Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/67c3ea-ed6a-4c29-a1ac-8a8a7ffdd9fd/1/UPKDwXPpKZ6epzNOR8ihTij9R1E.roa
File: UPKDwXPpKZ6epzNOR8ihTij9R1E.roa (raw, json)
Hash identifier: K6NwB+VhsH+5bGgLwzfVMfWeXBo8TJn1yWIQMCclXKs=
Subject key identifier: 50:F2:83:C1:73:E9:29:9E:9E:A7:33:4E:47:C8:A1:4E:28:FD:47:51
Certificate issuer: /CN=5ef1315c3c9239e8e1f4aa0c5b0743c3da5d77e3
Certificate serial: 018F9EDD651FABBA7CD88360B8DBF88C4B80
Authority key identifier: 5E:F1:31:5C:3C:92:39:E8:E1:F4:AA:0C:5B:07:43:C3:DA:5D:77:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XvExXDySOejh9KoMWwdDw9pdd-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/67c3ea-ed6a-4c29-a1ac-8a8a7ffdd9fd/1/UPKDwXPpKZ6epzNOR8ihTij9R1E.roa
Signing time: Wed 22 May 2024 05:54:20 +0000
ROA not before: Wed 22 May 2024 05:54:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60585
IP address blocks: 185.28.124.0/22 maxlen: 22
2a00:9ee0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9e:dd:65:1f:ab:ba:7c:d8:83:60:b8:db:f8:8c:4b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ef1315c3c9239e8e1f4aa0c5b0743c3da5d77e3
Validity
Not Before: May 22 05:54:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50f283c173e9299e9ea7334e47c8a14e28fd4751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:79:b8:8b:d7:64:e6:a0:dc:a6:ad:6e:40:
b2:42:02:f8:86:f2:94:26:19:59:26:67:72:8f:1c:
64:10:0a:7d:47:69:57:48:ce:26:d7:ba:c7:cc:71:
86:d1:94:5f:83:35:d8:a9:cf:21:12:53:6d:d0:3b:
2f:e8:a2:55:43:be:b6:f1:1c:79:f7:2b:3c:ec:72:
5b:b0:91:1e:50:7a:53:88:d5:e7:5e:de:fc:53:64:
b5:ac:5b:ec:63:06:5a:c1:61:83:dc:7b:76:f4:b6:
56:38:29:72:55:42:db:f9:c0:a9:30:48:d2:19:cf:
71:82:5d:f9:46:4d:60:11:05:61:37:a1:c8:da:fa:
c3:c7:b3:e5:0f:a9:e9:a0:43:78:f1:cd:fb:b2:da:
be:b4:21:d3:ab:10:66:6e:bf:87:c8:12:65:62:88:
19:6a:66:46:77:8c:74:f4:52:35:aa:30:5e:1f:24:
5b:28:70:e1:70:40:b5:b7:d7:56:64:08:ca:cb:11:
e6:53:df:8e:9b:5d:9e:7d:f0:28:53:c8:e7:01:8b:
e3:81:a1:df:ff:78:17:69:e9:b1:a3:88:5f:61:31:
6d:34:ee:db:49:34:b2:ad:2c:3d:20:72:e7:41:70:
cd:31:3d:68:3c:ea:76:c5:16:35:fb:03:b7:9c:37:
82:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F2:83:C1:73:E9:29:9E:9E:A7:33:4E:47:C8:A1:4E:28:FD:47:51
X509v3 Authority Key Identifier:
keyid:5E:F1:31:5C:3C:92:39:E8:E1:F4:AA:0C:5B:07:43:C3:DA:5D:77:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XvExXDySOejh9KoMWwdDw9pdd-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/67c3ea-ed6a-4c29-a1ac-8a8a7ffdd9fd/1/UPKDwXPpKZ6epzNOR8ihTij9R1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/67c3ea-ed6a-4c29-a1ac-8a8a7ffdd9fd/1/XvExXDySOejh9KoMWwdDw9pdd-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.124.0/22
IPv6:
2a00:9ee0::/32
Signature Algorithm: sha256WithRSAEncryption
7f:93:64:d8:98:02:a8:da:c0:f3:81:4f:81:b9:ce:ad:ba:8d:
af:f2:e9:27:0d:66:e7:34:9f:d0:5c:90:56:ef:dd:cf:45:09:
72:67:ec:e8:aa:66:70:e0:88:41:ef:60:0b:03:94:4e:d0:9f:
ee:f9:14:e3:ee:d9:f0:35:9c:9c:c2:07:e7:9d:c3:15:7b:69:
0a:81:c8:85:1e:c1:56:fc:1d:c2:8f:d4:12:db:3b:c5:7d:6a:
60:8d:1b:03:fc:3b:81:13:9f:c0:dd:a0:02:74:85:fe:7b:37:
90:e9:10:86:8a:fc:d0:da:d5:6a:73:89:ae:77:b4:32:53:62:
00:63:01:16:78:2c:f4:09:2b:b9:42:59:ab:c8:09:3a:c3:39:
4f:7b:aa:fd:e2:b1:19:86:24:a7:98:b4:91:b3:ae:55:67:7e:
6d:82:b8:9e:4f:fe:e3:e4:43:31:72:ca:54:20:8b:f1:5f:6b:
44:ef:7a:bf:e5:49:23:ae:8d:39:73:d9:d1:d6:f5:a5:fb:bd:
11:39:69:ba:ef:ec:30:53:e1:5e:3b:c2:99:86:25:1e:2a:0f:
51:56:ab:84:2d:d7:23:6d:1b:44:dd:37:55:7e:bb:92:a4:e3:
0a:d2:7d:36:b6:35:05:89:09:9f:02:b8:7a:84:7d:46:79:d8:
a0:e7:f0:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY+e3WUfq7p82INguNv4jEuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZjEzMTVjM2M5MjM5ZThlMWY0YWEwYzViMDc0M2MzZGE1
ZDc3ZTMwHhcNMjQwNTIyMDU1NDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGYyODNjMTczZTkyOTllOWVhNzMzNGU0N2M4YTE0ZTI4ZmQ0NzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5V5uIvXZOag3KatbkCyQgL4hvKU
JhlZJmdyjxxkEAp9R2lXSM4m17rHzHGG0ZRfgzXYqc8hElNt0Dsv6KJVQ7628Rx5
9ys87HJbsJEeUHpTiNXnXt78U2S1rFvsYwZawWGD3Ht29LZWOClyVULb+cCpMEjS
Gc9xgl35Rk1gEQVhN6HI2vrDx7PlD6npoEN48c37stq+tCHTqxBmbr+HyBJlYogZ
amZGd4x09FI1qjBeHyRbKHDhcEC1t9dWZAjKyxHmU9+Om12effAoU8jnAYvjgaHf
/3gXaemxo4hfYTFtNO7bSTSyrSw9IHLnQXDNMT1oPOp2xRY1+wO3nDeCAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFDyg8Fz6SmenqczTkfIoU4o/UdRMB8GA1UdIwQY
MBaAFF7xMVw8kjno4fSqDFsHQ8PaXXfjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHZFeFhEeVNPZWpoOUtvTVd3ZER3OXBkZC1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS82N2MzZWEtZWQ2YS00YzI5LWExYWMt
OGE4YTdmZmRkOWZkLzEvVVBLRHdYUHBLWjZlcHpOT1I4aWhUaWo5UjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS82N2MzZWEtZWQ2YS00YzI5LWExYWMtOGE4YTdmZmRkOWZk
LzEvWHZFeFhEeVNPZWpoOUtvTVd3ZER3OXBkZC1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRx8MA0E
AgACMAcDBQAqAJ7gMA0GCSqGSIb3DQEBCwUAA4IBAQB/k2TYmAKo2sDzgU+Buc6t
uo2v8uknDWbnNJ/QXJBW793PRQlyZ+zoqmZw4IhB72ALA5RO0J/u+RTj7tnwNZyc
wgfnncMVe2kKgciFHsFW/B3Cj9QS2zvFfWpgjRsD/DuBE5/A3aACdIX+ezeQ6RCG
ivzQ2tVqc4mud7QyU2IAYwEWeCz0CSu5QlmryAk6wzlPe6r94rEZhiSnmLSRs65V
Z35tgrieT/7j5EMxcspUIIvxX2tE73q/5Ukjro05c9nR1vWl+70ROWm67+wwU+Fe
O8KZhiUeKg9RVquELdcjbRtE3TdVfruSpOMK0n02tjUFiQmfArh6hH1Gedig5/Cm
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:42:14 2025 by rpki-client