Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Rxjw6GvZJ2ZLPb4Xb6S2-JqgEDk.roa
File: Rxjw6GvZJ2ZLPb4Xb6S2-JqgEDk.roa (raw, json)
Hash identifier: X46QThg9Tp8PrLRkRpthrRQCbAk6j7hAEVWJJDQd31I=
Subject key identifier: 47:18:F0:E8:6B:D9:27:66:4B:3D:BE:17:6F:A4:B6:F8:9A:A0:10:39
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 0191D646A47169EAFACD86B138DA1E9F2BD1
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Rxjw6GvZJ2ZLPb4Xb6S2-JqgEDk.roa
Signing time: Mon 09 Sep 2024 10:13:59 +0000
ROA not before: Mon 09 Sep 2024 10:13:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 185.23.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 12:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:46:a4:71:69:ea:fa:cd:86:b1:38:da:1e:9f:2b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Sep 9 10:13:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4718f0e86bd927664b3dbe176fa4b6f89aa01039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:18:77:f9:0f:d1:42:48:c6:97:b6:8f:f0:69:
ce:c1:10:c9:df:c4:93:f8:b8:3c:1c:d5:56:7f:fa:
3b:6c:f0:d2:f0:ab:0e:fe:e4:42:2b:57:f0:81:d7:
14:77:1c:06:4d:1e:28:df:a4:80:b4:ee:91:24:40:
02:97:f7:d0:45:df:af:b8:47:88:ed:77:9f:fd:b6:
c3:3c:e0:15:0f:84:45:63:91:6c:67:99:38:5b:bd:
b8:5a:46:28:2d:e4:49:50:cf:99:f8:ec:30:bd:11:
8c:e3:d3:4c:78:d4:2f:1e:23:c4:0c:e5:03:c6:ef:
55:ee:65:6a:0f:de:15:cd:3b:3a:12:f8:3b:a3:fa:
b2:f1:45:fb:94:ba:ee:93:53:99:e8:ac:6b:03:28:
52:5e:42:21:f6:dd:2f:0b:87:54:9c:49:ce:e6:e2:
65:46:02:d5:e3:00:6a:bd:e9:59:70:9b:7c:16:e7:
34:ff:2a:30:59:8b:57:41:4d:8d:75:45:66:d8:f8:
2b:66:22:2d:15:06:3d:a1:8f:e5:73:54:72:c4:ec:
ec:d3:5d:bf:1c:de:4c:32:0e:46:dc:39:ed:5a:cd:
98:86:e2:ed:69:53:a6:c9:fc:2d:40:08:05:3a:b3:
61:98:0a:ed:38:75:e0:f7:1f:5a:4f:ae:62:9f:36:
7b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:18:F0:E8:6B:D9:27:66:4B:3D:BE:17:6F:A4:B6:F8:9A:A0:10:39
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/Rxjw6GvZJ2ZLPb4Xb6S2-JqgEDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.238.0/24
Signature Algorithm: sha256WithRSAEncryption
47:a3:ec:cd:5a:38:0b:34:e6:0e:20:97:81:b4:16:d4:1d:53:
77:ea:83:e3:6a:5b:39:09:7c:82:62:cf:ce:48:fc:e2:9b:ec:
24:0f:a7:3b:cf:32:16:d0:fc:a3:ab:fd:78:e0:5a:eb:ea:8a:
35:bf:6e:7b:9d:21:45:f4:04:f2:ed:8b:e8:70:7a:bc:c2:f1:
25:d0:e1:ff:87:c1:40:53:a0:93:4c:60:0b:bb:ad:cd:c0:ec:
65:72:da:c8:aa:a0:d7:20:49:c6:87:69:ae:82:5c:9c:40:9d:
ba:a1:de:f3:96:33:1a:3a:91:40:cd:4d:3f:15:e8:47:5b:73:
f7:ac:11:f2:c5:60:59:02:79:04:a5:3f:ea:a1:6b:6e:16:35:
08:7b:a2:bd:a8:10:a5:e1:ec:3a:4e:96:46:5d:29:c3:4f:07:
f6:02:af:4d:db:ce:90:8f:44:b1:65:31:94:cd:44:fb:ab:e0:
ff:a7:cb:6a:0e:12:1d:0f:6e:9a:05:04:4b:db:62:86:c9:e4:
5e:50:64:2a:43:4e:51:29:eb:41:85:85:d0:c8:29:f6:8f:37:
34:d3:51:8d:ae:da:53:9c:0d:48:7a:bb:c0:dd:39:4f:cb:50:
e7:72:24:7e:08:11:4d:63:dd:29:5e:e3:83:8b:98:e1:69:96:
8a:b4:87:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHWRqRxaer6zYaxONoenyvRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjQwOTA5MTAxMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzE4ZjBlODZiZDkyNzY2NGIzZGJlMTc2ZmE0YjZmODlhYTAxMDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Bh3+Q/RQkjGl7aP8GnOwRDJ38ST
+Lg8HNVWf/o7bPDS8KsO/uRCK1fwgdcUdxwGTR4o36SAtO6RJEACl/fQRd+vuEeI
7Xef/bbDPOAVD4RFY5FsZ5k4W724WkYoLeRJUM+Z+OwwvRGM49NMeNQvHiPEDOUD
xu9V7mVqD94VzTs6Evg7o/qy8UX7lLruk1OZ6KxrAyhSXkIh9t0vC4dUnEnO5uJl
RgLV4wBqvelZcJt8Fuc0/yowWYtXQU2NdUVm2PgrZiItFQY9oY/lc1RyxOzs012/
HN5MMg5G3DntWs2YhuLtaVOmyfwtQAgFOrNhmArtOHXg9x9aT65inzZ7TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcY8Ohr2SdmSz2+F2+ktviaoBA5MB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvUnhqdzZHdlpKMlpMUGI0WGI2UzItSnFnRURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRfuMA0G
CSqGSIb3DQEBCwUAA4IBAQBHo+zNWjgLNOYOIJeBtBbUHVN36oPjals5CXyCYs/O
SPzim+wkD6c7zzIW0Pyjq/144Frr6oo1v257nSFF9ATy7YvocHq8wvEl0OH/h8FA
U6CTTGALu63NwOxlctrIqqDXIEnGh2muglycQJ26od7zljMaOpFAzU0/FehHW3P3
rBHyxWBZAnkEpT/qoWtuFjUIe6K9qBCl4ew6TpZGXSnDTwf2Aq9N286Qj0SxZTGU
zUT7q+D/p8tqDhIdD26aBQRL22KGyeReUGQqQ05RKetBhYXQyCn2jzc001GNrtpT
nA1IervA3TlPy1DnciR+CBFNY90pXuODi5jhaZaKtIcq
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:36:59 2025 by rpki-client