:9A
Certificate issuer: /CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Certificate serial: 018CC726F0A8464644216191329FB08DF542
Authority key identifier: 58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/oxXtPiCbxePi52hboTig6lMMo5o.roa
Signing time: Mon 01 Jan 2024 22:31:07 +0000
ROA not before: Mon 01 Jan 2024 22:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202563
IP address blocks: 185.222.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 13:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f0:a8:46:46:44:21:61:91:32:9f:b0:8d:f5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=581ecc1a74cf92ab619c5f710123937ce50d9c43
Validity
Not Before: Jan 1 22:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a315ed3e209bc5e3e2e7685ba138a0ea530ca39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1b:c1:1a:28:08:00:a4:b1:84:2c:e9:02:a9:
a4:b6:97:be:08:4f:c8:29:3c:34:29:f4:7a:b5:09:
cb:f5:ea:30:3b:86:36:24:34:6e:dc:86:83:c3:06:
83:c5:61:2e:42:48:50:3f:71:2c:3f:92:f4:9d:7f:
93:b7:4c:9c:42:5a:6e:1b:53:20:1b:12:09:6d:1a:
ae:5f:62:25:7d:fc:44:85:8a:ac:bf:b6:31:cf:1e:
b2:ec:d7:1b:79:9a:bf:da:8c:b4:be:08:a3:65:9b:
87:da:29:c6:d3:a6:13:b2:26:45:9b:f9:e1:40:af:
cb:7f:80:e8:5e:64:72:1c:44:dd:3b:c7:a3:d0:e3:
3f:fc:d8:dd:7c:64:1b:14:b3:6c:68:a9:a1:91:7e:
de:20:4e:78:79:2e:1a:24:91:f7:72:ba:32:d1:be:
c6:bc:45:43:69:6a:9a:84:c4:f6:79:49:c1:22:69:
a7:73:c0:4d:bb:f1:cb:f6:c2:c6:9d:f8:92:40:62:
37:fb:b1:1a:83:7b:5a:c0:a1:51:eb:7d:9c:38:dd:
0a:5a:c4:21:d5:18:38:78:5b:51:c9:e8:96:34:a4:
27:94:39:99:48:1a:5a:30:6f:ea:3b:e6:6c:fc:2b:
4f:f7:38:42:48:8b:f7:6a:2c:73:67:ca:b7:ac:20:
26:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:15:ED:3E:20:9B:C5:E3:E2:E7:68:5B:A1:38:A0:EA:53:0C:A3:9A
X509v3 Authority Key Identifier:
keyid:58:1E:CC:1A:74:CF:92:AB:61:9C:5F:71:01:23:93:7C:E5:0D:9C:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WB7MGnTPkqthnF9xASOTfOUNnEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/oxXtPiCbxePi52hboTig6lMMo5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/c71daf-dd66-41d8-b04f-da88b6bdb316/1/WB7MGnTPkqthnF9xASOTfOUNnEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.4.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:0b:0d:cd:ea:47:c4:ea:03:f4:d6:c6:2d:b0:66:9b:4f:94:
0e:db:89:aa:f9:e7:3e:ff:eb:5d:68:e6:fe:09:70:81:bf:34:
40:85:37:54:fc:37:61:26:9a:94:b9:47:4f:c0:b8:e6:47:f1:
4d:f6:34:00:c9:16:41:ef:80:27:95:98:fa:92:77:c3:22:5a:
8a:0a:06:49:95:21:74:59:05:39:18:c0:86:55:74:20:b1:05:
a2:0c:a1:b4:13:3a:1d:c0:be:85:8a:76:52:0e:ba:89:bb:c5:
d9:b1:a3:cc:1b:43:a6:1f:39:0b:8f:ef:f2:1e:15:1a:d8:b4:
5c:6b:8d:fe:9f:3a:20:32:0a:79:0a:3e:2c:cc:ed:6c:0d:c1:
cd:e7:f6:86:f4:80:aa:36:2b:d5:a5:f7:30:38:a0:26:0a:15:
2a:8d:c5:b3:32:4a:b1:d8:e7:0d:1d:9a:76:8e:40:5b:85:21:
da:f7:c5:d9:a1:64:0e:9f:66:20:24:5f:9d:98:36:52:37:59:
a9:72:12:af:13:c2:f2:fc:b9:8e:cf:21:73:4c:df:55:4b:60:
82:a4:b6:d8:1b:f2:84:af:4e:3f:4d:83:10:05:c8:2d:a7:35:
31:7b:e1:e2:5b:ff:43:a7:fe:c2:a1:eb:44:c3:19:25:89:77:
14:b8:e8:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJvCoRkZEIWGRMp+wjfVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MWVjYzFhNzRjZjkyYWI2MTljNWY3MTAxMjM5MzdjZTUw
ZDljNDMwHhcNMjQwMTAxMjIzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE1ZWQzZTIwOWJjNWUzZTJlNzY4NWJhMTM4YTBlYTUzMGNhMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRvBGigIAKSxhCzpAqmktpe+CE/I
KTw0KfR6tQnL9eowO4Y2JDRu3IaDwwaDxWEuQkhQP3EsP5L0nX+Tt0ycQlpuG1Mg
GxIJbRquX2IlffxEhYqsv7Yxzx6y7NcbeZq/2oy0vgijZZuH2inG06YTsiZFm/nh
QK/Lf4DoXmRyHETdO8ej0OM//NjdfGQbFLNsaKmhkX7eIE54eS4aJJH3croy0b7G
vEVDaWqahMT2eUnBImmnc8BNu/HL9sLGnfiSQGI3+7Eag3tawKFR632cON0KWsQh
1Rg4eFtRyeiWNKQnlDmZSBpaMG/qO+Zs/CtP9zhCSIv3aixzZ8q3rCAmBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKMV7T4gm8Xj4udoW6E4oOpTDKOaMB8GA1UdIwQY
MBaAFFgezBp0z5KrYZxfcQEjk3zlDZxDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYt
ZGE4OGI2YmRiMzE2LzEvb3hYdFBpQ2J4ZVBpNTJoYm9UaWc2bE1NbzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9jNzFkYWYtZGQ2Ni00MWQ4LWIwNGYtZGE4OGI2YmRiMzE2
LzEvV0I3TUduVFBrcXRobkY5eEFTT1RmT1VObkVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud4EMA0G
CSqGSIb3DQEBCwUAA4IBAQBKCw3N6kfE6gP01sYtsGabT5QO24mq+ec+/+tdaOb+
CXCBvzRAhTdU/DdhJpqUuUdPwLjmR/FN9jQAyRZB74AnlZj6knfDIlqKCgZJlSF0
WQU5GMCGVXQgsQWiDKG0EzodwL6FinZSDrqJu8XZsaPMG0OmHzkLj+/yHhUa2LRc
a43+nzogMgp5Cj4szO1sDcHN5/aG9ICqNivVpfcwOKAmChUqjcWzMkqx2OcNHZp2
jkBbhSHa98XZoWQOn2YgJF+dmDZSN1mpchKvE8Ly/LmOzyFzTN9VS2CCpLbYG/KE
r04/TYMQBcgtpzUxe+HiW/9Dp/7CoetEwxkliXcUuOiF
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:01:54 2025 by rpki-client