Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/xyeI3V7x98BOyj_KcwS3IZ4CXKI.roa
File: xyeI3V7x98BOyj_KcwS3IZ4CXKI.roa (raw, json)
Hash identifier: NibHHhmPeD8GVP/Lp8gwnWFEbw/BwPzfjpDRDzws5UE=
Subject key identifier: C7:27:88:DD:5E:F1:F7:C0:4E:CA:3F:CA:73:04:B7:21:9E:02:5C:A2
Certificate issuer: /CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Certificate serial: 018CC56DF43379A43B5BB8AA0044BC68412B
Authority key identifier: 3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/xyeI3V7x98BOyj_KcwS3IZ4CXKI.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42202
IP address blocks: 185.206.188.0/22 maxlen: 22
2a0b:1740::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f4:33:79:a4:3b:5b:b8:aa:00:44:bc:68:41:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c72788dd5ef1f7c04eca3fca7304b7219e025ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ea:46:03:bb:57:b0:2d:51:7d:84:0f:8a:ac:
77:2e:f4:6b:c1:8d:ee:ce:5f:db:6d:91:94:cd:96:
42:2c:9a:2f:28:3e:c9:94:32:2d:79:e5:81:60:c3:
4a:cd:73:80:d7:a3:76:0d:bb:ce:03:ec:5d:31:c6:
8c:13:41:57:d5:8d:02:10:96:ea:a5:da:3f:53:ac:
13:c2:4f:5b:5f:8e:6b:90:8f:07:37:09:8c:1c:94:
8a:f3:2a:8d:f1:8a:d5:9e:e1:11:55:17:7e:35:38:
6d:7e:44:90:24:ec:aa:29:b9:b7:85:4e:64:51:36:
44:39:e8:75:a8:42:e0:d2:b3:52:3a:cd:97:68:02:
e7:e4:a2:44:0f:08:01:13:da:b8:da:22:28:aa:e2:
1a:6d:2f:5e:c3:e3:58:dd:30:16:c2:f7:4a:da:73:
9e:e3:f6:c9:27:5c:14:1c:ee:35:67:95:b1:1f:bb:
30:49:4e:05:e5:da:94:92:39:17:a5:72:29:90:95:
47:73:6f:a7:a9:b2:4c:d1:c4:9b:b8:d5:93:fb:e6:
55:5f:66:44:45:52:48:0d:68:9b:9e:66:60:7a:f4:
f6:b6:0d:dc:1c:29:7d:13:94:5f:b4:57:40:66:73:
c2:5c:3a:66:16:fa:99:47:fe:02:bf:ea:dc:81:4d:
36:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:27:88:DD:5E:F1:F7:C0:4E:CA:3F:CA:73:04:B7:21:9E:02:5C:A2
X509v3 Authority Key Identifier:
keyid:3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/xyeI3V7x98BOyj_KcwS3IZ4CXKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/O9lDbSE1wISJe3TGrTbaFwCnqY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.188.0/22
IPv6:
2a0b:1740::/29
Signature Algorithm: sha256WithRSAEncryption
83:c1:5c:0c:3e:dc:4c:ec:c8:88:fc:0d:04:30:fe:c8:5b:38:
97:01:de:e9:f4:85:a6:d3:38:e6:4a:f1:5a:14:49:79:e6:c4:
65:78:7c:4f:e5:0f:2a:2d:09:45:d7:70:1c:3e:1b:f3:20:20:
8f:ef:0b:2e:92:c4:78:71:d3:2f:e4:d8:ae:67:78:2e:7c:ee:
04:fa:2f:cb:6a:42:b9:6d:e9:0f:bb:30:62:94:bc:5e:cf:b6:
73:42:a5:4c:52:05:05:2f:8a:5b:d6:59:42:3e:ae:3c:6e:bc:
f6:9f:a1:f0:b1:46:e5:21:8b:4e:06:33:4c:28:01:e0:d0:d9:
c0:9b:df:48:94:0f:19:54:54:db:ff:5f:f3:6d:bf:c1:b0:08:
18:78:c0:47:4a:2c:ef:1f:b0:30:96:3e:56:9f:89:28:4a:f3:
81:75:eb:37:70:d5:58:b9:d8:80:7c:fd:b8:85:5a:a7:71:da:
d8:9c:9c:3d:11:a4:bd:ce:02:4d:1f:17:83:1c:d2:48:7d:ad:
9f:af:4a:c2:48:9d:45:c8:6f:e9:78:eb:9b:3b:a7:2f:2c:0c:
3a:33:0e:8a:49:a1:fd:81:ed:1c:39:b9:dd:e5:e0:0e:2b:54:
ff:72:0f:23:58:61:a5:5c:68:2e:b8:41:33:99:1f:1d:86:43:
bb:bb:98:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbfQzeaQ7W7iqAES8aEErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDk0MzZkMjEzNWMwODQ4OTdiNzRjNmFkMzZkYTE3MDBh
N2E5OGQwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI3ODhkZDVlZjFmN2MwNGVjYTNmY2E3MzA0YjcyMTllMDI1Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+pGA7tXsC1RfYQPiqx3LvRrwY3u
zl/bbZGUzZZCLJovKD7JlDIteeWBYMNKzXOA16N2DbvOA+xdMcaME0FX1Y0CEJbq
pdo/U6wTwk9bX45rkI8HNwmMHJSK8yqN8YrVnuERVRd+NThtfkSQJOyqKbm3hU5k
UTZEOeh1qELg0rNSOs2XaALn5KJEDwgBE9q42iIoquIabS9ew+NY3TAWwvdK2nOe
4/bJJ1wUHO41Z5WxH7swSU4F5dqUkjkXpXIpkJVHc2+nqbJM0cSbuNWT++ZVX2ZE
RVJIDWibnmZgevT2tg3cHCl9E5RftFdAZnPCXDpmFvqZR/4Cv+rcgU02CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMcniN1e8ffATso/ynMEtyGeAlyiMB8GA1UdIwQY
MBaAFDvZQ20hNcCEiXt0xq022hcAp6mNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTIt
MjYzN2QxMzMzOGYxLzEveHllSTNWN3g5OEJPeWpfS2N3UzNJWjRDWEtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTItMjYzN2QxMzMzOGYx
LzEvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc68MA0E
AgACMAcDBQMqCxdAMA0GCSqGSIb3DQEBCwUAA4IBAQCDwVwMPtxM7MiI/A0EMP7I
WziXAd7p9IWm0zjmSvFaFEl55sRleHxP5Q8qLQlF13AcPhvzICCP7wsuksR4cdMv
5NiuZ3gufO4E+i/LakK5bekPuzBilLxez7ZzQqVMUgUFL4pb1llCPq48brz2n6Hw
sUblIYtOBjNMKAHg0NnAm99IlA8ZVFTb/1/zbb/BsAgYeMBHSizvH7Awlj5Wn4ko
SvOBdes3cNVYudiAfP24hVqncdrYnJw9EaS9zgJNHxeDHNJIfa2fr0rCSJ1FyG/p
eOubO6cvLAw6Mw6KSaH9ge0cObnd5eAOK1T/cg8jWGGlXGguuEEzmR8dhkO7u5i6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:07 2025 by rpki-client