Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/XKgG62zA_oErLALpzkCNI0DmTv0.roa
File: XKgG62zA_oErLALpzkCNI0DmTv0.roa (raw, json)
Hash identifier: wJZ+gQJw5LYd0Ogyn/Nhy7AOAIhNmkdoMY4p8NT7WfA=
Subject key identifier: 5C:A8:06:EB:6C:C0:FE:81:2B:2C:02:E9:CE:40:8D:23:40:E6:4E:FD
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018CCA287688DB5EEF96148406FB57EBEBC4
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/XKgG62zA_oErLALpzkCNI0DmTv0.roa
Signing time: Tue 02 Jan 2024 12:31:38 +0000
ROA not before: Tue 02 Jan 2024 12:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210609
IP address blocks: 185.124.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:76:88:db:5e:ef:96:14:84:06:fb:57:eb:eb:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 2 12:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ca806eb6cc0fe812b2c02e9ce408d2340e64efd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:be:1f:e4:35:c3:13:78:0b:94:fd:0f:ae:0a:
d3:65:cb:40:c6:f0:b0:c1:ba:51:57:a5:c4:20:0a:
c9:cb:2b:1b:d7:98:24:19:af:43:54:10:ae:08:41:
c0:cb:99:da:97:18:53:36:89:60:bb:c2:02:31:44:
3c:54:12:82:45:4b:b3:02:9e:d9:db:a5:7e:1a:27:
cd:d8:4b:e2:fa:e1:36:d0:64:8f:30:30:ee:46:80:
11:89:7e:3e:e1:3f:c8:fa:a5:e8:b7:a3:45:c4:62:
87:00:99:88:2b:99:ba:d8:21:1e:13:15:91:7d:31:
bd:59:50:a8:c7:e9:42:dc:f2:b0:5d:c2:9c:f0:63:
2a:e9:f3:0c:77:45:ce:b9:a4:67:43:02:06:e6:f0:
c3:41:07:4f:29:47:48:05:30:c2:a1:77:d9:f8:03:
14:f5:da:10:64:30:68:c2:76:98:63:ff:37:34:fc:
d1:43:a0:25:7b:f3:fc:c8:a0:1c:d5:bd:31:49:18:
7e:3a:15:57:31:a1:99:bc:db:a8:bc:0b:fc:85:ae:
c9:c4:e2:ea:4f:76:59:e4:9f:c7:7e:67:15:da:92:
08:59:1d:2b:9a:e2:06:a4:3a:c7:f7:17:93:55:a1:
fd:61:1b:cd:73:c3:9b:8c:28:3e:65:23:0c:b1:4e:
50:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A8:06:EB:6C:C0:FE:81:2B:2C:02:E9:CE:40:8D:23:40:E6:4E:FD
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/XKgG62zA_oErLALpzkCNI0DmTv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.172.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:9c:ff:0e:05:89:02:f1:bd:65:3d:6c:de:7c:15:9c:3e:68:
4a:63:b3:05:f9:48:7f:6d:a3:f1:b3:ee:69:16:db:cb:d2:3d:
7d:40:55:b4:92:32:9e:a7:01:bd:99:dd:f1:5d:c8:49:1b:79:
2c:1b:11:eb:d3:a3:62:38:50:f7:42:40:03:fc:13:69:36:75:
15:eb:1b:9a:64:95:7e:65:73:0d:1f:23:6b:16:66:6c:eb:79:
ec:d3:eb:7c:99:a2:1f:e9:fa:90:9d:c3:0b:21:53:cc:92:f9:
d7:1d:5b:b6:2c:1f:fb:c2:cb:11:62:2e:a9:6a:f5:3c:54:9d:
e3:da:ad:ae:fc:cd:c6:44:89:bb:b8:91:59:b4:86:91:d4:49:
94:88:a9:8e:45:65:70:31:0b:9a:5f:4d:8d:d3:e4:ec:d5:eb:
1c:e7:48:92:53:1e:2c:d9:18:8f:76:14:ae:fd:a6:19:11:6b:
59:27:2b:dd:b2:12:c0:87:ee:92:ce:9a:1b:fd:4a:35:94:02:
56:43:f7:fb:05:04:64:d1:be:b9:71:61:a1:a0:84:29:56:93:
8e:1e:df:12:3c:3b:ee:5f:bb:a3:7b:a4:da:ce:fd:ce:fb:8c:
e0:03:dc:9a:dc:f7:49:41:2b:20:5e:8b:a2:af:9d:a8:9e:e1:
6b:d2:ec:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKHaI217vlhSEBvtX6+vEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwMTAyMTIzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E4MDZlYjZjYzBmZTgxMmIyYzAyZTljZTQwOGQyMzQwZTY0ZWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb4f5DXDE3gLlP0PrgrTZctAxvCw
wbpRV6XEIArJyysb15gkGa9DVBCuCEHAy5nalxhTNolgu8ICMUQ8VBKCRUuzAp7Z
26V+GifN2Evi+uE20GSPMDDuRoARiX4+4T/I+qXot6NFxGKHAJmIK5m62CEeExWR
fTG9WVCox+lC3PKwXcKc8GMq6fMMd0XOuaRnQwIG5vDDQQdPKUdIBTDCoXfZ+AMU
9doQZDBownaYY/83NPzRQ6Ale/P8yKAc1b0xSRh+OhVXMaGZvNuovAv8ha7JxOLq
T3ZZ5J/HfmcV2pIIWR0rmuIGpDrH9xeTVaH9YRvNc8ObjCg+ZSMMsU5QmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyoButswP6BKywC6c5AjSNA5k79MB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvWEtnRzYyekFfb0VyTEFMcHprQ05JMERtVHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXysMA0G
CSqGSIb3DQEBCwUAA4IBAQDOnP8OBYkC8b1lPWzefBWcPmhKY7MF+Uh/baPxs+5p
FtvL0j19QFW0kjKepwG9md3xXchJG3ksGxHr06NiOFD3QkAD/BNpNnUV6xuaZJV+
ZXMNHyNrFmZs63ns0+t8maIf6fqQncMLIVPMkvnXHVu2LB/7wssRYi6pavU8VJ3j
2q2u/M3GRIm7uJFZtIaR1EmUiKmORWVwMQuaX02N0+Ts1esc50iSUx4s2RiPdhSu
/aYZEWtZJyvdshLAh+6Szpob/Uo1lAJWQ/f7BQRk0b65cWGhoIQpVpOOHt8SPDvu
X7uje6Tazv3O+4zgA9ya3PdJQSsgXouir52onuFr0uxp
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:16:32 2025 by rpki-client